<blockquote><i>Personally I'd prefer to say that if a person or group needed admin privileges over a module but not over a child module then it should granted on the parent and then explicitly denied on the children since the site will, in my opinion, be much more manageable and understandable and those cases should be rare.
</i></blockquote>
This is exactly the approach that my thinking would lead to.
<p>
Now, whether it would be better or worse than the current scheme, I don't know offhand. I'm not claiming that permissions are a simple problem. And I'm not about to suggest large-scale changes based on a brief discussion.
But ... I do want to get people started thinking about the problem.
The large list of privileges that will be the result of the present scheme would be fine if, as I mentioned above, the permissions management UI only showed those perms that actually sensibly can be applied to a given object.
I don't think there's sufficient information in the RDBMS to do this at the moment, though ...
