Description of problem: When a user change the permissions in the project access tab for herself/himself, he might lose his permissions because we delete old RoleBindings before we create the new ones. To ensure that the user doesn't lock out herself/himself we should update the operation order from delete -> create to create -> delete. (For example, I lose a role I'm not aware of when playing with the modal in dev sandbox. :D) Version-Release number of selected component (if applicable): 4.7+ How reproducible: In theory always, but it's an edge case for a user with limited permissions, like in the sandbox. Steps to Reproduce: 1. Switch to "Developer" perspective 2. Navigate to project > Project acccess 3. Add a new "user1" + "View" permission and save it. 4. Reload it 5. Open your browser network inspector! 6. Update the "user1" permission to "Edit" and save it. Actual results: You see a DELETE RB call, and then a POST (create) RB call. Expected results: You should see the POST (create) RB call first, and then a DELETE RB. Additional info:
Created attachment 1886710 [details] api-calls.mp4
Verified on 4.11.0-0.nightly-2022-06-20-084444
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: OpenShift Container Platform 4.11.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:5069