From 70ec80a1d55c688d709e036edf6ddfc088f4f502 Mon Sep 17 00:00:00 2001
From: San Wai Lwin <sanwailwin@code2lab.com>
Date: Wed, 18 Apr 2018 16:57:02 +0630
Subject: [PATCH] Manager level can not edit Administrator's password and id

---
 app/views/origami/payments/show.html.erb    | 22 +++++++++++----------
 app/views/settings/employees/_form.html.erb |  6 +++++-
 2 files changed, 17 insertions(+), 11 deletions(-)

diff --git a/app/views/origami/payments/show.html.erb b/app/views/origami/payments/show.html.erb
index 00852f95..2cf6fea5 100755
--- a/app/views/origami/payments/show.html.erb
+++ b/app/views/origami/payments/show.html.erb
@@ -435,16 +435,18 @@
       </div>
       <div class="modal-footer ">
         <div class="row m-b-10 m-r-30">
-          
-          <div class="col-md-5 m-r-20">
-            <% if ENV["SERVER_MODE"] != "cloud" %>
-              <button type="button" class="btn btn-link bg-red waves-effect print_receipt">Print</button>
-            <% end %>  
-          </div>
-          
-          <div class="col-md-5 m-r-20">
-            <button type="button" class="btn btn-link bg-blue waves-effect btn_pdf_close" data-dismiss="modal">CLOSE</button>
-          </div>
+          <% if ENV["SERVER_MODE"] != "cloud" %>
+            <div class="col-md-5 m-r-15">
+                <button type="button" class="btn btn-link bg-red waves-effect print_receipt">Print</button>
+            </div>
+            <div class="col-md-5 m-r-13">
+              <button type="button" class="btn btn-link bg-blue waves-effect btn_pdf_close" data-dismiss="modal">CLOSE</button>
+            </div>
+          <% else %>
+            <div class="col-md-9 m-r-15">
+              <button type="button" class="btn btn-link bg-blue waves-effect btn_pdf_close" data-dismiss="modal">CLOSE</button>
+            </div>
+          <% end %>  
         </div>
         
       </div>
diff --git a/app/views/settings/employees/_form.html.erb b/app/views/settings/employees/_form.html.erb
index 0b973416..ad50e9b8 100755
--- a/app/views/settings/employees/_form.html.erb
+++ b/app/views/settings/employees/_form.html.erb
@@ -7,7 +7,11 @@
 
         <div class="form-inputs p-l-15">
           <%= f.input :name %>
-          <%= f.input :role, :collection => Lookup.collection_of("employee_roles"),:class=>'form-group' %>
+          <% if current_user.role == "administrator" %>
+            <%= f.input :role, :collection => Lookup.collection_of("employee_roles"),:class=>'form-group' %>
+          <% else %>
+            <%= f.input :role, :collection => Lookup.collection_of("employee_roles").select{|r| r[1] != "administrator"},:class=>'form-group' %>
+          <% end %>
           <%= f.input :emp_id,  :label => "Employee Numberic ID (*Unique)" %>
           <%= f.input :password %>