The map permission model is an obstacle to a number of maps. While you could argue that's only the tip of the iceberg of the permission system, it's one occurrence that's bothering me a lot.

For instance, I've written a script that populates rack plans from YAML. The trouble is, the user would have to have permissions to all hosts in this rack, which is unlikely. It's not practical to generate multiple versions of this map in advance, that would replace non-allowed hosts with images.

A floorplan with rack-level drill-down is only possible if I'd not use sub-maps but hard-code URIs. That's because of the requirement that each sub-map element must be accessible by the user.

I wonder how much risk it is to give away a little information on the map.