The struts path was originally implemented to keep unauthorized users from accessing the functionality of administrative portlets by maniuplating the url. To prevent this, struts paths were associated with portlets and attempts to access the struts path outside of the portlet were blocked.
However, this also prevented authorized users from accessing struts paths of other portlets.
Instead, a user with the Administrator role should be able to access all paths within struts-config.xml and users with the Power User role should be able to access all struts paths of portlets that are associated with the Power User role, etc.
(This suggestions was given by Dan Ignat. Thanks Dan!)