From 41e3b2fb3aaeb688ba6c6078e79c3543baf8ca1e Mon Sep 17 00:00:00 2001 From: Luke Pulverenti Date: Fri, 24 May 2013 16:47:07 -0400 Subject: [PATCH] don't allow removal of admin rights if there is only one admin --- MediaBrowser.Api/UserService.cs | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/MediaBrowser.Api/UserService.cs b/MediaBrowser.Api/UserService.cs index 44c11e790..54cf18396 100644 --- a/MediaBrowser.Api/UserService.cs +++ b/MediaBrowser.Api/UserService.cs @@ -285,6 +285,15 @@ namespace MediaBrowser.Api var user = _userManager.GetUserById(id); + // If removing admin access + if (!dtoUser.Configuration.IsAdministrator && user.Configuration.IsAdministrator) + { + if (_userManager.Users.Count(i => i.Configuration.IsAdministrator) == 1) + { + throw new ArgumentException("There must be at least one user in the system with administrative access."); + } + } + var task = user.Name.Equals(dtoUser.Name, StringComparison.Ordinal) ? _userManager.UpdateUser(user) : _userManager.RenameUser(user, dtoUser.Name); Task.WaitAll(task);