More granular user permissions - feature investigation

[mhijaziB]

Our current user permissions are predefined for the users and cannot be changed in any way or form.

It would be a good practice to give users more control over permissions:
1- Create different permission groups
2- CID vs realm scope
3- Full control over ACL (access control list) per group

How feasible is this do?
When can it be done?

Note: The idea was requested by a customer. They might be able to do it for themselves via Private Cloud, yet it would be a good upgrade to our Portal as well.

[cdhanna]

we need to talk to @jstnlef , and @ben-beamable , and @ali-beamable about this.
From my POV, this is absolutely possible, but, it is the opposite of our general SaaS offering.
It would require a fair amount of effort from backend, and portal.