Issue With User Permission sys$FileDescriptor & sec$UserRole

Hi Team,

Recently , on our application , while implementing custom user , with some specific permissions

He will be able to create user this is one his assigned roles

While creating users by this user which admin user granted him full permission over User exception is thrown That Access Denied over sec$UserRole

Another user which has access to Entity which has attachment File Descriptor Also same behavior user was not able to upload

Admin portal does’t have this two Entities on the Entities Tab or Permission Tab

Solution Done Till now

Executing below Scripts

INSERT INTO sec_permission values (
	uuid_generate_v4(), CURRENT_TIMESTAMP, 'admin', 1,
	CURRENT_TIMESTAMP,null,null,null,20,'sys$FileDescriptor:create',
	1,'669836b9-8e32-379f-eec3-77154f799af8');
	
INSERT INTO sec_permission values (
	uuid_generate_v4(), CURRENT_TIMESTAMP, 'admin', 1,
	CURRENT_TIMESTAMP,null,null,null,20,'sys$FileDescriptor:update',
	1,'669836b9-8e32-379f-eec3-77154f799af8');
	
INSERT INTO sec_permission values (
	uuid_generate_v4(), CURRENT_TIMESTAMP, 'admin', 1,
	CURRENT_TIMESTAMP,null,null,null,20,'sys$FileDescriptor:delete',
	1,'669836b9-8e32-379f-eec3-77154f799af8');

INSERT INTO sec_permission values (
	uuid_generate_v4(), CURRENT_TIMESTAMP, 'admin', 1,
	CURRENT_TIMESTAMP,null,null,null,20,'sys$FileDescriptor:read',
	1,'669836b9-8e32-379f-eec3-77154f799af8');

INSERT INTO sec_permission values (
	uuid_generate_v4(), CURRENT_TIMESTAMP, 'admin', 1,
	CURRENT_TIMESTAMP,null,null,null,30,'sys$FileDescriptor:name',
	1,'3d999123-ae2a-5280-6504-a95fa5b3abb1');

-----------------------------------------------------------------------------------------------------------


INSERT INTO sec_permission values (
	uuid_generate_v4(), CURRENT_TIMESTAMP, 'admin', 1,
	CURRENT_TIMESTAMP,null,null,null,20,'sec$UserRole:create',
	1,'8ccf684a-548d-7df9-e383-b6f1932bb603');
	
INSERT INTO sec_permission values (
	uuid_generate_v4(), CURRENT_TIMESTAMP, 'admin', 1,
	CURRENT_TIMESTAMP,null,null,null,20,'sec$UserRole:update',
	1,'8ccf684a-548d-7df9-e383-b6f1932bb603');
	
INSERT INTO sec_permission values (
	uuid_generate_v4(), CURRENT_TIMESTAMP, 'admin', 1,
	CURRENT_TIMESTAMP,null,null,null,20,'sec$UserRole:delete',
	1,'8ccf684a-548d-7df9-e383-b6f1932bb603');

INSERT INTO sec_permission values (
	uuid_generate_v4(), CURRENT_TIMESTAMP, 'admin', 1,
	CURRENT_TIMESTAMP,null,null,null,20,'sec$UserRole:read',
	1,'8ccf684a-548d-7df9-e383-b6f1932bb603');

INSERT INTO sec_permission values (
	uuid_generate_v4(), CURRENT_TIMESTAMP, 'admin', 1,
	CURRENT_TIMESTAMP,null,null,null,30,'sec$UserRole:createdBy',
	1,'583f6736-915c-c7ff-e706-8a657b675ae5');


Granting permissions manually

please include them

Hi,
Thank you for the feedback.
These issue will be addressed in Provide a useful pre-set of predefined roles · Issue #2817 and New user roles usability issues · Issue #2816.