We have trouble getting whitelisting work for us. We need photos to be included in reports on the one hand, some internet sites to be made accessible on the other. There are different security requirements for these, but the security requirements are also for some users combined (they should be allowed both) with those users being from different groups.
Whitelisting is currently seup in a quite singular way, allowing either or AND allowing only for one group and not combining whitelisting settings from different groups. This leads for the users to annoying intermittend behaviour.
Whitelisting should be cumulative, meaning that the whitelisting rights from one group should be added to the rights from another group.