In simple applications, access control can be managed with static roles or even with an
isAdmin column in the simplest cases.
If there are only two categories of users, administrators and non-administrators, a simple solution is to add an
isAdmin column to the
user table. Then authorization is handled by looking at the
isAdmin property of the
If it exists more than two categories and/or a user can belong to several categories then defining a
roles property can also be a solution.