Currently, a user cannot delete a parameter unless he has permission to delete the whole host. That's not going to work in our infrastructure, and I suspect the same for others too. I want to give lower levels of support the ability to modify a host (including creating or destroying parameters) but not to delete the whole host (along with it's reports, which are valuable).

Furthermore, it probably makes sense to have a similar separation for the classes tab as well - I'd really like to restrict one level of support to parameters only, and the next level to editing (but not deleting) the whole host, and the top level has full access. However, only the parameter ACl is really needed right now.

I'm happy to have a go at this, so this feature request is mainly to remind me :)