Hi,
A user that was once part of the master role group to assist with configuration of the platform has been moved to a different group that has fewer permissions however it looks like any configuration done by that user on an entity they retain more rights than that of the role they currently have on the entity? (Possibly some sort of creator role meaning you have full permissions?)
how is best to ensure only permissions assigned to a role that is configured on the required entities is used going forward?
thanks