Role Based Access Control (RBAC)#
With an RBAC model - Role Based Access Control - a user is given a particular role. That role has a set of permissions attached to it, defining what it can and cannot do. After assigning a role to a user, the user gets all the permissions attached to the role.
Roles are usually defined to align with jobs, like a role called "DatabaseAdmin" might have permissions attached to it allowing administrative access to a database - users with such a role can administrate a database and do whatever they liked with it.
RBAC is a very common system as it's simple to understand and aligns well with organisational structure (like job titles.)