🔐 RBAC permissions: message_delete right -add too many privileges

[aguyonp]

Issue submitter TODO list

• I've looked up my issue in FAQ
• I've searched for an already existing issues here
• I've tried running main-labeled docker image and the issue still persists there
• I'm running a supported version of the application which is listed here

Describe the bug (actual behavior)

Hello developers :)

I hope you have a good day!

I just encountered a problem:

"messages_delete" right seems to also add "edit" permission on the "topic" resource.

⚠️ I can edit and save topic settings! Without right into the YAML ⚠️

Thanks for your feedback.

Expected behavior

No response

Your installation details

Docker with 1.3.0 version

Steps to reproduce

change permissions with YAML config like the documentation:

https://ui.docs.kafbat.io/configuration/rbac-role-based-access-control#permissions

this config:
- resource: topic
value: ".*"
actions:
- view
- messages_read
- messages_produce
- messages_delete <- by adding this, it also add "edit" permission on the "topic" resource.
- analysis_run
- analysis_view

Screenshots

No response

Logs

No response

Additional context

No response

[github-actions]

Hi aguyonp! 👋

Welcome, and thank you for opening your first issue in the repo!

Please wait for triaging by our maintainers.

As development is carried out in our spare time, you can support us by sponsoring our activities or even funding the development of specific issues.
Sponsorship link

If you plan to raise a PR for this issue, please take a look at our contributing guide.

[Haarolean]

Will be fixed in #260