I have permissions:
anatomy_organsystem_view
anatomy_organsystem_update
$rules[] = [
'actions' => ['index','view'],
'allow' => true,
'roles' => ['anatomy_organsystem_view'],
];
$rules[] = [
'actions' => ['update'],
'allow' => true,
'roles' => ['anatomy_organsystem_update'],
];
When my regular user (view only) logs in then they can are granted also update permissions
(while rbac only specifies ‘anatomy_organsystem_view’ for this user
However when I rename the pemission from anatomy_organsystem_update
to xx
then the rbac verification is correct.
Any ideas why…