Admin cannot be removed from admin group. An admin cannot remove themself from the Admin group. Fixes #11481.

2010-03-22 15:56:39 -07:00 · 2010-03-22 15:56:39 -07:00 · 7b8f9027a0
commit 7b8f9027a0
parent f5fd970c94
2 changed files with 4 additions and 3 deletions
--- a/docs/changelog/7.x.x.txt
+++ b/docs/changelog/7.x.x.txt
@ -10,6 +10,7 @@
 - fixed #11482: Template hard-coded in deactivateAccount
 - fixed #11485: RedirectAfterLoginUrl Setting should not override returnUrl and redirectAfterLogin scratch
 - fixed #11466: Can't delete attached file in CS
+ - fixed #11481: Problem assignment group Admin to an User

 7.9.0
 - added #11383: AJAX username checks at registration (Luke Robinson / Orchard Solutions)
--- a/lib/WebGUI/Operation/User.pm
+++ b/lib/WebGUI/Operation/User.pm
@ -720,9 +720,9 @@ sub www_editUser {
 	my @include; 
 	foreach my $group (@exclude) {
 		unless (
-			$group eq "1" || $group eq "2" || $group eq "7" # can't remove user from magic groups 
-			|| ($session->user->userId eq $u->userId  && $group eq 3) # cannot remove self from admin
-			|| ($u->isAdmin && $group eq "3") # admin user cannot be remove from admin
+			$group eq "1" || $group eq "2" || $group eq "7"     # can't remove user from magic groups 
+			|| ($session->user->userId eq $uid  && $group eq 3) # cannot remove self from admin
+			|| ($uid eq '3' && $group eq "3")                   # user Admin cannot be removed from admin group
 			) {
 			push(@include,$group);
 		}