CA IDM - Modification on User role/permission queries