Skip to content

Bug: incorrect pre-checked permissions when creating a custom role

Just noticed that we have started pre-checking permissions when creating a custom role. It was introduced in MR, !151663 (merged)

I have two concerns:

  • The pre-checks are in-accurate. Wouldn't a base_role = Owner have most of the checkboxes selected? I believe this is because availableFromAccessLevel is null for most of the custom abilities.
  • There wasn't an authorization review on the MR. Maybe we need to add the ee/app/assets/javascripts/roles_and_permissions/ folder as something that requires a groupauthorization review.

Screenshot_2024-06-20_at_12.15.26_PM

It's also resulting in the content for the Custom permissions table being incorrect, eg:

Screen_Recording_2024-06-20_at_12.41.16_PM

Edited by Hinam Mehra