diff options
| author | Georg Ehrke <dev@georgswebsite.de> | 2012-11-29 05:39:45 -0800 |
|---|---|---|
| committer | Georg Ehrke <dev@georgswebsite.de> | 2012-11-29 05:39:45 -0800 |
| commit | c38a75e03f9db02b82e71472d2f719079eb44829 (patch) | |
| tree | 064cddfad6b4b0715128ab8329c59adc6eeedfbb | |
| parent | 77ad5dc92e85567354d764514850a53b51e92f48 (diff) | |
| parent | e5af24d08489fa873380112f5ee081013aee58f3 (diff) | |
| download | nextcloud-server-c38a75e03f9db02b82e71472d2f719079eb44829.tar.gz nextcloud-server-c38a75e03f9db02b82e71472d2f719079eb44829.zip | |
Merge pull request #620 from owncloud/fix_600
Fix #600
| -rw-r--r-- | settings/ajax/togglegroups.php | 6 | ||||
| -rw-r--r-- | settings/js/users.js | 9 |
2 files changed, 8 insertions, 7 deletions
diff --git a/settings/ajax/togglegroups.php b/settings/ajax/togglegroups.php index de941f99132..931ab2689e2 100644 --- a/settings/ajax/togglegroups.php +++ b/settings/ajax/togglegroups.php @@ -7,6 +7,12 @@ $success = true; $username = $_POST["username"]; $group = OC_Util::sanitizeHTML($_POST["group"]); +if($username == OC_User::getUser() && $group == "admin" && OC_Group::inGroup($username, 'admin')){ + $l = OC_L10N::get('core'); + OC_JSON::error(array( 'data' => array( 'message' => $l->t('Admins can\'t remove themself from the admin group')))); + exit(); +} + if(!OC_Group::inGroup(OC_User::getUser(), 'admin') && (!OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username) || !OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group))) { $l = OC_L10N::get('core'); OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); diff --git a/settings/js/users.js b/settings/js/users.js index 517984f9247..f2ce69cf311 100644 --- a/settings/js/users.js +++ b/settings/js/users.js @@ -71,15 +71,10 @@ var UserList={ var tr = $('tbody tr').first().clone(); tr.attr('data-uid', username); tr.find('td.name').text(username); - var groupsSelect = $('<select multiple="multiple" class="groupsselect" data-placehoder="Groups" title="Groups">'); - groupsSelect.data('username', username); - groupsSelect.data('userGroups', groups); + var groupsSelect = $('<select multiple="multiple" class="groupsselect" data-placehoder="Groups" title="Groups"></select>').attr('data-username', username).attr('data-user-groups', groups); tr.find('td.groups').empty(); if (tr.find('td.subadmins').length > 0) { - var subadminSelect = $('<select multiple="multiple" class="subadminsselect" data-placehoder="subadmins" title="' + t('files', 'Group Admin') + '">'); - subadminSelect.data('username', username); - subadminSelect.data('userGroups', groups); - subadminSelect.data('subadmin', subadmin); + var subadminSelect = $('<select multiple="multiple" class="subadminsselect" data-placehoder="subadmins" title="' + t('files', 'Group Admin') + '">').attr('data-username', username).attr('data-user-groups', groups).attr('data-subadmin', subadmin); tr.find('td.subadmins').empty(); } var allGroups = String($('#content table').attr('data-groups')).split(', '); |