Roles system

The Role system applies directly to the modules within a project.

In order to create a new role, the administrator will have a list of all the active modules, and 4 columns with checkbox: READ, WRITE, CREATE, ADMIN.

The types have different stages of privileges:
Read Access: The User with this role can read all the items in the module.
Write Access: The User with this role can update all the items in the module.
Create Access: The User with this role can create new items in the module.
Admin Access: The User with this role can read/write/create items in the module AND change the access of the item.

How does this look in practice? Here is an example:
The administrator can define some roles like:

Admin Role
To do -> Read, Write, Create, Admin
Note -> Read, Write, Create, Admin
Project -> Read, Write, Create, Admin

Read Only Role
To do -> Read
Note -> Read
Project -> Read

Maintain Role
To do -> Read, Write
Note -> Read, Write
Project -> Read, Write

The role applies for each user in each project.
So in the Project Form, there is a Tab with all the users (except the current user) and a list of all the roles available.
The current user can´t change their role on one project, and if is the owner of it, will have complete access.

If one user don´t have any role on a project, the role of the parent project for this user is used.
The first role-project relation is for the root project, this relation can´t be deleted and is used by default. (Root Project <-> Admin Role <-> User ).
If a new user is created, then a new default relation must be inserted.

Note that the Role system must be combined to other access system like:
- Rights on each item.
- Module access