From e2caf5d8195024480720d7e193c6231228e91814 Mon Sep 17 00:00:00 2001
From: Steven Masley <stevenmasley@coder.com>
Date: Thu, 12 Oct 2023 09:01:21 -0500
Subject: [PATCH 1/3] chore: add display name to member role

---
 coderd/rbac/roles.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/coderd/rbac/roles.go b/coderd/rbac/roles.go
index a54d8db381c0f..b94c90059a2c3 100644
--- a/coderd/rbac/roles.go
+++ b/coderd/rbac/roles.go
@@ -143,7 +143,7 @@ func ReloadBuiltinRoles(opts *RoleOptions) {
 
 	memberRole := Role{
 		Name:        member,
-		DisplayName: "",
+		DisplayName: "Member",
 		Site: Permissions(map[string][]Action{
 			ResourceRoleAssignment.Type: {ActionRead},
 			// All users can see the provisioner daemons.

From bd5373409fde4ff7a97f8403ac93a88b7565a033 Mon Sep 17 00:00:00 2001
From: Steven Masley <stevenmasley@coder.com>
Date: Thu, 12 Oct 2023 09:09:00 -0500
Subject: [PATCH 2/3] Do not let member role be assignable

---
 coderd/roles.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/coderd/roles.go b/coderd/roles.go
index bbee06d6927dd..b9c8057c4d8bd 100644
--- a/coderd/roles.go
+++ b/coderd/roles.go
@@ -58,7 +58,8 @@ func (api *API) assignableOrgRoles(rw http.ResponseWriter, r *http.Request) {
 func assignableRoles(actorRoles rbac.ExpandableRoles, roles []rbac.Role) []codersdk.AssignableRoles {
 	assignable := make([]codersdk.AssignableRoles, 0)
 	for _, role := range roles {
-		if role.DisplayName == "" {
+		// The member role is implied, and not assignable.
+		if role.Name == rbac.RoleMember() {
 			continue
 		}
 		assignable = append(assignable, codersdk.AssignableRoles{

From 6a547edac036ecf7b46fe5c9719805e7a774d595 Mon Sep 17 00:00:00 2001
From: Steven Masley <stevenmasley@coder.com>
Date: Thu, 12 Oct 2023 09:36:52 -0500
Subject: [PATCH 3/3] Ignore org member role for assignability atm

---
 coderd/roles.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/coderd/roles.go b/coderd/roles.go
index b9c8057c4d8bd..d985d7dca173d 100644
--- a/coderd/roles.go
+++ b/coderd/roles.go
@@ -59,7 +59,9 @@ func assignableRoles(actorRoles rbac.ExpandableRoles, roles []rbac.Role) []coder
 	assignable := make([]codersdk.AssignableRoles, 0)
 	for _, role := range roles {
 		// The member role is implied, and not assignable.
-		if role.Name == rbac.RoleMember() {
+		// If there is no display name, then the role is also unassigned.
+		// This is not the ideal logic, but works for now.
+		if role.Name == rbac.RoleMember() || (role.DisplayName == "") {
 			continue
 		}
 		assignable = append(assignable, codersdk.AssignableRoles{