Add support for editing labelling of one's own role (#18812)

Still disallow edition of rank or permissions
author: Claire <claire.github-309c@sitedethib.com> 2022-07-17 13:37:30 +0200
committer: GitHub <noreply@github.com> 2022-07-17 13:37:30 +0200
commit: ecb3bb3256fe1bab0d7a63829cdce914b2b509a9 (patch)
tree: 82b77c13756a9441a488f9e91127b1623debb514 /app/models
parent: 05e39dc6199c609d200d546fed8a6a560659aa06 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/app/models/user_role.rb b/app/models/user_role.rb
index 833b96d71..57a56c0b0 100644
--- a/app/models/user_role.rb
+++ b/app/models/user_role.rb
@@ -90,6 +90,7 @@ class UserRole < ApplicationRecord
   validate :validate_permissions_elevation
   validate :validate_position_elevation
   validate :validate_dangerous_permissions
+  validate :validate_own_role_edition
 
   before_validation :set_position
 
@@ -165,6 +166,12 @@ class UserRole < ApplicationRecord
     self.position = -1 if everyone?
   end
 
+  def validate_own_role_edition
+    return unless defined?(@current_account) && @current_account.user_role.id == id
+    errors.add(:permissions_as_keys, :own_role) if permissions_changed?
+    errors.add(:position, :own_role) if position_changed?
+  end
+
   def validate_permissions_elevation
     errors.add(:permissions_as_keys, :elevated) if defined?(@current_account) && @current_account.user_role.computed_permissions & permissions != permissions
   end
author	Claire <claire.github-309c@sitedethib.com>	2022-07-17 13:37:30 +0200
committer	GitHub <noreply@github.com>	2022-07-17 13:37:30 +0200
commit	ecb3bb3256fe1bab0d7a63829cdce914b2b509a9 (patch)
tree	82b77c13756a9441a488f9e91127b1623debb514 /app/models
parent	05e39dc6199c609d200d546fed8a6a560659aa06 (diff)