Prevent two users from editing the same data

2019-02-18 08:31发布

问题:

I have seen a feature in different web applications including Wordpress (not sure?) that warns a user if he/she opens an article/post/page/whatever from the database, while someone else is editing the same data simultaneously.

I would like to implement the same feature in my own application and I have given this a bit of thought. Is the following example a good practice on how to do this?

It goes a little something like this:

1) User A enters a the editing page for the mysterious article X. The database tableEvents is queried to make sure that no one else is editing the same page for the moment, which no one is by then. A token is then randomly being generated and is inserted into a database table called Events.

1) User B also want's to make updates to the article X. Now since our User A already is editing the article, the Events table is queried and looks like this:

|   timestamp   |   owner   |   Origin      |   token      |
------------------------------------------------------------
|   1273226321  |   User A  |   article-x   | uniqueid##   |

2) The timestamp is being checked. If it's valid and less than say 100 seconds old, a message appears and the user cannot make any changes to the requested article X:

Warning: User A is currently working with this article. In the meantime, editing cannot be done. Please do something else with your life.

3) If User A decides to go on and save his changes, the token is posted along with all other data to update the database, and toggles a query to delete the row with token uniqueid##. If he decides to do something else instead of committing his changes, the article X will still be available for editing in 100 seconds for User B

Let me know what you think about this approach!

Wish everyone a great weekend!

回答1:

Does editing an article always take less than 100 seconds ?



回答2:

Yeah, that's great and should work fine.

In addition, I'd add the possibility for user B to break the lock - if that's at all wanted!

That is, the possibility to replace A's lock by B's. This way, you could avoid the time restraint, and they would see 'Hey, this is being edited by A, and this lock is XXX seconds/minutes old. Do you want to break this lock?'.

With nice users (i.e. no malicious admins), this approach may be better than having just 100 seconds to edit something - sometimes you just need more time.



回答3:

Sounds like it will work fine. If you want to denormalize this and remove the extra Events table, just add a UserId and Timestamp field to the Articles table, as that is all you really need.

You can easily check if the UserId doesn't match and if the Timestamp is less than 100 seconds old, then show the message.

This way, you won't have to do any deletions on a separate table.



回答4:

I'd just add that you could have an AJAX query fire every minute or so if something has been done on the page to update the timestamp.