Do My Relationships Look Okay?

[JessiRight77]

Hello:

I need to create a database that tracks security rights assigned to
users (and groups) for certain projects. In other words, some
users/groups have the ability to view, modify, or delete documents
located within certain projects... and others don't.

Individual Users can be assigned to departmental Groups, and a user can
belong to more than one Group.

Security rights can be granted to either individual Users OR Groups.

More than one User or Group can be assigned to a project and, of
course, a Project can have more than one User or Group.

Would you guys please look at the relationships in my tentative table
design (see following link), and tell me whether I am on the right
track?
http://webpages.charter.net/mecars/

Thanks!
Jessi

 

[krazy darcy]

Unsure if theis is entirely relevant but spotted two potential issues:

What if there is a user with one level of rights (user rights) but he/she is
in a group with another level on rights (group rights)?

Or what if that individual is a member of two groups both on the same
project but differant group rights?

And yes I know you said that " Security rights can be granted to either
individual Users OR Groups" but if your projects become sizable with many
people working on them it may become easy for someone to be both access
granted as an individual and as a group or two if access rights are granted
in the database manually.

 

[JessiRight77]

The rights are cumulative... so if someone is assigned both
individually and through groups to a project, they will have all the
accumulated rights.

I was also wondering whether "rights" should be another entity. There
are rights that an individual user has to a project, and then there are
those rights that a group has to a project (even though a user may be
part of that group). Therefore, I thought it may be appropriate to
put the different "rights" under the joining tables of tblProjectGroups
and tblProjectUsers.

Thanks,
Jessi