Commit e2d22947 authored by Andrew Robert Nicols's avatar Andrew Robert Nicols
Browse files

Prevent admin users from suspending/deleting themselves if they're the only admin (Closes #616298).


Signed-off-by: default avatarAndrew Robert Nicols <andrew.nicols@luns.net.uk>
parent 77cfd878
......@@ -526,6 +526,15 @@ if ($id != $USER->get('id') && is_null($USER->get('parentuser'))) {
}
$smarty->assign('loginas', $loginas);
$smarty->assign('PAGEHEADING', TITLE . ': ' . display_name($user));
# Only allow deletion and suspension of a user if the viewed user is not
# the current user; or if they are the current user, they're not the only
# admin
if ($id != $USER->get('id') || count_records('usr', 'admin', 1, 'deleted', 0) > 1) {
$smarty->assign('suspendable', ($USER->get('admin') || !$user->get('admin') && !$user->get('staff')));
$smarty->assign('deletable', $USER->get('admin'));
}
$smarty->display('admin/users/edit.tpl');
?>
......@@ -37,8 +37,7 @@
{/if}
</td>
<td id="useraccountsettingsright">
<!--<h3>{str tag="suspenduser" section="admin"}</h3>-->
{if $USER->get('admin') || (!$user->get('admin') && !$user->get('staff')) }
{if $suspendable}
<div id="suspenddelete">
<h2>{str tag="suspenddeleteuser" section=admin}</h2>
<p>{str tag="suspenddeleteuserdescription" section=admin}</p>
......@@ -46,7 +45,7 @@
<h3>{str tag="suspenduser" section=admin}</h3>
{$suspendform|safe}
</div>
{if $USER->get('admin')}
{if $deletable}
<div id="delete">
<h3>{str tag=deleteuser section=admin}</h3>
<p>{str tag=deleteusernote section=admin}</p>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment