Bug: incorrect pre-checked permissions when creating a custom role
Just noticed that we have started pre-checking permissions when creating a custom role. It was introduced in MR, !151663 (merged)
I have two concerns:
- The pre-checks are in-accurate. Wouldn't a
base_role = Owner
have most of the checkboxes selected? I believe this is becauseavailableFromAccessLevel
is null for most of the custom abilities. - There wasn't an authorization review on the MR. Maybe we need to add the
ee/app/assets/javascripts/roles_and_permissions/
folder as something that requires a groupauthorization review.
It's also resulting in the content for the Custom permissions
table being incorrect, eg:
Edited by Hinam Mehra