Admin users will be able to add/edit/delete their own subusers.
The secure system will be broken if someone pass in gid=whatever to your search engine. The only way to work it out is to customize your code.
I did mention that this feature is not easy to accomplish in my last message. It has a bunch of works to do, you can absolutely build it with knowledge of Perl programming and understanding our code.
If you want us to help you out with this issue, please feel free send me email.