I'm currently working on a data storing project where report documents are separated into folders on a treeview control.
I need to design a way so that different user groups can only see or access treeview control nodes that they have permissions for.
For example lets say we have 3 Usergroups and 4 Folders.
Usergroup 1 has access to all folders.
Usergroup 2 has access to folders 2 and 3
Usergroup 3 has access to folder 4.
How would I design the SQL side to reflect a system like this?
I originally thought it would work by having a Folder permissions table with a string like follows:
FolderID | Permissions
Folder 1 | Usergroup1,Usergroup2
When the treeview selects the nodes from the folder it would separate the permissions string by the "," and checking if user A is in that group if so display otherwise not make it visible.
Is there a better way? preferably with Read,Write,Copy and delete privileges too?
[EDIT]
Also how would I have users in multiple groups? the solution needs to be as small as possible since there will be a huge amount of groups, 4 per building, 100 buildings etc with potentially limitless folders.