As someone that comes from DynamoDB, modeling a MongoDB schema to really fit deeply into my application is kinda confusing, specially since it has the concept of references and from what I read is not recommended to keep duplicated data to accomodate your queries.
Take the following example (modeled in mongoengine, but shouldn’t matter) :
#User class User(Document): email = EmailFieldprimary_key=True) pswd_hash = StringField() #This also makes it easier to find the Projects the user has a Role roles = ListField(ReferenceField('Role') #Project class Project(Document): name = StringField() #This is probably unnecessary as the Role id is already the project id roles = ListField(ReferenceField('Role')) #Roles in project class Role(Document): project = ReferenceField('Project', primary_key=True) #List of permissions permissions = ListField(StringField()) users = ListField(ReferenceField('User')
There are Projects and Users.
Each Project can have many Roles in it.
Each User can have one Role in a Project.
So, it’s a Many-Many between Users and Projects
A Many-One between Users and Roles
A Many-One between Roles and Projects
The problem is when I try to accomodate the schema to the access, because on every page refresh on the application, I need :
- Project (the id is in the url)
- User (email is in session)
- User permissions in that project (server-side security checks)
So, considering this is the most common query, how should I model my schema to accomodate it?
Or is the way I’m doing at the moment okay already?