Hi,<BR><BR>I want to design a usergroup with authority system. <BR><BR>e.g. I have 3 modules in which each module has 4 functions: View, Create, Edit and Delete.<BR><BR>If the user is registered under that usergroup, and this usergroup has the rights to perform above 4 functions in one module, he can execute those 4 functions in that module, but not other 2 modules except his group can obtain proper rights.<BR><BR>Here are my DB schema:<BR><BR>User table<BR>Userid int PK<BR>Username nvarchar<BR>Usergroupid int<BR><BR>Usergroup table<BR>Usergroupid int PK<BR>Usergroupname nvarchar<BR>Parentgroupid int // one group may under other group<BR>FunctionRightID int // FK of the function name and action <BR><BR>FunctionRight table<BR>FunctionRightID int PK<BR>FunctionName nvarchar<BR>View bit // 0 is allowed to view; 1 is not allowed to view<BR>Create bit<BR>Edit bit<BR>Delete bit<BR><BR>So, the function code will check the user permission by checking the usergroup and functionright tables.<BR><BR>I want to have a log table to record the action of user.<BR><BR>Log table<BR>logid int<BR>userid int<BR>username nvarchar<BR>usergroupname nvarchar<BR>funtionname nvarchar<BR>actionname nvarchar // View/Create/Edit/Delete<BR>result bit //0 is sucess; 1 is fail<BR><BR>My questions are<BR><BR>1. Any better way to do the user authority? How should I improve the 3 tables schema?<BR>2. How to do coding to check right of each action View/Create/Edit/Delete when the user execute them?<BR>3. I do not know how to deal with the actionname of the log table. Because it is a setting of bit of the 4 funtions in FunctionRight table. But, I just want to show whether the action of that function is success or not.<BR><BR>Thanks for help<BR>