Role permissions

So I know how to add a role {StaffOne,StaffTwo,User} etc to force authentication to view pages but is there any documentation for setting up its permissions too? Lets say I want StaffOne to only be able to view specific data or upload images where StaffTwo can only view its own data and not upload images etc. Thanks.

More info on how to set page permission can be found here:

You can also use the security API to set Visible/Disabled to various components: