Since this application only uses a single User table, roles and permissions must be well-defined. To do this, there should be an access control list that assigns roles to each user and filters what features the user can access in accordance with his role.
Executive (exc) - Executive administrators of the company. Holders of the rank/s of CEO, CTO, and heads of the different departments. only their collective votes can change roles and permissions in uni portal as well as general company policy.
Managers of Operations (mgo) - Second-tier personnel. includes project managers (software engineering department) and level-2 employees (hr generalist lv. 2, logistics lv. 2, senior sales officer, accounting officer lv.2). can approve requests by employees assigned to them (leaves, overtimes). can see attendances of all other employees.
General employees (gne) - lower tiers of personnel. the rest of the workforce
Since this application only uses a single User table, roles and permissions must be well-defined. To do this, there should be an access control list that assigns roles to each user and filters what features the user can access in accordance with his role.