Stephen,
The reason I would like, and will likely write a new direct permission checking function, is that it is much more efficient to do this type of checking, and provides more relevent information, in certain cases.
Here is an example. I am working on a new ecommerce package that I am calling Merchant System. In this package, customers are acs_objects which are mapped to users. A user can be mapped to multiple customer objects, and a customer can be mapped to multiple users. Each user is assigned a privilege in respect to a customer object, and all objects created by users for a particular customer have a context_id equal to the customer_id. All I need to do to verify that a particular user can see/edit/delete customer information is available by looking in the acs_permissions table. The user is validated against the customer by only checking the user to customer mapping table. Permission_p can still be used, but the specific design of the application allows more efficient checking.
So the crazy thing is that admins can do anything anywhere regardless of permission checks involving permission_p, it is like being root and happily deleting everything.
I see the point of Don's idea of scoping the permission check. To me it makes sense that an admin should have free reign somewhere in the system, but when they wander down to application land, their rights should be cut.
