When you add a security constraint to a fragment, only view permission is checked (not edit).
It makes it difficult to customize the layout of one page. For example,
I want one portlet to have view permission while another on the same
page has view and edit and the page itself if not editable.