Role Based Access Control - evan-401-advanced-javascript/seattle-javascript-401d31 GitHub Wiki

Role based access control is the security practice of assigning permissions to systems based on user groups rather than blanket access to all user. By creating user groups control can be given to similar groups of user based on what information they need to access for their given role. This helps prevents users from accessing parts of the systems that could lead to data leaks. While in smaller companies it is possible to assign permissions on an ad-hoc basis this becomes unwieldy as the companies size continue to grows. User groups allow for a scalable and easy to use system for managing large groups of users.