Description
Summary
The wrong role eg. B instead of A is displayed in the manager when setting an access of a document group or context on a user group (access_resource_groups). The last role of that same level is displayed. Luckily enough the correct role ID (principal) is set into the database. So it doesn't affect the website.
I haven't tested on element etc. but I have a strong feeling they will have the same issue.
Step to reproduce
Create a role A with level 9998 for example and then role B with level 9998 (equal roles, but exclusive for each other). So A can't access pages of B and vice versa. Both can access Member pages (role 9999).
Observed behavior
Role B is always displayed
Expected behavior
Role A should be displayed for user_group associated with A, Role B should be displayed for user_group associated with B.
I'm not sure if this also was the case in v2.5.7 (I had it set up in that version too, but I haven't paid attention to it). In between I upgraded to v2.5.8 and I noticed that accessing role A was not a problem, but role B was indeed a problem. Afterwards I cleared all access contexts, access document groups etc. But I noticed that from the moment you have two roles on the same level, you have this issue. After my clean up, for me it was written correctly in the database. So I believe it's only a manager issue (display).
Environment
MODX v2.5.8.