I'm still lacking much needed knowledge, so im a little undsure how id create a better version. Also, to be honest, I'm struggling to get this version working too. You Dont fancy lending me your brain do you? lol.
You might want to look at the ASP.NET membership provider model from an architecture perspective, which in turn shares many similarities with standard group-based security you might find in a common LDAP store.
The idea being that you assign permission roles to either a single user, or a group of users. So instead of assigning a security "level" number which provides accessed based on how high the number is, you would instead creating a set of security "roles" and assign them to whoever needs to fill that role. It ends up being more of an "true/false" thing instead of a "somewhere between 2 and 8" thing. That allows you to have an infinite number of roles, and an infinite number of users and/or groups who are able to assume that role.
Much more flexible, but it takes a bit more plumbing to make it work.