[delete_dataset] option after being removed, i can still delete datasets

[Aasia Fayyaz]

Greetings!

I recently installed ckan version 2.8.7 on ubuntu 18.04 as package. 

In my /usr/lib/ckan/default/src/ckan/ckan/authz.py file,

# these are the permissions that roles have

ROLE_PERMISSIONS = OrderedDict([

    ('admin', ['admin']),

    ('editor', ['read', 'delete_dataset', 'create_dataset', 'update_dataset', 'manage_group']),

    ('member', ['read', 'manage_group']),

])

when I tried to remove the 'delete_dataset'  option from the editor role, I was still able to delete the dataset. Can someone please explain this behavior?

Moreover, when I tried to remove the 'manage_group'  option , it gave me this error.

403 Forbidden 

Access was denied to this resource. 

Unauthorized to read package 

Can't we alter the permissions in ckan?