Well, yes, for me it would be helpful to be able to block sub-site administrators from seeing some menu items (for instance, my Stripe payment terminal settings).
I attempted to create a new role in my Network Admin — “Subsite-Administrator” — but I cannot change users to that role.
The other problem is that I have a front-end only login system. So for each of my sub-sites, there is an “Administration Login” link in the footer (example: https://wollard.nationalcdp.org/wp-admin/, and the sub-site administrator clicks it).
If they’re assigned as an administrator for that sub-site, they’ll be taken to the WordPress dashboard for that sub-site only. If they are not assigned to an administrator role on that sub-site, they cannot access the dashboard.
So there are 2 Super Admins (me and my partner). We see everything. Currently, I am just designating sub-site administrators to the “Administrator” role, and I have most of the options I don’t want them to see, hidden … but there are some (like the Stripe Payment settings, Genesis custom functions, etc.) that I cannot hide.
So yes … if it’s not too much work, that would be great to allow us to block menu items from the “Administrator” role.
I can see you have put a lot of time and work into this, with the research you have put in to understand how WordPress operates. So far, I’m finding this quite valuable!