diff options
author | =Corey Hulen <corey@hulen.com> | 2015-10-06 10:50:38 -0700 |
---|---|---|
committer | =Corey Hulen <corey@hulen.com> | 2015-10-06 10:50:38 -0700 |
commit | 3b4b79d99f8795a26c38b843ca822f38e27ddc23 (patch) | |
tree | d41300c2eec8dbaa7d02ec41695c78b83866461d /api | |
parent | 3d4220ce5ffc34186ef8f9e0f031507cd91b10fa (diff) | |
download | chat-3b4b79d99f8795a26c38b843ca822f38e27ddc23.tar.gz chat-3b4b79d99f8795a26c38b843ca822f38e27ddc23.tar.bz2 chat-3b4b79d99f8795a26c38b843ca822f38e27ddc23.zip |
Adding checkout for system admin role
Diffstat (limited to 'api')
-rw-r--r-- | api/user.go | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/api/user.go b/api/user.go index 2d7dd9ab1..78f8768a4 100644 --- a/api/user.go +++ b/api/user.go @@ -991,7 +991,7 @@ func updateRoles(c *Context, w http.ResponseWriter, r *http.Request) { } if model.IsInRole(new_roles, model.ROLE_SYSTEM_ADMIN) && !c.IsSystemAdmin() { - c.Err = model.NewAppError("updateRoles", "The system_admin role can only be set by another system admin", "") + c.Err = model.NewAppError("updateRoles", "The system admin role can only be set by another system admin", "") c.Err.StatusCode = http.StatusForbidden return } @@ -1014,6 +1014,12 @@ func updateRoles(c *Context, w http.ResponseWriter, r *http.Request) { return } + if user.IsInRole(model.ROLE_SYSTEM_ADMIN) && !c.IsSystemAdmin() { + c.Err = model.NewAppError("updateRoles", "The system admin role can only by modified by another system admin", "") + c.Err.StatusCode = http.StatusForbidden + return + } + ruser := UpdateRoles(c, user, new_roles) if c.Err != nil { return |