The application has built-in permission system which was based on ACL architecture, so you can set permission for role (group) or given user to separated modules.
After having groups, you can create new user for each group. In order to create new user, you go to manage users (User/User in back-end), here you can create, edit, delete or active for any user. User will have default permission according the group that it belong to (thus one user can’t belong to many groups). However you can still set special permission for individual user in a group from our User Management Modules.
Login to Admin => User => New Group policy to create a new user group. You may see the field called "Register through" that means, you are pointing a particular dynamic web form through which all members under the creating group's users will be registered. See the picture below :
Please note that, when you lock a user group means belonging group’s member can’t edit / reset the permission setting in future.
You can set or managed permission going to Admin -> Setup –> User Role Manager –> Permission location.