diff --git a/app/views/admin/roles/_form.html.haml b/app/views/admin/roles/_form.html.haml
index 68607ce682..99a211eeae 100644
--- a/app/views/admin/roles/_form.html.haml
+++ b/app/views/admin/roles/_form.html.haml
@@ -9,7 +9,7 @@
= f.input :name, wrapper: :with_label
.fields-group
- = f.input :position, wrapper: :with_label
+ = f.input :position, wrapper: :with_label, input_html: { max: current_user.role.position - 1 }
.fields-group
= f.input :color, wrapper: :with_label, input_html: { placeholder: '#000000' }
@@ -29,7 +29,7 @@
- (@role.everyone? ? UserRole::Flags::CATEGORIES.slice(:invites) : UserRole::Flags::CATEGORIES).each do |category, permissions|
%h4= t(category, scope: 'admin.roles.categories')
- = f.input :permissions_as_keys, collection: permissions, wrapper: :with_block_label, include_blank: false, label_method: lambda { |privilege| safe_join([t("admin.roles.privileges.#{privilege}"), content_tag(:span, t("admin.roles.privileges.#{privilege}_description"), class: 'hint')]) }, required: false, as: :check_boxes, collection_wrapper_tag: 'ul', item_wrapper_tag: 'li', label: false, hint: false
+ = f.input :permissions_as_keys, collection: permissions, wrapper: :with_block_label, include_blank: false, label_method: lambda { |privilege| safe_join([t("admin.roles.privileges.#{privilege}"), content_tag(:span, t("admin.roles.privileges.#{privilege}_description"), class: 'hint')]) }, required: false, as: :check_boxes, collection_wrapper_tag: 'ul', item_wrapper_tag: 'li', label: false, hint: false, disabled: permissions.filter { |privilege| UserRole::FLAGS[privilege] & current_user.role.computed_permissions == 0 }
%hr.spacer/
diff --git a/app/views/admin/roles/_role.html.haml b/app/views/admin/roles/_role.html.haml
index 1ca5ca3920..798d8d8b4f 100644
--- a/app/views/admin/roles/_role.html.haml
+++ b/app/views/admin/roles/_role.html.haml
@@ -1,12 +1,22 @@
.announcements-list__item
- = link_to edit_admin_role_path(role), class: 'announcements-list__item__title' do
- %span.user-role{ class: "user-role-#{role.id}" }
- = fa_icon 'users fw'
+ - if can?(:update, role)
+ = link_to edit_admin_role_path(role), class: 'announcements-list__item__title' do
+ %span.user-role{ class: "user-role-#{role.id}" }
+ = fa_icon 'users fw'
- - if role.everyone?
- = t('admin.roles.everyone')
- - else
- = role.name
+ - if role.everyone?
+ = t('admin.roles.everyone')
+ - else
+ = role.name
+ - else
+ %span.announcements-list__item__title
+ %span.user-role{ class: "user-role-#{role.id}" }
+ = fa_icon 'users fw'
+
+ - if role.everyone?
+ = t('admin.roles.everyone')
+ - else
+ = role.name
.announcements-list__item__action-bar
.announcements-list__item__meta
@@ -16,3 +26,5 @@
= link_to t('admin.roles.assigned_users', count: role.users.count), admin_accounts_path(role_ids: role.id)
•
%abbr{ title: role.permissions_as_keys.map { |privilege| I18n.t("admin.roles.privileges.#{privilege}") }.join(', ') }= t('admin.roles.permissions_count', count: role.permissions_as_keys.size)
+ %div
+ = table_link_to 'pencil', t('admin.accounts.edit'), edit_admin_role_path(role) if can?(:update, role)
diff --git a/config/locales/simple_form.en.yml b/config/locales/simple_form.en.yml
index 932f34d82a..f7da3a23d2 100644
--- a/config/locales/simple_form.en.yml
+++ b/config/locales/simple_form.en.yml
@@ -102,7 +102,7 @@ en:
highlighted: This makes the role publicly visible
name: Public name of the role, if role is set to be displayed as a badge
permissions_as_keys: Users with this role will have access to...
- position: Higher role decides conflict resolution in certain situations
+ position: Higher role decides conflict resolution in certain situations. Certain actions can only be performed on roles with alower priority
webhook:
events: Select events to send
url: Where events will be sent to