Extended Permissions for Contact Dir (use of Roles)

I'd like to be able to define permissions access to a Contact Directory Primary Category based on Roles. Simply have a page (access control or under contact dir admin pages?) that provides a matrix of currently definied Primary Categories and Roles. Select which roles can view which categories, and which roles have permissions to add contact information to a Primary Category.

If a role only has permission to view/modify/edit one single Primary Category - then don't display it as an pick option list.