How to set up a schema for users to authorize access to certain information?

I have a social app that has a user_profil开发者_如何学Ce table with typical standard fields, such as

user_id (unique)
name

I want to allow users to share among themselves information saved in a separate table called info, which has these fields:

user_id_fk
agent_name
agent_phone
agent_address

So the idea is that if I'm user #1 and you're user #6 - I can authorize you to see the data in my info table. Then when you view my profile, a PHP function checks if you're authorized and shows a button linking to a page with my info.

My question is: what would be the best way to implement this?

I thought of some solutions but would like your opinion:

[1] create a new field in user_profile called info_access, which would contain a comma separated string containing all users that authorized access. The obvious downside are the limitations of such strings (eg, very difficult to delete a user_id if access to info is revoked, not normalized, etc)

3,23,14,12,11

[2] create a new table called info_access which would look like this:

user_id_fk    can_access
6             3              
6             23
6             14
6             12
6             11

In this case I would query as

select * from info_access where user_id_fk = 6

but am unsure how to code the PHP function to check if I will see the button when visiting the profile of someone who authorized me to view the info.

Any suggestions on the schema/code?

Second approach is the best approach for your problem. Then you can query info_access table to check whether a record for user id of the viewing profile and the user id of the viewer is exists in the info_access table.