Here's how I typically set up users/roles/rights:
actions
id unsigned int(P)
description varchar(255)
|---|----------------------------|
|id | description |
|---|----------------------------|
| 1 | Warn users |
| 2 | Suspend users |
| 3 | Edit/delete users |
| 4 | View groups |
| 5 | Add groups |
| 6 | Give root access to groups |
| 7 | View backend |
| 8 | Edit fora |
| 9 | Add fora |
|---|----------------------------|
groups
id unsigned int(P)
name varchar(50) // Admins, Moderators, etc.
|---|------------|
|id | name |
|---|------------|
| 1 | Admins |
| 2 | Moderators |
|---|------------|
groups_actions
id unsigned int(P)
group_id unsigned int(F groups.id)
action_id unsigned int(F actions.id)
|---|----------|-----------|
|id | group_id | action_id |
|---|----------|-----------|
| 1 | 1 | 3 |
| 2 | 1 | 5 |
| 3 | 1 | 9 |
| 4 | 2 | 2 |
| 5 | 2 | 4 |
| 6 | 2 | 8 |
|---|----------|-----------|
users
id unsigned int(P)
username varchar(32)
password varbinary(255)
email varchar(255)
|---|----------|----------|-------|
|id | username | password | email |
|---|----------|----------|-------|
| 1 | user1 | **** | xxxx |
| 2 | user2 | **** | xxxx |
| 3 | user3 | **** | xxxx |
|...| ... | ... | ... |
|---|----------|----------|-------|
users_groups
id unsigned int(P)
user_id unsigned int(F users.id)
group_id unsigned int(F groups.id)
|---|---------|----------|
|id | user_id | group_id |
|---|---------|----------|
| 1 | 1 | 1 |
| 2 | 2 | 2 |
| 3 | 3 | 1 |
| 4 | 3 | 2 |
|---|---------|----------|
User 1 is an Admin
User 2 is a Moderator
User 3 is both an Admin and Moderator