mysql> select * from auth_permission;
+—-+————————-+—————–+——————–+
| id | name | content_type_id | codename |
+—-+————————-+—————–+——————–+
| 1 | Can add log entry | 1 | add_logentry |
| 2 | Can change log entry | 1 | change_logentry |
| 3 | Can delete log entry | 1 | delete_logentry |
| 4 | Can view log entry | 1 | view_logentry |
| 5 | Can add permission | 2 | add_permission |
| 6 | Can change permission | 2 | change_permission |
| 7 | Can delete permission | 2 | delete_permission |
| 8 | Can view permission | 2 | view_permission |
| 9 | Can add group | 3 | add_group |
| 10 | Can change group | 3 | change_group |
| 11 | Can delete group | 3 | delete_group |
| 12 | Can view group | 3 | view_group |
| 13 | Can add user | 4 | add_user |
| 14 | Can change user | 4 | change_user |
| 15 | Can delete user | 4 | delete_user |
| 16 | Can view user | 4 | view_user |
| 17 | Can add content type | 5 | add_contenttype |
| 18 | Can change content type | 5 | change_contenttype |
| 19 | Can delete content type | 5 | delete_contenttype |
| 20 | Can view content type | 5 | view_contenttype |
| 21 | Can add session | 6 | add_session |
| 22 | Can change session | 6 | change_session |
| 23 | Can delete session | 6 | delete_session |
| 24 | Can view session | 6 | view_session |
| 25 | Can add friend | 7 | add_friend |
| 26 | Can change friend | 7 | change_friend |
| 27 | Can delete friend | 7 | delete_friend |
| 28 | Can view friend | 7 | view_friend |
+—-+————————-+—————–+——————–+
mysql> describe auth_user_groups;
+———-+———+——+—–+———+—————-+
| Field | Type | Null | Key | Default | Extra |
+———-+———+——+—–+———+—————-+
| id | int(11) | NO | PRI | NULL | auto_increment |
| user_id | int(11) | NO | MUL | NULL | |
| group_id | int(11) | NO | MUL | NULL | |
+———-+———+——+—–+———+—————-+
3 rows in set (0.00 sec)
user_id 2のユーザにcan view userとcan add userのpermissionを追加します。
mysql> select * from auth_user_user_permissions;
+—-+———+—————+
| id | user_id | permission_id |
+—-+———+—————+
| 2 | 2 | 13 |
| 1 | 2 | 16 |
+—-+———+—————+
2 rows in set (0.00 sec)
なるほど、一つのpermissionごとに一つのレコードが増えていく構造です。
ER図を書き直します。
auth_permissionは各テーブルのadd, change, delete, viewの権限があり、userやgroupと紐づけられる構造になっています。
テーブル構造は理解したが、念の為groupの挙動も確認します。