Add permission set for managing User Roles

This permission set enables the user to manage roles and read users.

core/lib/spree/permission_sets.rb

@@ -13,6 +13,7 @@
 require 'spree/permission_sets/promotion_management'
 require 'spree/permission_sets/restricted_stock_display'
 require 'spree/permission_sets/restricted_stock_management'
+require 'spree/permission_sets/role_management'
 require 'spree/permission_sets/stock_display'
 require 'spree/permission_sets/stock_management'
 require 'spree/permission_sets/super_user'

core/lib/spree/permission_sets/role_management.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module Spree
+ module PermissionSets
+ # Permissions for viewing and editing the user roles.
+ #
+ # This permission set allows full control over roles, but only allows reading users.
+ class RoleManagement < PermissionSets::Base
+ def activate!
+ can [:read, :admin, :edit, :addresses, :orders, :items], Spree.user_class
+ can :manage, Spree::Role
+ end
+ end
+ end
+end

core/lib/spree/permission_sets/user_display.rb

@@ -10,7 +10,7 @@ class UserDisplay < PermissionSets::Base
  def activate!
  can [:read, :admin, :edit, :addresses, :orders, :items], Spree.user_class
  can [:read, :admin], Spree::StoreCredit
- can :read, Spree::Role
+ can [:read, :admin], Spree::Role
  end
  end
  end