{#if $licenseStore.loading}
{:else if !$licenseStore.isEnterprise}

Enterprise feature

Role-based access control (RBAC) is available with an enterprise license. Define custom roles with granular permissions and assign them to users.

{:else}
Roles

Define roles with granular permissions and assign them to users for access control.

{#if $canAccess('settings', 'edit')} {/if}
{#if rolesLoading}
{:else if roles.length === 0}

No roles configured

Create a role to define custom permissions

{:else}
{#each roles as role} {@const pills = getRolePermissionPills(role.permissions)}
{role.name} {#if role.isSystem} System {/if}
{#if role.description}

{role.description}

{/if} {#if pills.system.length > 0}
System: {#each pills.system as { category, perms }} {@const CategoryIcon = categoryIcons[category]} {#if CategoryIcon} {/if} {category} {#each perms as perm} {@const PermIcon = permissionIcons[perm]} {#if PermIcon} {/if} {/each} {/each}
{/if} {#if pills.env.length > 0}
Env {#if role.environmentIds === null || role.environmentIds === undefined} All {:else if role.environmentIds.length > 0} {@const envs = role.environmentIds .map(id => environments.find(e => e.id === id)) .filter(Boolean)} {#each envs as env} {@const EnvIcon = getIconComponent(env.icon || 'globe')} {env.name} {/each} {/if} : {#each pills.env as { category, perms }} {@const CategoryIcon = categoryIcons[category]} {#if CategoryIcon} {/if} {category} {#each perms as perm} {@const PermIcon = permissionIcons[perm]} {#if PermIcon} {/if} {/each} {/each}
{/if}
{#if $canAccess('settings', 'edit')}
{#if role.isSystem} {:else} deleteRole(role.id)} onOpenChange={(open) => (confirmDeleteRoleId = open ? role.id : null)} > {#snippet children({ open })} {/snippet} {/if}
{/if}
{/each}
{/if}
{/if}