I am working on a dynamic data website and one of the requirements was to add a layer of security around the different tables and functions (View, Edit, Delete, Update). I chose to use roles and modify the page templates directly to hide/show components. Sharing here for anyone looking for ideas. Role assignment was stored in tables (Users, Roles and UserRoles). A user's roles were stored in a session variable. Let's use the delete link in the grid as an example as follows.
And then I created a neat little page to manage roles