Hi.
Provide your PC with different level of groups (Admins, Principals, Teachers)
Assign appropriate group to your users list.
Then in your project/solution, for each method which must be accessible or restricted for appropriate group write something like that:
[PrincipalPermission(SecurityAction.Demand, Role = @"BUILTIN\Administrators")]
public void SomeMethod()
for restriction use follow:
[PrincipalPermission(SecurityAction.Deny, Role = @"BUILTIN\Administrators")]
public void SomeMethod()