For hierarchical acls it is important to know what a subitem of an item is. This is only based on the name currently. Is that correct? Because at setting up hacl it is done on items uuid mapping to the names in the hierarchy. If the item has more than one name, which are the valid rights? How does it work if an item has a name and a subitem name?
That looks rather complex now. May be we should replace hacl by something like range acls? By that we could setup in meta the ids of the items which have same rights as the item where we have acls defined.