There are a lot of places in the frontend controller where we perform a get_accessible_nodes_by_user() permission check that is completely unnecessary. For example:
1. hostgroups.php line 118: we don't need this check because only super admin can create host groups and they will always have permission to all nodes;
2. hosts.php line 355: permissions will be checked in the API;
3. sysmaps line 168: this check prevents an admin user that has no write permissions to any host groups from creating a map.
All of these checks have to be reviewed and the ones that are not required must be removed.