From 5fbed888cfa121dd397ebce0ae6d75810a5f11cd Mon Sep 17 00:00:00 2001
From: twwu <twwu@dify.ai>
Date: Tue, 19 May 2026 18:14:27 +0800
Subject: [PATCH] refactor: refine role assignment logic and enhance dataset
 access permissions

---
 .../header/account-setting/members-page/member-menu.tsx         | 2 +-
 web/app/components/header/index.tsx                             | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/web/app/components/header/account-setting/members-page/member-menu.tsx b/web/app/components/header/account-setting/members-page/member-menu.tsx
index db516afb1d..21c0585ece 100644
--- a/web/app/components/header/account-setting/members-page/member-menu.tsx
+++ b/web/app/components/header/account-setting/members-page/member-menu.tsx
@@ -36,7 +36,7 @@ const MemberMenu = ({
   const [assignModalOpen, setAssignModalOpen] = useState(false)
 
   const isOwner = member.role === 'owner'
-  const canAssignRoles = !isOwner
+  const canAssignRoles = !isOwner && !isCurrentUser
   const canRemove = !isOwner && !isCurrentUser
   const showTransferOwnership = isOwner && canTransferOwnership
 
diff --git a/web/app/components/header/index.tsx b/web/app/components/header/index.tsx
index 55c3a50fe1..0ee41ca720 100644
--- a/web/app/components/header/index.tsx
+++ b/web/app/components/header/index.tsx
@@ -47,7 +47,7 @@ const Header = () => {
 
   const canAccessExplorePage = hasPermission(workspacePermissionKeys, 'page.explore.access')
   const canAccessAppsPage = hasPermission(workspacePermissionKeys, 'app_library.access')
-  const canAccessDatasetsPage = hasPermission(workspacePermissionKeys, 'dataset.access_config')
+  const canAccessDatasetsPage = hasPermission(workspacePermissionKeys, ['dataset.create', 'dataset.tag.manage', 'dataset.external.connect'])
   const canAccessToolsPage = hasPermission(workspacePermissionKeys, 'page.tool.access')
 
   const renderLogo = () => (