fix role & role pernissions for user

apps/authorization/api/v1/serializers.py

@@ -139,17 +139,17 @@ class UserRelationSerializer(serializers.ModelSerializer):
                 # set permissions by a default structure like:
                 # 'page permission':[element permissions]
                 permissions = instance.permissions.filter(is_active=True)
-                representation['permissions'] = PermissionSerializer().permissions_structure_output(permissions)
+                representation['permissions'] = (
+                    PermissionSerializer().permissions_structure_output(permissions) +
+                    PermissionSerializer().permissions_structure_output(instance.role.permissions.all())
+                )
+
         return representation
 
     def update(self, instance, validated_data):
         """ update user relation object """
 
-        # if role of user changed, clear all permissions and set new role permissions for user
-        if not instance.role == validated_data.get('role', instance.role):
-            instance.role = validated_data.get('role', instance.role)
-            instance.permissions.clear()
-            instance.permissions.add(*instance.role.permissions.all())
+        instance.role = validated_data.get('role', instance.role)
 
         instance.organization = validated_data.get('organization', instance.organization)
         instance.save()