The similar permissions issue in 3.2.5 has bothered me for a while.
A sitewide administrator should be a super-user and pass any and all
permissions checking.
I believe, especially with inheritance being one of the features
here, that an administrator of a higher level group should be
inherited as the admin of the lower level group.
- Site-wide Administrator
- Content Editors Group Administrator
- Content Creators Administrator
- Downloads Management Group Administrator
- Widget Programmers Administrator
So that in the above diagram a Site Wide Administrator, or a Content
Editors Administrator would pass a check for Content Creators Admin
privileges.
I think this needs to be considered as modules are programmed as
there may be a use for a non-inheriting function that checks if a
user is an admin in a lower level group but only an inheriting
function should be used for permissions checking.
