What is the best way to manage permissions for a web application - bitmask or database table?

Question

I\'m considering the best way to design a permissions system for an \"admin\" web application. The application is likely to have many users, each of whom could be assigned a

Answer 1

I think it's a general rule of thumb to stay away from mystical bitstrings that encode the meaning of the universe.

While perhaps clunkier, having a table of possible permissions, a table of users, and a link table between them is the best and clearest way to organize this. It also makes your queries and maintenance (especially for the new guy) a lot easier.