• NSX Data Center
• User (local/LDAP/VIDM) is setup with custom role
• Custom role set with full access (crud) permission "Networking - Connectivity - Tier-1 Gateways".
• The other permissions are read only (read).
• When this user attempts to delete the Tier-1, they get logged out with:

• VMware NSX-T Data Center
• VMware NSX 4.0.x and 4.1.x

This is a known issue, impacting NSX 4.0.x and 4.1.x.
When a Tier-1 gateway is created, it's security configuration is also created, and user needs additional permission to delete it.

This issue is resolved in VMware NSX 4.2.0, available at Broadcom downloads.

If you are having difficulty finding and downloading software, please review the Download Broadcom products and software KB.

Workaround:
Permission required to modify security configuration is full access (crud) is policy_edge_security_settings. This policy needs to be added to the custom role to allow deletion of the Tier-1 gateway.
This is configurable in "User Management" section, in "Set Permissions": Security -> Settings -> Gateway Security Settings -> Full Access.

Impact/Risks:
User may be unable to delete a Tier-1 gateway. 
When deletion is attempted, user gets logged out of NSX UI.