The power level model of permissions feels to me a bit overly simplified. It’s so easy to imagine scenarios where you need exceptions to the rule of permissions existing on a single axis that it seems very limiting from the outset.

The idea of ever increasing and overlapping scopes I don’t think maps well to most people’s mental model of who should be allowed to do what. People mostly want to define an arbitrary role; admin, user, team leader, whatever, and just pick what that role is allowed to do in isolation. It’s marginally more work to setup initially picking all of the permissions again, but it removes all of the overhead of having to monitor what permissions are being adopted from lower scopes on the power level axis.

I also think the power level system makes it much harder to “refactor” permissions for specific roles without affecting permissions for everyone “above and below”