diff options
Diffstat (limited to 'api')
-rw-r--r-- | api/user.go | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/api/user.go b/api/user.go index 5be703bfb..2edbde3e2 100644 --- a/api/user.go +++ b/api/user.go @@ -938,8 +938,8 @@ func updateRoles(c *Context, w http.ResponseWriter, r *http.Request) { return } - if model.IsInRole(new_roles, model.ROLE_SYSTEM_ADMIN) { - c.Err = model.NewAppError("updateRoles", "The system_admin role can only be set from the command line", "") + if model.IsInRole(new_roles, model.ROLE_SYSTEM_ADMIN) && !c.IsSystemAdmin() { + c.Err = model.NewAppError("updateRoles", "The system_admin role can only be set by another system admin", "") c.Err.StatusCode = http.StatusForbidden return } |