Access Control

• Role-based access control defines Admin, Editor, Viewer, and Publisher roles.
• Attribute-based access control augments RBAC with flags such as writeJsCode permissions.