Is it reasonable for a role to have both administrator and user permissions?

explore the following example:

1. Background:

A system faces 2 objects and has the following permissions

users: you can pay bills, apply for invoices, and apply for refunds

Administrator: you can agree to apply and invoice the user, and you can agree and give the user a refund

2. Question:

is it reasonable to design a role that can do both a user and an administrator at the same time?

3. Attach:

generally speaking, is it a great security risk that an account involves both administrator and user permissions?


it really doesn't make sense if there are only two identities: administrator and user.
A role is a user and an administrator at the same time, so the administrator has too much authority and is generally not designed in this way, similar to the fact that sellers and buyers on the shopping network cannot play the same role at the same time.
consider adding an object, Super Admin: all permissions, but only one. On the other hand, ordinary administrators inherit some of the capabilities of super administrators (separate from user functions and cannot operate on administrators)

MySQL Query : SELECT * FROM `codeshelper`.`v9_news` WHERE status=99 AND catid='6' ORDER BY rand() LIMIT 5
MySQL Error : Disk full (/tmp/#sql-temptable-64f5-1bdeb14-31431.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
MySQL Errno : 1021
Message : Disk full (/tmp/#sql-temptable-64f5-1bdeb14-31431.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
Need Help?