In this system how do we maintain module level permissions? These would be permissions that are granular and only apply inside a module. Is there a universal API for handling them?
Do you refer to the administrator or front facing?
For Administration you have the standard rules and permissions that you can use, or you can expand on that and your own. For the front facing then that is left up to you to add your own membership login and security.