From 34c8ca286aeeb6731d7b7d0cba3430564c2b2cd5 Mon Sep 17 00:00:00 2001
From: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com>
Date: Sat, 11 Jan 2014 14:54:49 +0100
Subject: Fix for edit user as admin

* It fixes an issue where you where able to remove your own
  admin rights. This would result in a 404 error. fixes: #2283
* It fixes an issue where you would be able to block your own
  account on the edit page. This fix makes the behaviour the same
  as on the admin/users overview page
---
 app/views/admin/users/_form.html.haml | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/app/views/admin/users/_form.html.haml b/app/views/admin/users/_form.html.haml
index 4e8024a80cc..98bf65bc420 100644
--- a/app/views/admin/users/_form.html.haml
+++ b/app/views/admin/users/_form.html.haml
@@ -56,8 +56,12 @@
 
       .form-group
         = f.label :admin, class: 'control-label'
-        .col-sm-10= f.check_box :admin
-      - unless @user.new_record?
+        - if current_user == @user
+          .col-sm-10= f.check_box :admin, disabled: true
+          .col-sm-10 You cannot remove your own admin rights
+        - else
+          .col-sm-10= f.check_box :admin
+      - unless @user.new_record? || current_user == @user
         .alert.alert-danger
           - if @user.blocked?
             %p This user is blocked and is not able to login to GitLab
-- 
cgit v1.2.1