RBAC
a gentle introduction to roles
How can we bring this idea into practise? Web applications generally have a natural understanding of roles as guided by user status and page access.
Page access: manage-personnel-*, manage-finance-*, client-*, clerk-*. E.g., client-home, client-withdraw-request, clerk-withdraw-process, manage-personnel-home.
- Manager user: one or more rights of managing personnel, managing finance.
- Client user.
- Clerk user.