From 5b36df1ab38c0459e8b9590412b11bfc4d77b776 Mon Sep 17 00:00:00 2001
From: Athou <jeremiepanzer@gmail.com>
Date: Sun, 31 Mar 2013 09:04:30 +0200
Subject: [PATCH] cannot remove the admin role from he admin user

---
 .../commafeed/frontend/rest/resources/AdminUsersREST.java   | 6 ++++++
 src/main/webapp/js/controllers.js                           | 1 +
 2 files changed, 7 insertions(+)

diff --git a/src/main/java/com/commafeed/frontend/rest/resources/AdminUsersREST.java b/src/main/java/com/commafeed/frontend/rest/resources/AdminUsersREST.java
index c47f8253..d9fa09be 100644
--- a/src/main/java/com/commafeed/frontend/rest/resources/AdminUsersREST.java
+++ b/src/main/java/com/commafeed/frontend/rest/resources/AdminUsersREST.java
@@ -67,6 +67,12 @@ public class AdminUsersREST extends AbstractREST {
 			if (userModel.isAdmin() && !roles.contains(Role.ADMIN)) {
 				userRoleService.save(new UserRole(user, Role.ADMIN));
 			} else if (!userModel.isAdmin() && roles.contains(Role.ADMIN)) {
+				if (StartupBean.ADMIN_NAME.equals(user.getName())) {
+					return Response
+							.status(Status.FORBIDDEN)
+							.entity("You cannot remove the admin role from the admin user.")
+							.build();
+				}
 				for (UserRole userRole : userRoleService.findAll(user)) {
 					if (userRole.getRole() == Role.ADMIN) {
 						userRoleService.delete(userRole);
diff --git a/src/main/webapp/js/controllers.js b/src/main/webapp/js/controllers.js
index 29fe8b30..ada2e613 100644
--- a/src/main/webapp/js/controllers.js
+++ b/src/main/webapp/js/controllers.js
@@ -293,6 +293,7 @@ module.controller('ManageUserCtrl', function($scope, $state, $stateParams,
 		$state.transitionTo('admin.userlist');
 	}
 	$scope.save = function() {
+		$scope.alerts.splice(0, $scope.alerts.length);
 		AdminUsersService.save($scope.user, function() {
 			$state.transitionTo('admin.userlist');
 		}, alertFunction);