diff --git a/src/main/resources/extensions/role-template-authenticated.yaml b/src/main/resources/extensions/role-template-authenticated.yaml
index 7045be170..434a77f6e 100644
--- a/src/main/resources/extensions/role-template-authenticated.yaml
+++ b/src/main/resources/extensions/role-template-authenticated.yaml
@@ -7,9 +7,12 @@ metadata:
     halo.run/hidden: "true"
   annotations:
     rbac.authorization.halo.run/dependencies: |
-      [ "role-template-own-user-info", "role-template-own-permissions", "role-template-change-own-password",
-      "role-template-manage-configmaps" ]
-rules: [ ]
+      [ "role-template-own-user-info", "role-template-own-permissions", "role-template-change-own-password" ]
+rules:
+  - apiGroups: [ "" ]
+    resources: [ "configmaps" ]
+    resourceNames: [ "system-states" ]
+    verbs: [ "get" ]
 ---
 apiVersion: v1alpha1
 kind: "Role"
diff --git a/src/main/resources/extensions/role-template-menu.yaml b/src/main/resources/extensions/role-template-menu.yaml
index dca426b5d..24a4d71df 100644
--- a/src/main/resources/extensions/role-template-menu.yaml
+++ b/src/main/resources/extensions/role-template-menu.yaml
@@ -23,7 +23,7 @@ metadata:
     halo.run/role-template: "true"
   annotations:
     rbac.authorization.halo.run/module: "Menus Management"
-    rbac.authorization.halo.run/display-name: "Menu Manage"
+    rbac.authorization.halo.run/display-name: "Menu View"
     rbac.authorization.halo.run/ui-permissions: |
       ["system:menus:view"]
 rules:
diff --git a/src/main/resources/extensions/role-template-plugin.yaml b/src/main/resources/extensions/role-template-plugin.yaml
index 8c851227b..0edc23b9f 100644
--- a/src/main/resources/extensions/role-template-plugin.yaml
+++ b/src/main/resources/extensions/role-template-plugin.yaml
@@ -6,7 +6,7 @@ metadata:
     halo.run/role-template: "true"
   annotations:
     rbac.authorization.halo.run/dependencies: |
-      [ "role-template-view-plugins", "role-template-manage-configmaps" ]
+      [ "role-template-view-plugins" ]
     rbac.authorization.halo.run/module: "Plugins Management"
     rbac.authorization.halo.run/display-name: "Plugin Manage"
     rbac.authorization.halo.run/ui-permissions: |
@@ -15,6 +15,8 @@ rules:
   - apiGroups: [ "plugin.halo.run" ]
     resources: [ "plugins" ]
     verbs: [ "create", "patch", "update", "delete", "deletecollection" ]
+  - nonResourceURLs: [ "/apis/api.console.halo.run/v1alpha1/plugins/install" ]
+    verbs: [ "create" ]
 ---
 apiVersion: v1alpha1
 kind: "Role"
@@ -23,7 +25,6 @@ metadata:
   labels:
     halo.run/role-template: "true"
   annotations:
-    rbac.authorization.halo.run/dependencies: "[ \"role-template-view-settings\" ]"
     rbac.authorization.halo.run/module: "Plugins Management"
     rbac.authorization.halo.run/display-name: "Plugin View"
     rbac.authorization.halo.run/ui-permissions: |
@@ -32,3 +33,6 @@ rules:
   - apiGroups: [ "plugin.halo.run" ]
     resources: [ "plugins" ]
     verbs: [ "get", "list" ]
+  - apiGroups: [ "api.console.halo.run" ]
+    resources: [ "plugins" ]
+    verbs: [ "get", "list" ]