I would recommend creating two tables: one for users and parent-child table-set for authorization roles. The authorization role table-set defines what priviledges a particular role has. You would define roles in the parent table, and then what priviledges in the child table that are associated to the role. The user table would have roles assigned from the role table (could have more than one role assigned).

This arrangement allows for better management of authorizations (less maintenance) and greater flexiblity.