Commit 34c8ca286aeeb6731d7b7d0cba3430564c2b2cd5
1 parent
12dbd0a4
Exists in
spb-stable
and in
3 other branches
Fix for edit user as admin
* It fixes an issue where you where able to remove your own admin rights. This would result in a 404 error. fixes: #2283 * It fixes an issue where you would be able to block your own account on the edit page. This fix makes the behaviour the same as on the admin/users overview page
Showing
1 changed file
with
6 additions
and
2 deletions
Show diff stats
app/views/admin/users/_form.html.haml
| @@ -56,8 +56,12 @@ | @@ -56,8 +56,12 @@ | ||
| 56 | 56 | ||
| 57 | .form-group | 57 | .form-group |
| 58 | = f.label :admin, class: 'control-label' | 58 | = f.label :admin, class: 'control-label' |
| 59 | - .col-sm-10= f.check_box :admin | ||
| 60 | - - unless @user.new_record? | 59 | + - if current_user == @user |
| 60 | + .col-sm-10= f.check_box :admin, disabled: true | ||
| 61 | + .col-sm-10 You cannot remove your own admin rights | ||
| 62 | + - else | ||
| 63 | + .col-sm-10= f.check_box :admin | ||
| 64 | + - unless @user.new_record? || current_user == @user | ||
| 61 | .alert.alert-danger | 65 | .alert.alert-danger |
| 62 | - if @user.blocked? | 66 | - if @user.blocked? |
| 63 | %p This user is blocked and is not able to login to GitLab | 67 | %p This user is blocked and is not able to login to GitLab |