From 114ab6834cd4aa9754ff95cdc1ea14363f2f98e2 Mon Sep 17 00:00:00 2001
From: Athou <jeremiepanzer@gmail.com>
Date: Tue, 12 Aug 2014 10:35:09 +0200
Subject: [PATCH] admin user can be disabled now (fix #605)

---
 .../java/com/commafeed/frontend/resource/AdminREST.java    | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/main/java/com/commafeed/frontend/resource/AdminREST.java b/src/main/java/com/commafeed/frontend/resource/AdminREST.java
index 2df3c29d..3af933ee 100644
--- a/src/main/java/com/commafeed/frontend/resource/AdminREST.java
+++ b/src/main/java/com/commafeed/frontend/resource/AdminREST.java
@@ -78,10 +78,11 @@ public class AdminREST {
 				return Response.status(Status.CONFLICT).entity(e.getMessage()).build();
 			}
 		} else {
-			User u = userDAO.findById(id);
-			if (CommaFeedApplication.USERNAME_ADMIN.equals(u.getName()) && !userModel.isEnabled()) {
-				return Response.status(Status.FORBIDDEN).entity("You cannot disable the admin user.").build();
+			if (userModel.getId().equals(user.getId()) && !userModel.isEnabled()) {
+				return Response.status(Status.FORBIDDEN).entity("You cannot disable your own account.").build();
 			}
+
+			User u = userDAO.findById(id);
 			u.setName(userModel.getName());
 			if (StringUtils.isNotBlank(userModel.getPassword())) {
 				u.setPassword(encryptionService.getEncryptedPassword(userModel.getPassword(), u.getSalt()));