This is a very mind numbing experience to work through if you use document type control with multiple roles and document types.

Being able to manage this in an external app would help greatly.

Also, it would allow for reporting on how roles and priv. are set. The current system does not allow generation of a clean report on what a given role or user can do.