Ordinarily, building a system, a very important foundation is the User-Role-Permission-Node access module, which is most often RoleBasedAccessControl. This is a very important step when we are creating a multi-user app. The concepts involved here are User, Permission, Role.
User is the operator of the system, one user can have one's own permission, can belong to multiple roles, and can belong to multiple organizations. The user's permissions are his own permissions, belonging to different roles.
Very often there is a permission tree, and each permission as a node has its own level, two common responsibilities of the permission are CanGrantToOthers and CanVisit. The CanGrantToOthers allows the permission to be granted to others.
A role is to manage users with similar permissions. There are roles of SuperAdmin, Admin, User. Role also has a role tree.
To design the database, we will need to create the entities and relationship tables.
Users, Roles, Permissions, User-Roles, Role-Permissions. And we can think of the UI sequence that we can create already. In this way, a system foundation is done.