One of the most basic features of administering user Web Site permissions through Drupal is by the creation of roles.
Rather than assigning individual permissions to each user, permissions are assigned to roles and roles are assigned to users. Using roles gives administrators greater control over permissions, and makes it easy to assign and remove roles when necessary.
For example assigning the role of "Author" to select authenticated users can be used to allow certain people to write and publish articles on your Web Site. Permissions for the "Author" role could open the permissions under "Node", "Article", - "Create new content", "Edit new content", and Delete own content" that other users and/or roles do not have. If a user no longer writes for your Web Site or if you want to strip them of the role for other reasons, their user role can be quickly modified by removing the "Author" role and thus, all the permissions assigned under that role.
Your first step is to go to Administration/People/Permissions/Roles. Once there you will find three default roles of "Anonymous", "Authenticated", and "Administration" along with a text box allowing the addition of a custom role.
To create a new role, all you have to do is come up with a name for it, type it in the textbox and "Add Role" to your list. To the right of your role will be an "edit role" and an "edit permissions" selection.
The "edit permissions" selection will show only the permission selections for the individual role making it easier to alter. This permission will also reveal itself at Administration/People/Permissions with all the other roles for your Web Site.
The "edit role" will only allow a role name change or a delete option. If you are deleting this role, be sure there are no users attached.
For a listing of all users with a specific role, go to Administration/People. The third column on this listing will display the role assigned to each users. The last "edit" column on the right of each user line at this location will lead back to the User Profile where roles may be assigned or removed. Note: A user may have more than one role at any given time. This makes it easy to divide permissions into multiple roles and allows for users to be assigned complex permissions.
If the Administrator is setting up a new User Profile (Administration/People/Add User) for the Web Site user, a role may be established at that time. Otherwise, the Administrator must go in after the user has set up their own User Profile and update the user's role.