diff --git a/data/dealspace.db-shm b/data/dealspace.db-shm
index cb3a346..dd338da 100644
Binary files a/data/dealspace.db-shm and b/data/dealspace.db-shm differ
diff --git a/data/dealspace.db-wal b/data/dealspace.db-wal
index d997589..b51ced7 100644
Binary files a/data/dealspace.db-wal and b/data/dealspace.db-wal differ
diff --git a/portal/templates/app/request.html b/portal/templates/app/request.html
index c740fdc..617715c 100644
--- a/portal/templates/app/request.html
+++ b/portal/templates/app/request.html
@@ -134,6 +134,26 @@
     let currentData = null;
     let currentAnswers = [];
 
+    async function applyRoleRestrictions() {
+      try {
+        const res = await fetchAPI('/api/auth/me');
+        if (!res.ok) return;
+        const me = await res.json();
+        const role = me.test_role || '';
+        const isReadOnly = role === 'buyer' || role === 'seller' || role === 'advisor';
+        if (isReadOnly) {
+          const ua = document.getElementById('uploadArea');
+          if (ua) ua.style.display = 'none';
+          const mb = document.getElementById('markAnsweredBtn');
+          if (mb) mb.style.display = 'none';
+          const eb = document.getElementById('editReqBtn');
+          if (eb) eb.style.display = 'none';
+          const cc = document.getElementById('commentComposer');
+          if (cc) cc.style.display = 'none';
+        }
+      } catch(e) {}
+    }
+
     async function loadAll() {
       try {
         const res = await fetchAPI('/api/requests/' + reqID);