pull/938/head
Ozzieisaacs 6 years ago
parent c81d4edb7d
commit f5e3ed26b9

@ -3246,10 +3246,16 @@ def edit_user(user_id):
if request.method == "POST": if request.method == "POST":
to_save = request.form.to_dict() to_save = request.form.to_dict()
if "delete" in to_save: if "delete" in to_save:
if ub.session.query(ub.User).filter(and_(ub.User.role.op('&')
(ub.ROLE_ADMIN)== ub.ROLE_ADMIN,
ub.User.id != content.id)).count():
ub.session.query(ub.User).filter(ub.User.id == content.id).delete() ub.session.query(ub.User).filter(ub.User.id == content.id).delete()
ub.session.commit() ub.session.commit()
flash(_(u"User '%(nick)s' deleted", nick=content.nickname), category="success") flash(_(u"User '%(nick)s' deleted", nick=content.nickname), category="success")
return redirect(url_for('admin')) return redirect(url_for('admin'))
else:
flash(_(u"No admin user remaining, can't delete user", nick=content.nickname), category="error")
return redirect(url_for('admin'))
else: else:
if "password" in to_save and to_save["password"]: if "password" in to_save and to_save["password"]:
content.password = generate_password_hash(to_save["password"]) content.password = generate_password_hash(to_save["password"])

Loading…
Cancel
Save