DEV Community

Manda Putra
Manda Putra

Posted on

5 1

How do you design your noSQL database for RBAC system?

#explainmelikeimfive #discuss #mongodb #nosql

RBAC is like an user role system, in word-press or any CMS and dev.to have it too. But how do you design your database in mongodb/nosql? since the bad and good of nosql it is fluidness and dont care much about our database design (IMO) how would you make it on mongodb/noSQL? using collection as a pivot? same as SQL database?

Here is the things.

  1. User had a role
  2. User had a menu
  3. Some user just can see the menu, but cant edit/update the menu
  4. Some user fully get all access to the menu

EDIT:

Here comes my schema approach so far :

menus.model.js

module.exports = function (app) {
  const mongooseClient = app.get('mongooseClient');
  const { Schema } = mongooseClient;
  const menus = new Schema({
    name: { type: String, required: true },
    slug: { type: String, required: true },
    menu_roles: [{
      roles_id: { type: Schema.Types.ObjectId, ref : 'Roles' },
      roles_name: { type:  String },
      create: { type: Boolean },
      delete: { type: Boolean },
      update: { type: Boolean },
      read: { type: Boolean },
    }]
  }, {
    timestamps: true
  });

  return mongooseClient.model('menus', menus);
};
Enter fullscreen mode Exit fullscreen mode

roles.models.js

module.exports = function (app) {
  const mongooseClient = app.get('mongooseClient');
  const { Schema } = mongooseClient;
  const roles = new Schema({
    name: { type: String, required: true },
    slug: { type: String, required: true },
  }, {
    timestamps: true
  });

  return mongooseClient.model('roles', roles);
};
Enter fullscreen mode Exit fullscreen mode

users.models.js

module.exports = function (app) {
  const mongooseClient = app.get('mongooseClient');
  const { Schema } = mongooseClient
  const users = new mongooseClient.Schema({

    email: {type: String, unique: true, lowercase: true},
    password: { type: String },
    first_name: { type: String },
    last_name: { type: String },
    roles: { type: Schema.Types.ObjectId, ref : 'Roles' },

  }, {
    timestamps: true
  });

  return mongooseClient.model('users', users);
};
Enter fullscreen mode Exit fullscreen mode

Still on work, feedback are pretty welcome thanks!

profile
AWS
 Promoted

AWS GenAI LIVE image

Real challenges. Real solutions. Real talk.

From technical discussions to philosophical debates, AWS and AWS Partners examine the impact and evolution of gen AI.

Learn more

Top comments (2)

Collapse
 
guillerbr profile image
Guiller

Use npm module access control,RBAC module functions for no Node.

Collapse
 
mandaputtra profile image
Manda Putra

Hi, what do you mean? I just made my own middleware to every request so they check user permission on every request.

profile
Coherence
 Promoted

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

Read next

puratabla profile image

What Is the Formula for Momentum Calculation in 2025?

olasperu -

mastermentee profile image

How Improv Helped an Amazonian Overcome Stage Fear

Keyul Patel -

aboesig profile image

How to use Native Share on iOS and Android

Andreas B. Vestergaard -

doriansabitov profile image

Critical Communications in Salesforce: Custom Notifications and Alerts

Dorian Sabitov -

DEV Live Events

AWS GenAI LIVE!

GenAI LIVE! is a dynamic live-streamed show exploring how AWS and our partners are helping organizations unlock real value with generative AI.

Tune in to the full event

DEV is partnering to bring live events to the community. Join us or dismiss this billboard if you're not interested. ❤️