Ticket #56 (defect)

I'd like to take care of this, or you could when I'm done with #29 (avoid conflicts).

I'll try to get the purpose of these strange line, but I think that ir's just a mistake.

• for the elseif, I'd add the missing flashMsg($msg); and redirect();
• for the else, I'd remove one of the $msg setting

tell me if it's right

ok, test it after the change

well, I changed my mind...

I think that there is a simpler behaviour:

• it's just not allowed to delete a superadmin
• there is a mean to delete a superadmin, and it's a 2 step process: change his role, then delete him
• BUT, nobody can change the role of an admin, except himself

so

• del() function tests the role and deletes only simple admins
• edit() function allows nobody to change the role of a superadmin, except himself, and he can do it only if there's another superadmin

what do you think ?

"BUT, nobody can change the role of an admin, except himself" I don't agree.

Let's take for example I'm the superadmin of my site, and I have an admin for news. What's if I have arguments with him and I don't wanna let him manage my news anymore?

With your approach the only way is to delete him right from the DB.

sorry, I meant superadmin

If you think this works go for it.

Dan

fixed in [279]

flags that control the display of the edit/delete links are now set in the controllers

$can_edit_user and $can_delete_user in the detail.php view

show_edit_link and show_delete_link in the list.php view

Milestone 1.0.5 deleted