At the moment everyone with a license can do everything. User could potentially create, modify or delete mass email views even though their SF profiles does not actually allow it (Create and Customize List Views = false).
Any option to influence this behaviour? If permission cannot be taken over from the SF profile, perhaps permissions sets or Mansa-Profiles can be provided within the app to restrict access ?
We can definitely achive this, appreciate if you can define the specific permission sets you are looking for based on your business use case.
Similarly to SF a permission to "Create and Customize List Views" (for their personal use only) and another "Manage Public List Views" (for lets say managers to define views for everyone). The second one must be dependent on the first one.
If possible using permission, then another one to to define if they can select "Contact", "User" or "Lead". (similarly to the standard object perm to "view").
Once we are at it. A perm to be able to schedule email deliveries (at the moment available to everyone).
These are the ones which jump into my head right away.
Hope that all makes sense.