open-source-mirrors
/
overseerr
mirror of https://github.com/sct/overseerr
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix(api): allow server owner to delete other admin accounts

Browse Source
pull/1413/head
sct 4 years ago
parent 2a869f74eb
commit 2ac6fe7f6d
No known key found for this signature in database
GPG Key ID: 77D146606D30DCCD
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
server/routes/user/index.ts
Unescape View File

@ -281,7 +281,7 @@ router.delete<{ id: string }>(
});
}
if (user.hasPermission(Permission.ADMIN)) {
if (user.hasPermission(Permission.ADMIN) && req.user?.id !== 1) {
return next({
status: 405,
message: 'You cannot delete users with administrative privileges.',

Write Preview
Loading…
Cancel
Save