There is 2 ways to handle it.
The easiest is to assign groups; super admin, admin, user, ect. to each user. I usually use a number (4, 3, 2, 1) for permission levels. You then setup a menu table in the database that has the menu name, the "include" file/page name, and the minimum permission level to access that file. Then your script checks the user permission level and display the links they are allowed to see. As well when they click a link you check if they have permission to view that page/file before you include it.
The second is bit more complicated. Create a database table that stores each pages permissions for each user. It will need a field for the user id, the file name, and permission (yes/no or 1/0). And for each page on the site there is one entry in the table for each user. Typically I have used check boxes in an admin page to grant or deny permission for a given user to each page. You may also want a table that stores each page for this just so you can easily add new user permissions if a new page is added to the site.
