Step 4:  Select the Roles Table (Database Security)

The Roles Table associates users with their assigned roles.

Role-based security requires users to belong to different roles.  Based on the roles assigned to individual users, they are granted access to specific pages that permit access for those roles.  Your database will need a table that identifies the role(s) assigned to each user.

Iron Speed Designer supports two different styles of user-assigned roles:

  1. User has only one assigned role.  Each user has one and only one role assigned to him.  The role assignment can be placed either in the User Table (see previous section) or in a separate Roles Table.

  2. User has multiple assigned roles.  Each user can have zero or more roles assigned to him.  The role assignments are in a separate Roles Table, effectively creating a one-to-many relationship between each individual user in the User Table and multiple corresponding entries in the Roles table.

If you are implementing role-based security, Iron Speed Designer requires one table in your database to be designated as a “Roles Table”.  The Roles Table contains a list of your application’s users and their respective roles.  The Roles Table can be any table in your application, including the User Table.  Within this table, you must have two important fields from which Iron Speed Designer builds the role-based mechanism in your application:

Field

Description

User Roles table

The table containing the list of user roles.

Note:  Only a subset of the tables and database views in your database are visible in the User Roles Table field.  By default, only those tables used by Application Wizard (for creating pages) are available in the Security Wizard.  To make other tables appear in this dropdown list, check the "Include table/view in application" option for each table desired in Databases for each additional table you wish to appear.

User ID Field

The User ID Field designates the field in the Roles Table that uniquely identifies each user.

Role ID Field

The Role ID Field designates the field containing the role assigned to the user.

Placing Role Information in Your User Table

In situations where an individual user has only one assigned role, the role assignment is usually maintained in the User Table directly, although there is no requirement that this information be in the User Table.

Field

Type

UserID

Integer

FirstName

String

LastName

String

UserName

String

Password

String

RoleID

String

Address

String

...

 

A User Table with a role assignment for each user.  This configuration permits only one role per individual user.

This example shows the table designated as your application’s User Table containing the sign in information (UserID, UserName, and Password), as well as the assigned role (RoleID).

Placing Role Information in a Separate Roles Table

In systems where individual users can have multiple assigned roles, the role information must be maintained in a separate roles table.  A one-to-many relationship exists between each individual user in the User Table and multiple corresponding entries in the Roles table.

Field

Type

UserID

Integer

RoleID

String

...

 

An example table definition of a Roles Table.  Because it is implemented as a separate table from the User Table, this Roles table permits multiple roles to be specified for an individual user.

 

UserID

RoleID

10

Customer

11

Customer Service Rep

11

Credit Card Authorizer

12

Marketing Manager

An example Roles table showing multiple roles assigned to certain users.

Iron Speed Designer creates application code for both of these scenarios based on how you identify the location of the role information in your database.

Selecting the Roles Table

In the Security Wizard, make these selections:

Field

Description

User ID Field

The User ID Field designates the field in the Roles Table that uniquely identifies each user.

Role ID Field

The Role ID Field designates the field containing the role assigned to the user.

See Also

Security Wizard