sofer
commented
8 years ago It may be over-kill. If you have something that implements something as general-purpose as RBAC you will have most use cases covered, but I suspect that we won't need much more than 3 or 4 boiler-plate roles in 9-out-of-10 cases.
The way most CMS systems manage personal privileges is based on https://en.wikipedia.org/wiki/Role-based_access_control should we implement it?