RBAC Model

core concept: user,role,permission,operation,resource

1. user has many roles, assign role to user; one role can be assigned to many users.
2. user has many permissions, assign permission to user; one permission can be assigned to many users.
3. role has many permissions, a role is a package of permissions.
4. operation is like add, update, delete, import, download, visible, invisible, etc.
5. resource is like menu, button, or other screen elements.
6. permission has many resources and operations; one resource can be used by many permissions; one operation can be used by many permissions.