MongoDB data model for folder structure with permissions

I’m trying to create a data model in MongoDB for a windows/unix like folder structure that contain files.
Users can have access to these files with permission read, write or both.

  1. User can have access directly on a file or by being member of a role that have access to the file
  2. Users can have access to folder or files
  3. If a user has access to a folder it also gets access to all files in that folder and all the sub folders
  4. There is no deny access rules
  5. There can be several thousand folder
  6. There can be several million files
  7. There can be around 20 000 thousand users

Is there any best practies modelling this structure in MongoDB?
Can anyone please point me in the right direction?

Hey @Eirik_Andersen,

Welcome to the MongoDB Community forums! :leaves:

From what you described, I think the Tree Model might be a good way for you to design your schema. In this, MongoDB allows various ways to use tree data structures to model large hierarchical or nested data relationships. Using this, you can model your data in the folder-like hierarchy that you mentioned.

Regarding the roles, MongoDB provides built-in roles with pre-defined pairings of resources and permitted actions. For lists of the actions granted, see Built-In Roles. To define custom roles, see Create a User-Defined Role.. You can read about Inherited Privilegages, which I feel might be suitable for your use-case.

Hope this helps. Feel free to reach out for anything else as well.