force session recording based on roles or users

as we work with multiple 3rd parties giving us support on several machines, we find it hard to prove sometimes that they are causing issues with the settings/patches/actions they did while connected.

we would like to be able to enforce session recording based on specific Role or cw tech User. I.e. when a cw tech user assigned that role connects to a client, then it should record the session (and tech should not be able to disable that).

we do not need to record all sessions of other cw users - as is now the enabling is global and we do not have this option.