What is the priority of role and clusterrole?

If there is a user, it is only allowed to patch deploy in -n test. How to restrict?

Cluster information:

Kubernetes version: 1.16
Cloud being used: (put bare-metal if not on a public cloud)
Installation method:
Host OS:
CNI and version:
CRI and version:

You can format your yaml by highlighting it and pressing Ctrl-Shift-C, it will make your output easier to read.