We have a web application where we need to create functionality for managing users, roles, modules and their permissions.
Below is the design we created. can someone tell me if this is the correct way to implement such functions?
The user table will have two columns as follows
1) Id 2) Name
The role table will have a role identifier and a role name.
A user can have several roles, therefore, we will have a table of links to a user role, which will have a user ID and a role identifier.
A role can be an administrator, user, moderator, etc.
There may be many modules, such as Country, States, Orders, Sections, etc.
Each role will have access to certain modules, since Admin will have access to all modules.
The user will have access to several modules, such as Order only, etc.
So, for this we have a separate table of static modules, which will have a module identifier and a name.
We will have another lookup table for the Role module, which will contain information about what role has access to which modules.
Again, each user will have some roles and, therefore, will have access to certain modules.
Now access to these modules is also based on permissions.
Just as the user will have only read permissions for states and countries, that is, he can only view data.
The administrator will have write permissions for states and countries so that he can add, edit and delete them.
So how can I implement / develop all this functionality in java?