So far, there are only two groups of users: super users and ordinary users. Sometimes it is although desired to have a finer granularity of user groups with different access rights. The access restrictions mechanism should also be made more structured and configurable. A first approach would be to identify all possible user actions (create image, rotate image...) or at least groups of user actions (create object, image operation...). System administrators should then be able to create different user groups with a configurable set of allowed user actions for each user group. That way, it would be possible to create user groups with individual access rights for different types of users like administrators, teachers, tutors, and students. Finally, every registered user needs only to be assigned to a user group in order to define his access rights.