From d2375db6c8893a65dfa3ca1e1df69c085c05f39a Mon Sep 17 00:00:00 2001
From: Ted Trask <ttrask01@yahoo.com>
Date: Wed, 1 Mar 2017 01:35:04 +0000
Subject: Prevent writing out default permissions when editing role

---
 app/acf-util/roles-model.lua | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/app/acf-util/roles-model.lua b/app/acf-util/roles-model.lua
index 0e49b4e..d21a1d5 100644
--- a/app/acf-util/roles-model.lua
+++ b/app/acf-util/roles-model.lua
@@ -89,7 +89,22 @@ mymodule.setpermissions = function(self, permissions, action, newrole)
 	end
 	-- Try to set the value
 	if result==true then
-		result, permissions.value.role.errtxt = roles.set_role_perm(self, permissions.value.role.value, nil, permissions.value.permissions.value)
+		-- Remove the default permissions
+		local reversepermissions = {}
+		for i,p in ipairs(permissions.value.permissions.value) do
+			reversepermissions[p] = i
+		end
+		for i,p in ipairs(permissions.value.permissions.option) do
+			if p.disabled then
+				reversepermissions[p.value] = nil
+			end
+		end
+		local permissionstable = {}
+		for p in pairs(reversepermissions) do
+			permissionstable[#permissionstable+1] = p
+		end
+
+		result, permissions.value.role.errtxt = roles.set_role_perm(self, permissions.value.role.value, nil, permissionstable)
 		if not result then
 			permissions.errtxt = "Failed to save role"
 		end
-- 
cgit v1.2.3