Granular Admin Access Control (ACL) with Role-Based Permissions

We want to support advanced admin management through a full Access Control Layer (ACL) that enables companies to:

• 👥 Assign multiple admin users with custom roles

• 🛡️ Define role-based permissions (e.g., IT Admin L1, L2, Security Admin, Owner, Viewer)

• 🔐 Enforce MFA policy per admin

• 🔄 Track login history, role changes, and activity logs

• 📊 Filter by role, activity, MFA status, or state (Active/Inactive)

• 🔁 Ability to promote/demote admins between roles

• ➕ Easy add/remove admins with integrated directory/user sync

This will ensure secure and scalable delegation of control inside organizations using Trio, especially important for multi-tenant setups (MSP) or enterprise customers with layered IT teams.

✅ Suggested Improvements:

• Add Access Level editor UI (e.g., Owner, IT Admin L1, IT Admin L2, Auditor)

• Allow custom role creation (define permissions per module: Devices, Security, Profiles, Directory, etc.)

• Display last login timestamp and MFA enabled status

• Set up role audit history for transparency

• Implement bulk admin import via CSV or API