GitLab

All top level documents are not supposed to acquire local roles https://www.erp5.com/erp5-Guideline.Unset.Acquire.Local.Roles.On.Document.Portal.Type.Configuration.If.Applicable

I believe this comes from the time where we were using images as sub-documents of products or persons. We now use embedded files for these cases, so no need to have an exception here.

Depending on the security configuration, there might be a notable side effect of applying this change: images that were visible by some users because they acquired Auditor role from the module will not longer be visible by these users, but they will still be indexed as visible, so they will appear in catalog searches. In such case, after re-indexing image module the catalog will be consistent again.