IntenseWebs/mattermost
3
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2025-02-25 18:55:24 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fixing state setting

Browse Source
This commit is contained in:
=Corey Hulen
2015-09-23 15:16:48 -07:00
parent 7f3bfdbe0c
commit 985aebf861
5 changed files with 102 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
api/user.go
View File

@@ -938,8 +938,8 @@ func updateRoles(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
if model.IsInRole(new_roles, model.ROLE_SYSTEM_ADMIN) {
c.Err = model.NewAppError("updateRoles", "The system_admin role can only be set from the command line", "")
if model.IsInRole(new_roles, model.ROLE_SYSTEM_ADMIN) && !c.IsSystemAdmin() {
c.Err = model.NewAppError("updateRoles", "The system_admin role can only be set by another system admin", "")
c.Err.StatusCode = http.StatusForbidden
return
}