Skip to content
Advertisement

Which is the best practice for allowing users to acces a database from database perspective? One db user vs a db user for every user [closed]

So im planning to develop a test SaaS software for a hobby project, with an oracle xe database in the background. Basically, its just a registry applications for shops, to register products, and chat with the employees. So in my theory, the main question is how could the users accces the database for the best performance: using one schema, and everybody connect to the database through a default schema, or creating a schema for every user. Which could the most appropiate?

My main aspects are the followings:

  • Since oracle xe has limitations, i have to watch out for storage
  • If i want to give this application to more shops, then i have x, y and z shops, with a,b and c number of users who are using my application and connecting to my database. If my guessing is right, orace xe couldn’t handle that much user, and for this task, i need to upgrade the database.
  • I could create a schema for a shop if every user in that shop connects through one schema, but if every user has its own schema, i could not create a schema for every shop.

Sorry if my question is a bit messy, this is my first serious, real-world problem project, and im very new to database planning.

Advertisement

Answer

To me, it looks as one schema and many users.

Which XE is it? The most recent lets you store 12GB of user data which is quite a lot.

Creating a schema for every user is … quite strange. Why would you do that? Users will access data you store, but they don’t have to have their own schemas. That would, actually, make things way more complex as you’d have to grant access on objects & data (from user who owns everything) to each of those users (or use roles).

Additionally, you don’t even have to create database users – you could have your own “users” table, develop authentication (and then authorization) so that they would be able to connect to your application (that’s authentication) and do various things (read-only, insert new rows, manage current data … – that’s authorization).

As you use Oracle, I hope you consider using Oracle Apex as a tool to develop that application.

User contributions licensed under: CC BY-SA
4 People found this is helpful
Advertisement