according to your scene setting, you need five tables

1. Role-define role name: field id, name
2. Function-defines all pages that need to control access id, page_url, name-- page_url is relative path , indexed
3. RoleFunction-defines the pages that roles can access id, role_id, function_id
4. Member-define people and assign roles to id, name
5. MemberRole-assign one or more roles to a person id, member_id, role_id

with the above four tables, determine whether the current user has permissions before entering each page that requires authorization

1. get all the role, of the current user according to the MemberRole table, and then get all the accessible page_url
2. if the pageUrl of the current page is in the page_url returned above, the content is displayed to the user. Otherwise, it prompts the user that he does not have access rights.

these two steps can be done using a sql statement.

if you want more complex functions, such as administrators can edit A page, and other users can only view A page, you need to add a field opeartion, in the RoleFunction table with values of edit and view

RBAC permission Design