TODO
----

- handle problem when the user has no permission on the target object;

DONE
----

- default vocabulary with users list;

- handle multiValued/singlevalued fields;

- add tests with target different then context;

- don't allow to remove roles from himself (at least relevant roles for write
  operations);

- fix defaults;