app/views/admin/users/_access_control.html.erb
<% if policy(f.object).policies? %>
<h2>
Access control
</h2>
<p>
<% if f.object.kind_of?(User) && f.object != current_user %>
<%= f.check_box :activated %>
<label for="user_activated">
The user account is activated
</label>
<br />
<% end %>
<% Role.roles.each do |role| %>
<%= check_box_tag("#{model_name_from_record_or_class(f.object).param_key}[role_names][]",
role.name,
f.object.role?(role.name.to_sym),
id: "role-#{role.name}",
class: "role") %>
<label for="role-<%= role.name %>">
<%= role.description %>
</label>
<br>
<% end %>
</p>
<% end %>