Preferred database design method for assigning user roles? (Hats vs. Groups)

Question

I have medium sized MySQL database with a primary \"persons\" table which contains basic contact information about every human being connected to the theatre and theatre school

Answer 1

For security I prefer to use Access Controls Lists (ACLs). With ACL's you have Principals (users or groups of users), Resources (such as a file, record or group of records) and Actions (such as read, update, delete).

By default nobody has any privilege. To grant a permission you add an entry like Bob has Read Access to File Abc.

You should be able to find code that helps you implement something like this. In Java the JAAS supports this method.