diff --git a/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/RoleDefinition_getRoleNameItemList.xml b/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/RoleDefinition_getRoleNameItemList.xml
index ebf1fb18c1df1d8c8a0c36c27e170a50dcb16edb..4e06638b5f646f9cb616ea4723f564a1d5b8833f 100644
--- a/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/RoleDefinition_getRoleNameItemList.xml
+++ b/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/RoleDefinition_getRoleNameItemList.xml
@@ -54,13 +54,10 @@
         <item>
             <key> <string>_body</string> </key>
             <value> <string>from Products.ERP5Type.Message import translateString\n
-item_list = [(\'\', \'\')]\n
 \n
-for role in context.valid_roles():\n
-  if role not in (\'Owner\', \'Manager\', \'Assignor\',):\n
-    item_list.append((translateString(role), role))\n
-\n
-return item_list\n
+return [(translateString(role), role)\n
+        for role in context.valid_roles()\n
+        if role not in (\'Owner\', \'Manager\')]\n
 </string> </value>
         </item>
         <item>
@@ -99,7 +96,8 @@ return item_list\n
                           <tuple>
                             <string>Products.ERP5Type.Message</string>
                             <string>translateString</string>
-                            <string>item_list</string>
+                            <string>append</string>
+                            <string>$append0</string>
                             <string>_getiter_</string>
                             <string>_getattr_</string>
                             <string>context</string>
diff --git a/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/RoleDefinition_viewFieldLibrary/my_role_name.xml b/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/RoleDefinition_viewFieldLibrary/my_role_name.xml
index 1140c558b57b26e2322d0e509ccd5444597261a0..64a54ec9ea0c8048018e6307270e8ff83a689edc 100644
--- a/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/RoleDefinition_viewFieldLibrary/my_role_name.xml
+++ b/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/RoleDefinition_viewFieldLibrary/my_role_name.xml
@@ -13,9 +13,9 @@
             <key> <string>delegated_list</string> </key>
             <value>
               <list>
-                <string>title</string>
                 <string>description</string>
                 <string>items</string>
+                <string>title</string>
               </list>
             </value>
         </item>
@@ -133,7 +133,7 @@
       <dictionary>
         <item>
             <key> <string>_text</string> </key>
-            <value> <string>here/RoleDefinition_getRoleNameItemList</string> </value>
+            <value> <string>python: [(\'\',\'\')] + here.RoleDefinition_getRoleNameItemList()</string> </value>
         </item>
       </dictionary>
     </pickle>
diff --git a/bt5/erp5_base/bt/revision b/bt5/erp5_base/bt/revision
index 748e6f1af544d497e99e1f5c583027349aa4a4c3..a869e998c0e3bac924179254460c4911d81e84a6 100644
--- a/bt5/erp5_base/bt/revision
+++ b/bt5/erp5_base/bt/revision
@@ -1 +1 @@
-637
\ No newline at end of file
+638
\ No newline at end of file
diff --git a/product/ERP5/Document/RoleDefinition.py b/product/ERP5/Document/RoleDefinition.py
index 1b161505ff4c987e56738b170f39d3a1cb58a7eb..72122f62c129bdbf42a16ccd9360efcc8d97a616 100644
--- a/product/ERP5/Document/RoleDefinition.py
+++ b/product/ERP5/Document/RoleDefinition.py
@@ -25,7 +25,7 @@
 #
 ##############################################################################
 
-from AccessControl import ClassSecurityInfo
+from AccessControl import ClassSecurityInfo, Unauthorized
 from Products.CMFCore.utils import getToolByName
 from Products.ERP5Type import Permissions, PropertySheet, Constraint, interfaces
 from Products.ERP5Type.XMLObject import XMLObject
@@ -49,3 +49,9 @@ class RoleDefinition(XMLObject):
                       , PropertySheet.DublinCore
                       , PropertySheet.RoleDefinition
                       )
+
+    def _setRoleName(self, value):
+      if value and value not in \
+         zip(*self.RoleDefinition_getRoleNameItemList())[1]:
+        raise Unauthorized("You are not allowed to give %s role" % value)
+      self._baseSetRoleName(value)
diff --git a/product/ERP5/tests/testERP5Web.py b/product/ERP5/tests/testERP5Web.py
index 6b4bd952b0a20d6217577cbddbbcb70de4ceb468..571e3465736349fd3c83da7ec17204d082b4ef57 100644
--- a/product/ERP5/tests/testERP5Web.py
+++ b/product/ERP5/tests/testERP5Web.py
@@ -1043,6 +1043,8 @@ class TestERP5WebWithSimpleSecurity(ERP5TypeTestCase):
                           site.get_local_roles_for_userid(person_reference))
     self.assertSameSet(('Associate',),
                           section.get_local_roles_for_userid(person_reference))
+    self.assertRaises(Unauthorized, site_role_definition.edit,
+                      role_name='Manager')
 
     # delete Role Definition and check again (local roles must be gone too)
     site.manage_delObjects(site_role_definition.getId())