Users should only be able to delete roles they have the permissions of

[towerofnix]

Presently we prevent a user (with manageRoles) from creating roles that contain permissions they don't have, and from updating roles so that they contain roles the user doesn't have. We don't specify which roles a user can delete, though. Presently anyone with manageRoles can delete any role; this is definitely not wanted. A simple proposal - users (with manageRoles) should be able to delete only roles that specify (as true or false) no permissions they do not have.