While working on rebuilding a Royal College platform in the United Kingdom, we were tasked with a challenge on how to manage permissions where Groups played a major role in granting the correct access.
Having several entities in play, different roles in different Group types, with various fields from those entities deciding on the logic when granting access to a certain entity, the number of components used in the system quickly grew.
The system also had to plug into several other components the platform used such as Search API, Views API, Plugin API.