at some point, modules should be able to register new permissions & roles via the .config() block. Then, an admin user can assign these permissions and roles to users.
[ ] setup.perms()
[ ] setup.roles()
[ ] implicitly add all roles to admin? or all perms? ensure admin can always do all things in application.
[ ] ensure user editing (by admin) can add and take away perms to everyone
[ ] NOTE: is there a super admin user, who cannot have 'admin' role removed? else how to ensure security to the one main administrative user?
at some point, modules should be able to register new permissions & roles via the
.config()block. Then, an admin user can assign these permissions and roles to users.