Created attachment 493664 [details]
Description of problem:
Changes to Role permissions are not saving
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. create a new role
2. in Permissions, unset some write permissions
3. click Save
4. view the role again, changes to permissions were not saved
changes to role permissions were not saved
changes to role permissions are saved
see attached image
learned from ian: this may be a usability issue. there are a lot of dependencies between the individual permissions that are not expressed in the UI that may be contributing to my perception that permissions were not being saved.
It appeared permission changes were not being saved, because the permissions that had been unset were re-selected due to being implied by MANAGE_INV or MANAGE_SEC.
[master 7b98837] should make this clearer to the user by displaying a transient message to inform the user when auto-selecting perms implied by a perm the user has just selected.
There was one more change needed to resolve this:
[master f9361b2] don't allow deselection of perms whose selection is implied by existing selection of MANAGE_SECURITY or MANAGE_INVENTORY, and display a transient warning message
One last change:
[master 294c067] in perm editor, don't allow deselection of CONFIGURE_READ if CONFIGURE_WRITE is selected
Verified on rhq4 release build (Version: 4.0.0 Build Number: db0c817)
Below messages are displayed when user selects 'Manage inventory' or Manage Security' permissions:
1. Autoselected unselected permissions, since MANAGE_SECURITY implies all other permissions.
2. Autoselected unselected Resource permissions, since MANAGE_INVENTORY implies all Resource permissions.
User is not allowed to deselect permissions whose selection is implied by
existing selection of MANAGE_SECURITY or MANAGE_INVENTORY
Below example messages are displayed:
1.Inventory permissions cannot be deselected, unless Manage Inventory, which implies all Resource permissions is deselected first
2.Configure permission cannot be deselected unless the Manage Security permissions, which implies all Resource permission, which implies all other permissions is deselected first.
It displays a mesage and user is not allowed to deselect CONFIGURE_READ if CONFIGURE_WRITE is selected.
Bookkeeping - closing bug - fixed in recent release.