about summary refs log tree commit diff
path: root/app/models/user_role.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/models/user_role.rb')
-rw-r--r--app/models/user_role.rb7
1 files changed, 7 insertions, 0 deletions
diff --git a/app/models/user_role.rb b/app/models/user_role.rb
index 833b96d71..57a56c0b0 100644
--- a/app/models/user_role.rb
+++ b/app/models/user_role.rb
@@ -90,6 +90,7 @@ class UserRole < ApplicationRecord
   validate :validate_permissions_elevation
   validate :validate_position_elevation
   validate :validate_dangerous_permissions
+  validate :validate_own_role_edition
 
   before_validation :set_position
 
@@ -165,6 +166,12 @@ class UserRole < ApplicationRecord
     self.position = -1 if everyone?
   end
 
+  def validate_own_role_edition
+    return unless defined?(@current_account) && @current_account.user_role.id == id
+    errors.add(:permissions_as_keys, :own_role) if permissions_changed?
+    errors.add(:position, :own_role) if position_changed?
+  end
+
   def validate_permissions_elevation
     errors.add(:permissions_as_keys, :elevated) if defined?(@current_account) && @current_account.user_role.computed_permissions & permissions != permissions
   end
generated by cgit-pink (git 2.37.1) at 2024-07-14 22:32:18 +0000