When looking at the permissions for a role, if you are allowed to approve an end entity
then you are also allowed to view approvals, reasonable.
When creating peer connectors there is a setting "Approval management", setting the above to true or false, but it is not setting
/ra_functionality/view_approvals which is a subset of approve_end_entity.
This leads to the following situation:
An admin with approval permissions can view the Manage Requests page on both the CA and the RA.
An admin with only view permission (view permission is default for the RA role) can view the Manage Requests page on the CA's RA web but not on the RA's because the peer connector's has view_approvals set to false. So when the admin has requested a certificate he can not view the status of waiting and approved certificates for which the admin has requested.
If the peer connector is set to allow Approval management so that approvals can be handled from the RA, should not the setting
be set to true as well then so that those with view permissions can view the approvals as well?