Reporter creates a role for every group a user is member of, this can end up with a huge amount of Role groups. Fortunately the documentation describes how to delete roles so I can do some cleanup :-), unfortunately every time the user logs in the Roles will get recreated.

I don't think populating the roles with all group memberships is a good thing, at least it should be something optional and not the standard behavior. Can't we create something similar as what we do for the Admin Users, there we have a nice gui to define what groups should be linked to the ROLE_ADMINISTRATOR. Can't we have a similar UI to create generic roles (and a checkbox to disable the auto-generation of roles based on group memberships)?