Custom role permissions

Foreman 3.12
Puppet 7.33
RHEL8

Trying to create a custom operator role that currently has these filters set:

but when a user with that role tries to modify a parameter they are allowed to change, they get this on submit:

We’ve added the view_operating systems filter but no change. What right is missing that makes the operating system be blank ? For an admin user, the operatingsystem is filled in.

These systems are all Puppet managed hosts.

Additional info that might be relevant - we mark new systems as “managed” by Foreman after they check in via Puppet so the Puppet certificates can be removed properly when the system is removed from Foreman.

If there is a better forum for help with this or somewhere to pay for assistance with these roles please let me know.