Drupal permission, a user case

The objective of the site is to maintain a product listing.

• Each product composes of a title, description and quantity (CCK field).
• Each product belongs to a shop.
• Each shop has a manager.
• All products are visible to all.
• A manager can only add/edit products of his own shop.
• A site admin can create new shops and new managers.

How can I set the permission for the above scenario?

I am thinking of using Taxonomy for shop names, Taxonomy Access Control for permission control. Not sure whether I am on the right track though...

Besides, is Organic Groups also an option?

Thanks!

TAC solves your problems. I'm using it in a very similar scenario. Here's how to set it up:

1. Create a new content type "Product" with the fields you specified
2. Create a taxonomy term for each shop. Enable and require Taxonomy on the "Product" content type
3. Create a role for each shop
4. Enable TAC for that role
5. Set the TAC permissions for Global to allow View, but deny Update, Delete, Create and List.
6. Set the TAC permissions for the shop's term to allow View, Update, Delete, Create and List.
7. Save and rebuild permissions

That should do it, as long as your permissions for the content type are set up to allow anonymous users to view the fields in "Product".