Role Based Access Control in a Tree System
why reinventing the wheel? Why don't you implement the Role Based Access Control standard? http://csrc.nist.gov/groups/SNS/rbac/
There are implementations for all databases.
http://www.tonymarston.net/php-mysql/role-based-access-control.html
If this is not too late, have a look at this: