From 01f164a8c6738dc85371170e063682223c8bf47f Mon Sep 17 00:00:00 2001
From: Ben White <ben@posthog.com>
Date: Tue, 26 Mar 2024 11:45:50 +0100
Subject: [PATCH] Added note

---
 ee/api/rbac/access_control.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/ee/api/rbac/access_control.py b/ee/api/rbac/access_control.py
index 287ee42e9638e..947258bbb74ce 100644
--- a/ee/api/rbac/access_control.py
+++ b/ee/api/rbac/access_control.py
@@ -9,6 +9,7 @@
 from ee.models.rbac.access_control import AccessControl
 from posthog.models.scopes import API_SCOPE_OBJECTS
 from posthog.rbac.user_access_control import (
+    ACCESS_CONTROL_LEVELS_RESOURCE,
     UserAccessControl,
     default_access_level,
     highest_access_level,
@@ -129,7 +130,10 @@ def _get_access_controls(self, request: Request, role_based=False):
         return Response(
             {
                 "access_controls": serializer.data,
-                "available_access_levels": ordered_access_levels(resource),
+                # NOTE: For Role based controls we are always configuring resource level items
+                "available_access_levels": ACCESS_CONTROL_LEVELS_RESOURCE
+                if role_based
+                else ordered_access_levels(resource),
                 "default_access_level": "editor" if role_based else default_access_level(resource),
                 "user_access_level": user_access_level,
                 "user_can_edit_access_levels": self.user_access_control.check_can_modify_access_levels_for_object(obj),