Hi,
There seems to be a bug in the management console when it comes to permissions for changing Feature toggles. When you synchronize teams, a job is run that retrieves lifetime teams and roles and the permission levels. In module: 'FeatureToggleManagement_CS' there is an action called 'LifetimeTeams_GetRoles'.
Looking at the 'HasChangePermission': EnvironmentPermissionLevelId = Site.MinChangePermissionLevel
Notice here that the ID is compared to the Level. This is incorrect as there are role permissions with higher ID's and lower Levels.
For instance:
I have a user that has 'Monitor and Add Dependencies' role in a team (ID = 7, level = 3)
I have another user that has 'Open and Debug' role in the same team (ID = 4 and level = 4)
In the comparison above, if the siteproperty = 5 (change and deploy level):
- the user with monitor and add dependencies IS allowed to change the toggle (7 >= 5)
- the user with open and debug IS NOT allowed to change the toggle (4 < 5)
It is better to compare the Level with the site property here so that the user can access feature toggles what he should.
Hi Shahin,
You're correct, terrible bug.
A better solution and to follow the original idea is to do something like this
GetEnvironmentPermissionLevel(EnvironmentPermissionLevelId).EnvironmentPermissionLevel.Level >= Site.MinChangePermissionLevel
EnvironmentPermissionLevel Static Entity on the LifeTimeSDK module
Ohter bugs:
What is the status on this bug? We are experiencing this and now only 2 people (admins) in the whole company can see and change feature toggles, which is really annoying.
Hello Derk te Winkel,
this fix is under test and we expect to release it next week.
Cheers!
Derk te Winkel, I just published the fix. Please download the latest version and in case you experience any issue, please let us know.
Thanks for the update! I will let you know!