Grandular Security Permissions

I would like to request that the "Administer" permission that is added to a Role to be broken out further than it currently is. Right now that permission gives cart blanche access to all administrative functions. I have several managers who need access to create Hosts but I do not want them to have access to administer SAML or other higher level administrative functions. 

I would propose several levels of Administrative rights. 

Super Administrator

Manager

Something like that.

Infrastructure changes should only be done by Super Administrator.