when should I use a static array instead of a new table in my database?

Question

I've implemented an Access Control List using 2 static arrays (for the roles and the resources), but I added a new table in my database for the permissions.

The idea of using a static array for the roles is that we won't create new roles all the time, so the data won't change all the time. I thought the same for the resources, also because I think the resources are something that only the developers should treat, because they're more related to the code than to a data. Do you have any knowledge of why to use a static array instead of a database table? When/why?

Answer 1

The problem with hardcoding values into your code is that compared with a database change, code changes are much more expensive:

• Usually need to create a new package to deploy. That package would need to be regression tested, to verify that no bugs have been introduced. Hint: even if you only change one line of code, regression tests are necessary to verify that nothing went wrong in the build process (e.g. a library isn't correctly packaged causing a module to fail).

• Updating code can mean downtime, which also increases risk because what if the update fails, there always is a risk of this

• In an enterprise environment it is usually a lot quicker to get DB updates approved than code change.

All that costs time/effort/money. Note, in my opinion holding reference data or static data in a database does not mean a hit on performance, because the data can always be cached.