added placeholder to role selection, and handled validation error when user not selected

src/registrar/admin.py

@@ -229,7 +229,7 @@ class PortfolioPermissionsForm(forms.ModelForm):
 
     # Dropdown for selecting the user role (e.g., Admin or Basic)
     role = forms.ChoiceField(
-        choices=UserPortfolioRoleChoices.choices,
+        choices=[("", "---------")] + UserPortfolioRoleChoices.choices,
         required=True,
         widget=forms.Select(attrs={"class": "admin-dropdown"}),
         label="Member access",

src/registrar/assets/src/js/getgov-admin/portfolio-permissions-form.js

@@ -15,26 +15,26 @@ function handlePortfolioPermissionFields(){
      * Updates the visibility of portfolio permissions fields based on the selected role.
      * 
      * This function checks the value of the role dropdown (`roleDropdown`):
-     * - If the selected role is "organization_admin":
-     *     - Hides the domain permissions field (`domainPermissionsField`).
-     *     - Hides the domain request permissions field (`domainRequestPermissionsField`).
-     *     - Hides the member permissions field (`memberPermissionsField`).
+     * - If the selected role is "organization_member":
+     *     - Shows the domain permissions field (`domainPermissionsField`).
+     *     - Shows the domain request permissions field (`domainRequestPermissionsField`).
+     *     - Shows the member permissions field (`memberPermissionsField`).
      * - Otherwise:
-     *     - Shows all the above fields.
+     *     - Hides all the above fields.
      * 
      * The function ensures that the appropriate fields are dynamically displayed
      * or hidden depending on the role selection in the form.
      */
     function updatePortfolioPermissionsFormVisibility() {
         if (roleDropdown && domainPermissionsField && domainRequestPermissionsField && memberPermissionsField) {
-            if (roleDropdown.value === "organization_admin") {
-                hideElement(domainPermissionsField);
-                hideElement(domainRequestPermissionsField);
-                hideElement(memberPermissionsField);
-            } else {
+            if (roleDropdown.value === "organization_member") {
                 showElement(domainPermissionsField);
                 showElement(domainRequestPermissionsField);
                 showElement(memberPermissionsField);
+            } else {
+                hideElement(domainPermissionsField);
+                hideElement(domainRequestPermissionsField);
+                hideElement(memberPermissionsField);
             }
         }
     }

src/registrar/models/user_portfolio_permission.py

@@ -275,7 +275,12 @@ class UserPortfolioPermission(TimeStampedModel):
     def clean(self):
         """Extends clean method to perform additional validation, which can raise errors in django admin."""
         super().clean()
-        validate_user_portfolio_permission(self)
+        # Ensure user exists before running further validation
+        # In django admin, this clean method is called before form validation checks
+        # for required fields. Since validation below requires user, skip if user does
+        # not exist
+        if self.user_id:
+            validate_user_portfolio_permission(self)
 
     def delete(self, *args, **kwargs):