Fix for #1710 - don't allow setting setting info from within apps and making the user portal a bit more clear about builders being global admins.

packages/builder/src/components/backend/DataTable/modals/CreateEditUser.svelte

@@ -104,6 +104,7 @@
     options={$roles}
     getOptionLabel={role => role.name}
     getOptionValue={role => role._id}
+    disabled={!creating}
   />
   {#each customSchemaKeys as [key, meta]}
     {#if !meta.autocolumn}

packages/builder/src/pages/builder/portal/manage/users/[userId].svelte

@@ -33,12 +33,17 @@
     role: {},
   }
 
+  $: defaultRoleId = $userFetch?.data?.builder?.global ? "ADMIN" : ""
+  $: console.log(defaultRoleId)
   // Merge the Apps list and the roles response to get something that makes sense for the table
-  $: appList = Object.keys($apps?.data).map(id => ({
-    ...$apps?.data?.[id],
-    _id: id,
-    role: [$userFetch?.data?.roles?.[id]],
-  }))
+  $: appList = Object.keys($apps?.data).map(id => {
+    const role = $userFetch?.data?.roles?.[id] || defaultRoleId
+    return {
+      ...$apps?.data?.[id],
+      _id: id,
+      role: [role],
+    }
+  })
   let selectedApp
 
   const userFetch = fetchData(`/api/admin/users/${userId}`)

packages/server/src/utilities/global.js

@@ -12,14 +12,14 @@ exports.updateAppRole = (appId, user) => {
   if (!user.roles) {
     return user
   }
-  if (user.builder && user.builder.global) {
+
+  // always use the deployed app
+  user.roleId = user.roles[getDeployedAppID(appId)]
+  // if a role wasn't found then either set as admin (builder) or public (everyone else)
+  if (!user.roleId && user.builder && user.builder.global) {
     user.roleId = BUILTIN_ROLE_IDS.ADMIN
-  } else {
-    // always use the deployed app
-    user.roleId = user.roles[getDeployedAppID(appId)]
-    if (!user.roleId) {
-      user.roleId = BUILTIN_ROLE_IDS.PUBLIC
-    }
+  } else if (!user.roleId) {
+    user.roleId = BUILTIN_ROLE_IDS.PUBLIC
   }
   delete user.roles
   return user