What happens in cases of overlapping permissions between Drupal and civiCRM permissioning?
I grant Edit permissions for a specific Group X to a group of contacts via CiviCRM ACL, and then grant "Edit all contacts" to a Drupal role.
Will a user be able to edit contacts in Group X if they have 'Edit all contacts' role (Drupal) but ARE NOT in the group with "Edit Group X" permissions?
In general all the drupal permissions are "super" user permissions - they grant broad, wide ranging powers.
In the above case, if a user has "edit all contacts", (s)he can edit all contacts.
All other edit/view contact permissions are not even looked at by CiviCRM.
However, if the user has "view all contacts" and an CiviCRM ACL to "edit contacts" in Group X,
(S)he should be able to edit only contacts from Group X.