Allow Admin role Changes to be kept

[kane-mason]

so currently, when you start up expressa, the Admin role is rewtitten with full permissions based on the collections present.

I like this behaviour as saves you creating all the permissions manually. However, if one has manually made changes to the Admin permissions they should be preserved. So instead of a fresh rewrite, we could merge the old with the new one.

An example of when the Admin role might not require a permission, is for system collections. ie collections that are not meant to be read by any human and are only used by the server process. Another example is sensitive data that we might not want anyone, even an admin to view

[thomas4019]

Hmm, I agree there could be permissions that you don't necessarily want admins to have. I think we could change the on load setup to only add permissions if they are missing, so if they're manually set to "false", then we could just keep that.

There may be a few places that assume an Admin has all permissions that would need to be updated too.