Currently, a user who can edit folder permissions can also delete the entire organisational vault. That is not necessarily a good idea for larger organisations. Can you seperate these rights?