added check to role that sets access by default. added unit tests for section

removed 'self.save' from the Role access_level getter and setter. Shouldn't force a save there (especially in a getter). Verified that controller calls update/save after changing the value

added validations to role and unit tests