--- constructing perm_edges
--- 1. get the list of all permission links,
--- 2. any can_manage link or permission link to a group means permission should "follow through"
--- (as a special case, can_manage links to a user grant access to everything owned by the user,
--- unlike can_read or can_write which only grant access to the user record)
--- 3. add all owner->owned relationships between groups as can_manage edges
---
--- constructing permissions
--- 1. base case: start with set of all users as the working set
--- 2. recursive case:
--- join with edges where the tail is in the working set and "follow" is true
--- produce a new working set with the head (target) of each edge
--- set permission to the least permission encountered on the path
--- propagate trashed flag down
+-- Note: this is not the current code used for permission checks (that is
+-- materialized_permission_view), but is retained here for migration purposes.