I have a project that I am working on and I've been researching about having User Levels and the recommended & secure ways of doing it. The project will have some more complex stuff like groups, users, pages, chat and I don't want to make some changes now and be required to re-change the logic when I will add the other features. I would like some advice or help on this, I would appreciate it very much.
The way I was thinking was either
-
Have a table named userlevels (for example) with 3 columns
ID
,Name
,Permissions
1, user 2, Administrator, {"admin": 1} with json
OR
-
Have an additional row with permissions in the normal users table, and have a row for example
is_admin [0,1]
Is it okay to do it like this ? If you have any other ideas for me I would honestly appreciate it very much. Thanks in Advance!