Don't let institutional admins delete users (bug 3141)

htdocs/admin/users/edit.php

@@ -298,10 +298,20 @@ $deleteform = pieform(array(
     ),
 ));
 
+function edituser_delete_validate(Pieform $form, $values) {
+    global $USER, $SESSION;
+    if (!$USER->get('admin')) {
+        $form->set_error('submit', get_string('deletefailed', 'admin'));
+        $SESSION->add_error_msg(get_string('deletefailed', 'admin'));
+    }
+}
+
 function edituser_delete_submit(Pieform $form, $values) {
-    global $SESSION;
-    delete_user($values['id']);
-    $SESSION->add_ok_msg(get_string('userdeletedsuccessfully', 'admin'));
+    global $SESSION, $USER;
+    if ($USER->get('admin')) {
+        delete_user($values['id']);
+        $SESSION->add_ok_msg(get_string('userdeletedsuccessfully', 'admin'));
+    }
     redirect('/admin/users/search.php');
 }
 

htdocs/theme/default/templates/admin/users/edit.tpl

@@ -34,11 +34,13 @@
                 <h4>{str tag="suspenduser" section=admin}</h4>
                 {$suspendform}
             </td>
+            {if $USER->get('admin')}
             <td id="delete">
                 <h4>{str tag=deleteuser section=admin}</h4>
                 <p>{str tag=deleteusernote section=admin}</p>
                 {$deleteform}
             </td>
+            {/if}
         </tr>
     </table>