[FE] Roles and Permissions - automatically check/uncheck dependent permissions

On the Roles and Permissions page, when creating a custom role, a list of permissions is shown:

ksnip_20231106-132811

Some of the permissions are dependent on other permissions. For example, you cannot admin a vulnerability unless you can also read a vulnerability. Currently, when you try to create a role with Admin vulnerability selected but not Read vulnerability, you will get an error message:

ksnip_20231106-132937

You have to try and create the role to get the error message; you don't know which permissions are dependent on other permissions until you do so.

As a UX improvement, we should automatically check/uncheck dependent permissions with the following behavior:

  1. If permission A is dependent on permission B, checking permission B should automatically check permission A. If permission B is then unchecked, permission A stays checked.
  2. If permission A is dependent on permission B and both are checked, unchecking permission A will automatically uncheck permission B.

The memberRolePermissions GraphQL endpoint has a requirement property that tells us which permission (if any) the permission is dependent on:

ksnip_20231106-134812
Edited by Daniel Tian