It should be possible for one Permission to delegate to another

(User Story, Investigate , Priority: High, Test Status: No automated tests yet , Reported By Justin du Coeur, )
Security
Summary: That is, I should be able to define Permission A as "anybody who has Permission B".
This isn't just a convenience. At the moment, Who Can Edit of the InstancePermissionsModel and all Permissions (as described by definePermission()) are set to Manager. That's really not correct in principle: it should be anybody who has the CanManageSecurity permission.
We should fix this in the general way -- it should be possible for Permission A on a Thing to redirect to another Permission B. In theory, this is easy: we just allow A to have B in its list of Permissions. (That is, a Permission is, itself, a Security Principal.) In practice, this needs to be done carefully, so that it doesn't make hasPermission() take even longer. It is likely good enough to do it dead-last while evaluating access -- if nothing else works, see if there is a Permission listed and recurse into that.
This will need a check against infinite recursion: if we are recursing from A into B, we should note that and check it inside hasPermission() to detect loops.
This is only High, because in practice it probably doesn't matter much yet -- there aren't yet any use cases where we expect a non-Manager to have this power. Mostly, this is about making things cleaner.