I should be able to override security for a specific display

(User Story, Investigate , Priority: Medium, Test Status: No automated tests yet , Reported By Justin du Coeur, )
Access Control
Summary: That is, I should be able to build a page that includes data that the viewer would not normally be allowed to see.
For example, take User Values. I might want to set Who Can See User Values to just Owner, to prevent anyone else from reading each others' reviews. (In a case like Spirit Island.) But I might want to still be able to create a summary page containing some information derived from those reviews. If the permission works properly, it should normally prevent those reviews from even being loaded, if the viewer doesn't have the right permissions -- so how do I build this page?
The answer is, by allowing the Owner to declare the effective permissions of a Page or Function. We would add a new Override Permission Property, which is a bit complex. It includes a declaration of Who This Applies To (eg, Members), and View As If They Were role (eg, Owner). That is, for purposes of this Thing/Function and everything after it in the pipeline, we apply this transformation, so the effective permissions are Owner.
The precursor to this idea is adding a notion of Effective Permissions to the QLContext -- the Person or Role that we should use to evaluate permissions. Normally this comes from the RequestContext and is simply the Person viewing the page (and the Roles they map to?). But this new Property would change that for everything below this step.
I should not be able to add an Effective Permission that does not apply to me -- if I am just a Member, I cannot change the Effective Permission to Owner. (Are there ever cases where the Effective Permission needs to be flexible, or can this simply always be set to "me"?)
This is, of course, very very advanced. To make it more usable, we would want to eventually be able to detect when it might be appropriate, and ask the editing user whether to apply it. This would require that Functions be able to declare their permission checks, store those as meta-data, and at editing time have the system notice that, eg, I am writing a QL expression in a Public page that will only work for Members, asking the editor whether to apply this flag.