Rights access is important. First, you can create several specific roles. Then, create some users, and specify the role permissions just set for these users. This is a very scientific account management idea.
Besides, by Logs service, you can see the operation log of your own or other account. Of course, if you are an administrator, you can see the operation log of all users. If other players need to get some special permissions, the administrator has this right to specify some permissions to the designated user.