Description of problem:
If a user is on a page and rights have subsequently been removed, reloading the page throws a stacktrace, rather than cleanly displaying a permission denied page.
Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.  Create a user, "aaa"
2.  Create a role granting All Organization permissions; add "aaa" user to this role
3.  In a separate browser, login with user "aaa" and go to Organizations page
4.  In the original browser (as admin), revoke all rights from user "aaa" in the UI
5.  Attempt to reload the Orgs page with user "aaa"  

Actual results:

ArgumentError in Organizations#index

Showing /usr/share/katello/app/views/layouts/katello.haml where line #41 raised:

Invalid level specified or item key not found

Extracted source (around line #41):

38:     - else
39:       #subheader.container_16
40:         %nav.tab_nav
41:           = render_navigation(:expand_all => true, :level => 1)
42:       #maincontent.container_16
43:         %nav.subnav.container_16
44:           = render_navigation(:expand_all => true, :level => 2..3)

Rails.root: /usr/share/katello
Application Trace | Framework Trace | Full Trace

app/views/layouts/katello.haml:41:in `_app_views_layouts_katello_haml___153095593_70252241594080_0'
app/controllers/application_controller.rb:263:in `render_403'
app/controllers/application_controller.rb:262:in `render_403'
app/controllers/application_controller.rb:52:in `__bind_1317096489_494834'
app/controllers/application_controller.rb:460:in `call'
app/controllers/application_controller.rb:460:in `execute_rescue'
app/controllers/application_controller.rb:52:in `__bind_1317096489_494834'

Request

Parameters:

None

Show session dump

Show env dump
Response

Headers:

None

Expected results:
Cleanly handle the permission denied request

Additional info: