don't allow removal of admin rights if there is only one admin

author: Luke Pulverenti <luke.pulverenti@gmail.com> 2013-05-24 16:47:07 -0400
committer: Luke Pulverenti <luke.pulverenti@gmail.com> 2013-05-24 16:47:07 -0400
commit: 41e3b2fb3aaeb688ba6c6078e79c3543baf8ca1e (patch)
tree: 3a318ae9bcc4bf889092a6f8bce821fbb0de09a7 /MediaBrowser.Api/UserService.cs
parent: ca3f804db6f65d5c4d6827889ba47f8c3c5bbb96 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/MediaBrowser.Api/UserService.cs b/MediaBrowser.Api/UserService.cs
index 44c11e790..54cf18396 100644
--- a/MediaBrowser.Api/UserService.cs
+++ b/MediaBrowser.Api/UserService.cs
@@ -285,6 +285,15 @@ namespace MediaBrowser.Api
 
             var user = _userManager.GetUserById(id);
 
+            // If removing admin access
+            if (!dtoUser.Configuration.IsAdministrator && user.Configuration.IsAdministrator)
+            {
+                if (_userManager.Users.Count(i => i.Configuration.IsAdministrator) == 1)
+                {
+                    throw new ArgumentException("There must be at least one user in the system with administrative access.");
+                }
+            }
+
             var task = user.Name.Equals(dtoUser.Name, StringComparison.Ordinal) ? _userManager.UpdateUser(user) : _userManager.RenameUser(user, dtoUser.Name);
 
             Task.WaitAll(task);
author	Luke Pulverenti <luke.pulverenti@gmail.com>	2013-05-24 16:47:07 -0400
committer	Luke Pulverenti <luke.pulverenti@gmail.com>	2013-05-24 16:47:07 -0400
commit	41e3b2fb3aaeb688ba6c6078e79c3543baf8ca1e (patch)
tree	3a318ae9bcc4bf889092a6f8bce821fbb0de09a7 /MediaBrowser.Api/UserService.cs
parent	ca3f804db6f65d5c4d6827889ba47f8c3c5bbb96 (diff)