I have added auth to my application using crud. However there are a couple of areas where it does not act as I was expecting.
1) If I have a permission to create and change it to update it seems that I now have both permissions until I log off. I guess it has cached the old permission somewhere. Is it possible to force any changes to happen immediately? 2) If I have update permission it allows me to delete as well. Is it possible to allow update but not delete?
