A non-admin user has no way to see the roles and permissions they have. To reproduce, login as a non-admin user then click the username in the upper right corner of UI. I suggest that the view displayed when clicking this be similar to the admin view (three tabs General, Environments, Roles & Permissions).
commit 49be4366793ccd49fc30bafb8b02c87064cef2b9 Author: Tom McKay <thomasmckay> Date: Thu Dec 8 10:09:25 2011 -0500 + Bug 754526 - Cannot unset a user's default env https://bugzilla.redhat.com/show_bug.cgi?id=754526 Choosing "No Default Organization" works now + Bug 754855 - User cannot change default system environment on their own https://bugzilla.redhat.com/show_bug.cgi?id=754855 User editing own account now allows editing of default env + Bug 760563 - User cannot see their roles & permissions https://bugzilla.redhat.com/show_bug.cgi?id=760563 User editing their own account can see (but not modify) their roles + Bug 760635 - Creating new user with "No Default Organization" is awkward/broken. https://bugzilla.redhat.com/show_bug.cgi?id=760635 Save button on Environments tab now properly enables/disables based upon current choice vs. current default.
Verified in following katello build: [root@dhcp201-162 ~]# rpm -qa | grep katello katello-0.1.154-1.el6.noarch katello-trusted-ssl-cert-1.0-1.noarch katello-cli-common-0.1.30-1.el6.noarch katello-glue-pulp-0.1.154-1.el6.noarch katello-configure-0.1.46-1.el6.noarch katello-qpid-broker-key-pair-1.0-1.noarch katello-glue-candlepin-0.1.154-1.el6.noarch katello-all-0.1.154-1.el6.noarch katello-repos-0.1.4-1.el6.noarch katello-cli-0.1.30-1.el6.noarch katello-glue-foreman-0.1.154-1.el6.noarch katello-common-0.1.154-1.el6.noarch katello-certs-tools-1.0.1-1.el6.noarch katello-httpd-ssl-key-pair-1.0-1.noarch [root@dhcp201-162 ~]# rpm -qa | grep katello-cli katello-cli-common-0.1.30-1.el6.noarch katello-cli-0.1.30-1.el6.noarch Now a non-admin user can see the roles as below. This is only in case if user has permission to "access users"
Created attachment 549155 [details] user can view assigned roles ands permisisons