2 files changed, 27 insertions, 23 deletions

diff --git a/apioforum/forum.py b/apioforum/forum.py
index 9d84a69..f86629d 100644
--- a/apioforum/forum.py
+++ b/apioforum/forum.py
@@ -235,13 +235,11 @@ def edit_user_role(forum, username):
             abort(403)
         existing = db.execute("SELECT * FROM role_assignments WHERE user = ?;",(username,)).fetchone()
         if existing:
-            if role == "":
-                db.execute("DELETE FROM role_assignments WHERE user = ?;",(username,))
-            else:
-                db.execute("UPDATE role_assignments SET role = ? WHERE user = ?;",(role,username))
-            db.commit()
-        elif role != "":
-            db.execute("INSERT INTO role_assignments (user,role) VALUES (?,?);",(username,role))
+            db.execute("DELETE FROM role_assignments WHERE user = ?;",(username,))
+        if role != "":
+            db.execute(
+                "INSERT INTO role_assignments (user,role,forum) VALUES (?,?,?);",
+                (username,role,forum['id']))
             db.commit()
         flash("role assigned assignedly")
         return redirect(url_for('forum.view_forum',forum_id=forum['id']))
@@ -250,6 +248,12 @@ def edit_user_role(forum, username):
         if user == None:
             return render_template("role_assignment.html",
                     forum=forum,user=username,invalid_user=True)
+        r = db.execute(
+                "SELECT role FROM role_assignments WHERE user = ?;",(username,)).fetchone()
+        if not r:
+            assigned_role = ""
+        else:
+            assigned_role = r[0]
         role = get_user_role(forum['id'], username)
         if is_bureaucrat(forum['id'], g.user):
             roles = get_forum_roles(forum['id'])
@@ -258,7 +262,8 @@ def edit_user_role(forum, username):
         else:
             roles = ["approved"]
         return render_template("role_assignment.html",
-                forum=forum,user=username,role=role,forum_roles=roles)
+                forum=forum,user=username,role=role,
+                assigned_role=assigned_role,forum_roles=roles)
 
 @bp.route("/search")
 def search():
diff --git a/apioforum/templates/role_assignment.html b/apioforum/templates/role_assignment.html
index d56c060..b212606 100644
--- a/apioforum/templates/role_assignment.html
+++ b/apioforum/templates/role_assignment.html
@@ -18,36 +18,35 @@
 	<input type="submit" value="view"/>
 </form>
 
+{% set can_change = not invalid_user and user %}
 {% if invalid_user %}
 	<p>requested user does not exist.</p>
-	<p>
-		<a href="{{url_for('forum.view_forum',forum_id=forum.id)}}">cancel</a>
-	</p>
 {% elif user %}
 <hr/>
-<form method="post">
+<form method="post" id="role-form">
 	<p>{{user}}'s role in this forum is "{{role}}"</p>
-	{% if role == "other" or is_bureaucrat(forum.id, g.user) %}
-		<label for="role">assign role: </label>
-		<select name="role" id="role" value="">
+	{% set can_change = role == "other" or is_bureaucrat(forum.id, g.user) %}
+	{% if can_change %}
+		<label for="role">assigned role: </label>
+		<select name="role" id="role" autocomplete="off">
 			<option value="">(no assigned role)</option>
 			{% for role in forum_roles %}
-				<option value="{{role}}">{{role}}</option>
+				<option value="{{role}}" 
+						{% if role == assigned_role %}selected{% endif %}>
+					{{role}}
+				</option>
 			{% endfor %}
 		</select>
 	{% else %}
 		<p>you do not have permission to change the role of this user</p>
 	{% endif %}
-	<p>confirm changes?</p>
-	<p>
-		<input type="submit" value="confirm">
-		<a href="{{url_for('forum.view_forum',forum_id=forum.id)}}">cancel</a>
-	</p>
 </form>
-{% else %}
+{% endif %}
+
+{% if can_change %}<p>confirm changes?</p>{% endif %}
 <p>
+{% if can_change %}<input type="submit" value="confirm" form="role-form">{% endif %}
 	<a href="{{url_for('forum.view_forum',forum_id=forum.id)}}">cancel</a>
 </p>
-{% endif %}
 
 {% endblock %}