The interface for setting up ACLs and using them to manage station access and use, is awesome, it’s clear, easy to use and easy to setup.
The interface around roles, for managing access to division hangars and containers within them, is complicated (I still don’t think I understand it) and inflexible, and really just doesn’t work the way it should.
I suggest removing all the hangar roles, and replacing them with acls. Either allow individual containers or hangers, to have an acl (either admin/manager = read/write, member = read), or individual acls for each permission read or write. Even better would be to allow profiles to be setup, for hangars/containers allowing further configuration of who has read/write/log in the profile, then the profile could be applied to multiple things (like division 1 hangar in each station, except one).
I would also suggest moving the profile managment section, into access control, as a better fit for that kind of thing.
A Usecase might be helpful:-
My corp has 4 divisions, the miners, the pve-ers, the blackops, and logistics. Each division has members and managers. That would present as 2 acls per division.
My Corp has multiple stations, some near mining areas, are predominantly for the miners. Those miners need to be able to come in, and drop off their ore, in a container in the miners division hanger, they need to be able to see what’s in there, but not pick up what’s there. Ideally multiple miners could drop off their ore into the same container, and a log would show who dropped in what and when.
So the members of the division have query, push and pull access to the hangers, but only query and put access to containers, but not pull, so they can’t share products in the hanger, but not take from the containers.
Managers can go in, and stack the contents of the container, and take it away. The log would show who had put what into the now empty container, and which manager removed it.
Similarly, the Mining Manager, can put the stacked contents into the refining container in the Logistics hanger, where the refining officer acl, determines who can take it out again, refine it and put back the product. The logistical officer acl determine who can then collect the mineral product from that container, and take it to sell. At each step use of the container is logged.