Bug 1467291

Description of problem:

When a Satellite user role is created with edit_products permission on a specific product, it allows the user who is assigned this role to remove the content from other products on which only view_products filter is assigned. The user should only be allowed to remove the content from a product repository only if he has rights to edit_product. 

Version-Release number of selected component (if applicable):
Red Hat Satellite 6.2.10

How reproducible:
Every time.

Steps to Reproduce:
1. Create a new user.

2. Create a role with below filters and assign it to the user create above. This will allow the user to only edit the product "puppet-prod" and will only allow to view the rest products
hammer> role filters --id 22
----|------------------|---------------------|------------|----------|--------------
ID  | RESOURCE TYPE    | SEARCH              | UNLIMITED? | ROLE     | PERMISSIONS  
----|------------------|---------------------|------------|----------|--------------
177 | Katello::Product | none                | yes        | prodview | view_products
178 | Katello::Product | name =  puppet-prod | no         | prodview | edit_products
----|------------------|---------------------|------------|----------|--------------

3. After this try to remove the yum package from the repository in the product where user has only view rights.
hammer> repository remove-content --name katello-agent --content-ids 11403 --organization-id 1
Repository content removed

Actual results:
The user is allowed to remove the content from the product repositories even when it has view only access.

Expected results:
The user should not be allowed to remove the content from the product repositories where it has view only access.