Roles needed

[alexago]

Issue : any user (author, because in current implementation any user can be author) can change site settings

To deal with it, we need introduce roles.
At least we need admin/owner and author.
Maybe, user role (which is not author) needed as well

[Rajan]

You're right. We need 3 roles.

1. User: Can create an account and probably read/bookmark/comment. Should be the default role.
2. Author: A user can be promoted to author role and they can start posting.
3. Admin: Only role having access and capable of changing settings.

Thoughts?