diff --git a/app/controllers/panel/users_controller.rb b/app/controllers/panel/users_controller.rb
index d0fcdf6c..b7b9c688 100644
--- a/app/controllers/panel/users_controller.rb
+++ b/app/controllers/panel/users_controller.rb
@@ -43,7 +43,10 @@ class Panel::UsersController < ApplicationController
@user.remove_avatar! if params[:file]
@user.avatar = params[:file] if params[:file]
- if @user.update_attributes(params[:user])
+ if @user.id.to_s.eql?(session['warden.user.user.key'][1].to_s) && @user.admin != params[:user][:admin].to_i.to_b
+ flash.now[:error] = t('panel.cant_revoke_self_admin')
+ end
+ if !flash[:error] && @user.update_attributes(params[:user])
flash[:notice] = t('panel.update_success_user')
redirect_to :action => :index
else
diff --git a/app/models/user.rb b/app/models/user.rb
index 1c5ab9a7..40ec3eac 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -11,7 +11,7 @@ class User
embeds_many :user_roles
embeds_many :user_infos
- before_update :clean_active_roles
+ before_save :clean_active_roles
# Update or create the user_role records
def user_roles=(*attrs)
diff --git a/app/views/panel/users/_form.html.erb b/app/views/panel/users/_form.html.erb
index 86afefe6..1deeb445 100644
--- a/app/views/panel/users/_form.html.erb
+++ b/app/views/panel/users/_form.html.erb
@@ -17,6 +17,10 @@
<%= f.label :email %>
<%= f.text_field :email %>
+
+ <%= t('panel.admin') %>
+ <%= f.check_box :admin %>
+
<% if @user_info_models %>
@@ -32,7 +36,6 @@
<% end %>
-<%= hidden_field_tag :active_roles, (@user.active_roles.size > 0 rescue nil ) %>
<% if @user_role_models %>