unexpected behaviour when setting custom permissions per user

[Givo29]

Hi Adam,

I found today that custom permissions for users seem to be showing unexpected results. I was trying to set a user to be able to view the projects of a certain company but not edit them. I tried:

View: Allow

(with no further permissions for that company), which allowed them to edit the projects in the company.

View: Allow
Edit, Add, Delete: Deny

Not able to view the company's projects (unable to select from dropdown)

View, Access: Allow
Edit: Deny

Not able to view the company's projects (unable to select from dropdown)

View: Allow
Access: Deny

Not able to view projects (unable to select from dropdown)

Access: Allow

Able to select the company from dropdown in projects tab but unable to see any projects

[ajdonnison]

I believe this is related to another issue that we are having with the way permissions caching is working. Without caching the permissions should work as expected, however it is extremely slow. The caching does some things in a naive way and therefore can cause unintended consequences. It is on my radar to try and resolve this.