diff options
-rw-r--r-- | settings/ajax/togglegroups.php | 6 | ||||
-rw-r--r-- | settings/js/users.js | 3 |
2 files changed, 6 insertions, 3 deletions
diff --git a/settings/ajax/togglegroups.php b/settings/ajax/togglegroups.php index de941f99132..931ab2689e2 100644 --- a/settings/ajax/togglegroups.php +++ b/settings/ajax/togglegroups.php @@ -7,6 +7,12 @@ $success = true; $username = $_POST["username"]; $group = OC_Util::sanitizeHTML($_POST["group"]); +if($username == OC_User::getUser() && $group == "admin" && OC_Group::inGroup($username, 'admin')){ + $l = OC_L10N::get('core'); + OC_JSON::error(array( 'data' => array( 'message' => $l->t('Admins can\'t remove themself from the admin group')))); + exit(); +} + if(!OC_Group::inGroup(OC_User::getUser(), 'admin') && (!OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username) || !OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group))) { $l = OC_L10N::get('core'); OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); diff --git a/settings/js/users.js b/settings/js/users.js index 517984f9247..af83e0321a5 100644 --- a/settings/js/users.js +++ b/settings/js/users.js @@ -165,9 +165,6 @@ var UserList={ } if(user){ var checkHandeler=function(group){ - if(user==OC.currentUser && group=='admin'){ - return false; - } if(!isadmin && checked.length == 1 && checked[0] == group){ return false; } |