@@ -135,7 +135,7 @@ export const markAndFilterRoles = (user, allRoles, locale, multiple, separator,
135135 role . value = role . id ;
136136 deriveApplicationAttributes ( role , locale , multiple , separator ) ;
137137 } ) ;
138- if ( ! isUserAllowed ( AUTHORITIES . INSTITUTION_ADMIN , user ) ) {
138+ if ( ! user . superUser ) {
139139 const userRoles = user . userRoles ;
140140 userRoles . forEach ( userRole => {
141141 userRole . isUserRole = true ;
@@ -171,7 +171,13 @@ export const allowedAuthoritiesForInvitation = (user, selectedRoles) => {
171171 return Object . keys ( AUTHORITIES ) ;
172172
173173 }
174- if ( user . institutionAdmin && ! isEmpty ( user . applications ) ) {
174+ //Return only the AUTHORITIES where the user has the correct authority per selectedRole
175+ const userRolesForSelectedRoles = selectedRoles
176+ . map ( role => role . isUserRole ? role . role : role )
177+ . map ( role => user . userRoles . find ( userRole => userRole . role . id === role . id ) )
178+ . filter ( userRole => ! isEmpty ( userRole ) ) ;
179+ //If the user is an institutionAdmin but is also a regular inviter or manager of this role, then filter the authorities
180+ if ( user . institutionAdmin && ! isEmpty ( user . applications ) && userRolesForSelectedRoles . length === 0 ) {
175181 return Object . keys ( AUTHORITIES )
176182 . filter ( authority => authority !== AUTHORITIES . SUPER_USER ) ;
177183 }
@@ -183,11 +189,6 @@ export const allowedAuthoritiesForInvitation = (user, selectedRoles) => {
183189 return Object . keys ( AUTHORITIES )
184190 . filter ( auth => AUTHORITIES_HIERARCHY [ auth ] > AUTHORITIES_HIERARCHY [ authority ] ) ;
185191 }
186- //Return only the AUTHORITIES where the user has the correct authority per selectedRole
187- const userRolesForSelectedRoles = selectedRoles
188- . map ( role => role . isUserRole ? role . role : role )
189- . map ( role => user . userRoles . find ( userRole => userRole . role . id === role . id ) )
190- . filter ( userRole => ! isEmpty ( userRole ) ) ;
191192 const leastImportantAuthority = userRolesForSelectedRoles
192193 . reduce ( ( acc , userRole ) => {
193194 if ( AUTHORITIES_HIERARCHY [ userRole . authority ] < AUTHORITIES_HIERARCHY [ acc ] ) {
0 commit comments