Revokable Discretionary Tree
For my own understanding, I'm writing a Hierarchical Discretionary Access System. It is not DAC, it is more akin to Discretionary RBAC, but those details do not matter for the question at hand.
Each user has a certain Role; each Role has a certain set of permissions.
Each Role is organised in a hierarchical tree-like structure: the role named root has all permissions; child roles of root have a subset of the permission of their parent role.
Schematic views of the above: 
Let's say that a user with the role named manager decides to delegate the permission named set_salary to a user with the role named programmer, who subsequently delegates this permission to the user with the role named intern.
Somebody decides to fire said user with the role named manager. As a result, the role named manager is revoked from said user. What is more, all permissions delegated by said user also need to be revoked.
So my question is:
Is there a data structure which facilitates easy identification of:
- the chain of permissions delegated by a certain subject within a hierarchical tree structure;
- whether or not a certain permission has been delegated to a certain subject?
How about an adjacency list ?
Or in other words, 'a list of linked lists', similar to how we use it in representing graphs.
Each user can be associated with a delegation linked list.
A node of the delegation linked list can be of the form <permissionId, userId>, denoting that the owner of the linked list has delegated the permission permissionId to the user userId. Then we can go through the linked list of the user userId and repeat the same process recursively until we find a user whose delegation linked list is empty.
This algorithm is basically the same as Depth-first search.
- How to list all the removable devices with DBus and UDisks2?
- gobject/gnome/glib bindings for D using GIR?
- How do nested functions get compiled?
- The "this" pointer and message receiving in D
- 64-bit executables with DMD
- GtkD with D lang on Fedora
- Why Android used Java concept instead of D language or C or C++? But Chromium web browser is in C++, its very complicated match
- How to use MongoItemWriter to write a List<T>
- Why a function with protected modifier can be overridden and accessible every where?
- Convert Unicode const(uint)* to a dlang character type
- Compiling D with Code::Blocks
- DMD vs. GDC vs. LDC
- Rendering a font in raylib using freetype
- Digital Mars D compiler; acquiring ASM output
- D Programming: openssl rsa forward reference compiler error
- D compiler DMD doesn't link object files
- OPTLINK: Warning 23: No Stack
- Is there a limit in the amount of temporary generated symbols during a project build using dmd 2.063?
- Is this the right way to combine Garbage collected with none Garbage collected code in D
- D compiler (Digital Mars D Compiler) throwing error
- Which D Compiler to Use?
- Splitting a string treating multiple whitespace as one separator
- Proper way of passing array parameters to D functions
- Detailed Valgrind internals documentation
- Is it possible, in D, to tell the garbage collector to not scan a particular pointer (or anything below it)?
- Iterate over key/value pairs in associative array in D.
- Dlang associative array of an array of strings keyed by a string has unexpected behavior
- How to repeat a statement N times (simple loop)
- Is worth the effort to learn D?
- ld: undefined reference to object I can see in objdump