Skip to content

Commit c8f37b1

Browse files
kingjia90dvesh3
authored andcommitted
task: improve non-admin update user
1 parent 5811675 commit c8f37b1

File tree

1 file changed

+3
-2
lines changed

1 file changed

+3
-2
lines changed

Diff for: bundles/AdminBundle/Controller/Admin/UserController.php

+3-2
Original file line numberDiff line numberDiff line change
@@ -287,12 +287,13 @@ public function deleteAction(Request $request)
287287
public function updateAction(Request $request)
288288
{
289289
$user = User\UserRole::getById((int)$request->get('id'));
290+
$currentUserIsAdmin = $this->getAdminUser()->isAdmin();
290291

291292
if (!$user) {
292293
throw $this->createNotFoundException();
293294
}
294295

295-
if ($user instanceof User && $user->isAdmin() && !$this->getAdminUser()->isAdmin()) {
296+
if ($user instanceof User && $user->isAdmin() && !$currentUserIsAdmin) {
296297
throw $this->createAccessDeniedHttpException('Only admin users are allowed to modify admin users');
297298
}
298299

@@ -325,7 +326,7 @@ public function updateAction(Request $request)
325326

326327
// only admins are allowed to create admin users
327328
// if the logged in user isn't an admin, set admin always to false
328-
if ($user instanceof User && !$this->getAdminUser()->isAdmin()) {
329+
if ($user instanceof User && !$currentUserIsAdmin) {
329330
$user->setAdmin(false);
330331
}
331332

0 commit comments

Comments
 (0)