Permissions based on relationships between members of larger categories of users
I have requirements to build a system in which there are "Members" and "Leaders."
While there are many things that will be controlled based on these generic roles, there also needs to be permissions to support the following use cases in which individuals can see certain data and contributed content that is not accessible to others within the generic role:
1) Leaders can see additional information about or produced by members of their group
2) Members can see additional information about or produced by their specific leader
3) Members can see additional information about or produced by other members within their specific group.
It seems that the answers to this problem lie somewhere within the "Workspaces" initiative, but it is hard for me to understand exactly what is real and what is planned, etc....
Since this is a startup venture in which there will be no leaders other than the owner for a while, I don't necessarily need this all to work immediately, but I want to be sure that what I set up now is on the right path.