Define the role structure first, including branch access, so permission decisions stay grounded in the actual operating context.