ROLES for a typical web application
Roles help define WHICH USERS can do WHAT. So – an ADMIN is a super ROLE – wherein all users belonging this ROLE, can do things that regular users cannot. A GUEST ROLE would be the polar opposite of an ADMIN role – with severely restricted capabilities.
To begin with, your app should think about just these two roles – GUEST and ADMIN. The GUEST role can simply VIEW data – and not perform any updates, inserts etc. Typically, a web app allows users to edit their own profiles and/or edit/update SOME data , though not ALL data. To accommodate this intermediate ROLE, you can define a MEMBERS ROLE. A user in/with the member role would be able to do more than a GUEST but far less than an ADMIN. Finally, an ADMIN role would allow admin users to edit, create , update all user data. To begin with, you do not need really need more than these 3 levels or authorization roles.
Some applications may define a REPORTING ROLE – for users who are allowed to run reports.
Leave a Reply