Public/system-design-101
1
0
Fork 0
mirror of https://github.com/ByteByteGoHq/system-design-101.git synced 2026-04-21 00:17:25 -04:00
Code Issues Packages Projects Releases Wiki Activity

Adds ByteByteGo guides and links (#106)

Browse Source 
This PR adds all the guides from [Visual
Guides](https://bytebytego.com/guides/) section on bytebytego to the
repository with proper links.

- [x] Markdown files for guides and categories are placed inside
`data/guides` and `data/categories`
- [x] Guide links in readme are auto-generated using
`scripts/readme.ts`. Everytime you run the script `npm run
update-readme`, it reads the categories and guides from the above
mentioned folders, generate production links for guides and categories
and populate the table of content in the readme. This ensures that any
future guides and categories will automatically get added to the readme.
- [x] Sorting inside the readme matches the actual category and guides
sorting on production
This commit is contained in:
Kamran Ahmed
2025-04-01 06:16:44 +01:00
committed by GitHub
parent 44f1251199
commit ee4b7305a2
493 changed files with 15791 additions and 1728 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
data/guides/how-do-we-design-a-permission-system.md Normal file
View File

@@ -0,0 +1,50 @@
---
title: "Designing a Permission System"
description: "Explore common permission system designs: ACL, DAC, MAC, ABAC, and RBAC."
image: "https://assets.bytebytego.com/diagrams/0300-permission-systems.png"
createdAt: "2024-02-13"
draft: false
categories:
- security
tags:
- access control
- rbac
---
![](https://assets.bytebytego.com/diagrams/0300-permission-systems.png)
The diagram below lists 5 common ways.
## 1. ACL (Access Control List)
ACL is a list of rules that specifies which users are granted or denied access to a particular resource.
* Pros - Easy to understand.
* Cons - error-prone, maintenance cost is high
## 2. DAC (Discretionary Access Control)
This is based on ACL. It grants or restricts object access via an access policy determined by an object's owner group.
* Pros - Easy and flexible. Linux file system supports DAC.
* Cons - Scattered permission control, too much power for the objects owner group.
## 3. MAC (Mandatory Access Control)
Both resource owners and resources have classification labels. Different labels are granted with different permissions.
* Pros - strict and straightforward.
* Cons - not flexible.
## 4. ABAC (Attribute-based access control)
Evaluate permissions based on attributes of the Resource owner, Action, Resource, and Environment.
* Pros - flexible
* Cons - the rules can be complicated, and the implementation is hard. It is not commonly used.
## 5. RBAC (Role-based Access Control)
Evaluate permissions based on roles
* Pros - flexible in assigning roles.