When using the pamac GUI in GNOME with its policy kit, the admin password is required to open the preferences menu, which is acceptable. However, after leaving the window open for some time (until the policy kit permission expires), the password is queried again when simply trying to close the preferences window (or the pamac GUI as an application in general). I guess this happens because the settings are only saved when closing the window? Maybe this should just discard the changes when the authentication fails. Additionally, the policy kit authentication actually occurs twice when trying to cancel and leads to 2 “Authentication failed” windows to open on top of the preferences window.
Although I understand that it is discouraged to leave such a window open while admin permissions are granted, it might lead to a situation where another (physical) user for the same computer might try to close all running programs but isn’t able to do so because they cannot close this window without the admin password.