echosystem.fr
/
phpservermon
mirror of https://github.com/phpservermon/phpservermon.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixed removing and demoting last admin (#841) 

Fixes #824.


Co-authored-by: Tim <TimZ99@users.noreply.github.com>
This commit is contained in:
Nayef Alebrahim 2020-02-04 18:16:30 +03:00 committed by GitHub
parent 71c4114747
commit 3568a5700b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
src/psm/Module/User/Controller/UserController.php
View File

@ -274,13 +274,6 @@ class UserController extends AbstractController
$user_validator->username($clean['user_name'], $user_id);
$user_validator->email($clean['email']);
$user_validator->level($clean['level']);
if (
count($this->db->select(PSM_DB_PREFIX . 'users', array('level' => PSM_USER_ADMIN))) == 1 &&
$this->getUser()->getUserLevel() == PSM_USER_ADMIN
) {
$this->addMessage(psm_get_lang('users', 'error_user_admin_cant_be_deleted'), 'warning');
$clean['level'] = PSM_USER_ADMIN;
}
// always validate password for new users,
// but only validate it for existing users when they change it.
@ -302,6 +295,15 @@ class UserController extends AbstractController
if ($user_id > 0) {
// edit user
unset($clean['password']); // password update is executed separately
$admins = $this->db->select(PSM_DB_PREFIX . 'users', array('level' => PSM_USER_ADMIN));
if (
(int) count($admins) === (int) 1 &&
(int) $admins[0]['user_id'] === (int) $user_id &&
(int) $clean['level'] === (int) PSM_USER_USER
) {
$this->addMessage(psm_get_lang('users', 'error_user_admin_cant_be_deleted'), 'warning');
$clean['level'] = PSM_USER_ADMIN;
}
$this->db->save(PSM_DB_PREFIX . 'users', $clean, array('user_id' => $user_id));
$this->addMessage(psm_get_lang('users', 'updated'), 'success');
@ -352,7 +354,11 @@ class UserController extends AbstractController
try {
$this->container->get('util.user.validator')->userId($id);
if (count($this->db->select(PSM_DB_PREFIX . 'users', array('level' => PSM_USER_ADMIN))) == 1) {
$admins = $this->db->select(PSM_DB_PREFIX . 'users', array('level' => PSM_USER_ADMIN));
if (
(int) count($admins) === (int) 1 &&
(int) $admins[0]['user_id'] === (int) $id
) {
$this->addMessage(psm_get_lang('users', 'error_user_admin_cant_be_deleted'), 'error');
} else {
$this->db->delete(PSM_DB_PREFIX . 'users', array('user_id' => $id,));