Allow an entity to be assigned multiple permission instances for a role in an app

[izqui]

It would be useful if an entity can be granted more than one instance of the permission with different parameters.

As @sohkai pointed out to the audit team, this can be done right now if the permission manager re-grants the permission using the OR operator as a combinator. But there could also be the case when these permissions are being granted by another smart contract, and reconstructing the permission and adding the OR operator could be expensive to do on-chain. Also it would be nicer to do natively.

I personally bumped into this issue while working on another approach to the Staking app, in which a permissions is granted to an entity so it can unlock a certain deposit, but entities should be able to unlock more than one deposit.

Challenges:

• Out of gas attack: An entity is assigned many instances of the permission so that checking results in the transaction going out of gas. Not really an issue since the permission manager is the only one with permission to add another one, and could directly remove the permission to censor.

[renexdev]

But there could also be the case when these permissions are being granted by another smart contract, and reconstructing the permission and adding the OR operator could be expensive to do on-chain

Could be a good starting point for facing this to:

• define a total gas calculation function for a given permission instance
• define a maximum gas cost threshold conditional before adding such instance to the ORs chain