In my database I have a table for users, organization and other tables that contain organization's information, including IP's, account info, etc.

I need to give certain users permission to edit another organzations profile while still preventing them access to orgs who they don't need to edit.

One possibility I thought might work is a group system. Where I could put users in a group. For example, put user 1 and 3 into group "org A" and put user 2 and 4 into "org b".

Is this a good way to handle this type of permissions?

Maybe the group table would be something like

id, userid, groupname

Any suggestions?

Thank you,