Allow role permissions on Create Work Order from Projects

There is currently no way to restrict specific users from creating a WO (from the Project module) via security roles and the combinations with duties and privileges. While we control what roles can create WO's in EAM, would like additional controls for creating WO's from the Projects as there is typically additional controls around Projects.