Installing a module from forgebox should be all inclusive.
You shouldn't need to tell the user, login to your admin, and add these security permissions, add them to these roles, add these security rules to require this permission to access that.
In the module, we should be able to programmatically and conventionally declare our security rules, and the module can add onLoad and remove onUnload.
I know adding permissions etc can be done programmatically, but having a struct in the module settings, that does it all for a user is a great idea.
look at link please