User Access

We have implemented a way for users to "proxy" for each other.  If someone is logged in as another person, 1. They can still access pages as themselves even though the other person doesn't have access.  2. If they are logged in as someone else, then the person has access to pages that they shouldn't.

Is there a way to determine if the "logged in user" should have access to a page in an espace or not?  I have thought about using espace roles but I haven't found the data that lets you know which espaces roles are being used in.
There's always our good old CheckRole(Role,User) to see if User has the role. About the Roles in page, you can see them while developing. A way to export them seems a good idea, but is also a liability because the code would be uglier.