Please see the attached screenshots, from current HM.
If you assign a device groups role plus read only you can see the devices but not deploy to them. Is this because the user then is interpreted as only being allowed to Read from this group as well (not deploy)? This might be related to MEN-4356?
The critical problem right now: How can I give deploy access to one group, and also allowing to log in? If I don't assign Read only it's supposed to work for APIs but I cannot log in. If I do assign read only I can log in but not deploy?
- A user with only a "Device group" type of role can log in and create a deployment