It would be beneficial if we could specify a custom access role to be assigned to project owners instead of defaulting to "Full" access.
As an example of this would be as follows:
I do not want people to be able to delete projects out of our system with a few exceptions. If something needs to be deleted I want my PMO staff to do review the deletion request and to be the one who actually deletes. This is for data integrity and lessons learned. If a project was canceled I don't want it deleted, I'd like to document why it was canceled and then learn from it for the future.
When a project owner is assigned to a project they are automatically given full permissions which means they could delete the project. Because of this, I turned off the permission to delete folders & projects under access roles to avoid that.
However, this is causing an unforeseen issue that I need to solve. There are areas (i.e. my personal space) where I cannot delete anything nor can I change the permissions for that space.
In a world where I am trying to leverage automation and eliminate as much manual work as possible my team will have to go back to manually managing permissions which is a step backward.
The solution for this would be to have a role that can be designed as the default role for a project owner so you can specify what a PM can and cannot do to their projects in the system.