aboutsummaryrefslogtreecommitdiffstats
path: root/perllib/FixMyStreet/App/Controller/Admin.pm
diff options
context:
space:
mode:
Diffstat (limited to 'perllib/FixMyStreet/App/Controller/Admin.pm')
-rw-r--r--perllib/FixMyStreet/App/Controller/Admin.pm10
1 files changed, 9 insertions, 1 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Admin.pm b/perllib/FixMyStreet/App/Controller/Admin.pm
index 91af480a8..ce2a653a2 100644
--- a/perllib/FixMyStreet/App/Controller/Admin.pm
+++ b/perllib/FixMyStreet/App/Controller/Admin.pm
@@ -1148,10 +1148,18 @@ sub user_edit : Path('user_edit') : Args(1) {
$user->name( $c->get_param('name') );
$user->email( $c->get_param('email') );
$user->phone( $c->get_param('phone') ) if $c->get_param('phone');
- $user->from_body( $c->get_param('body') || undef );
$user->flagged( $c->get_param('flagged') || 0 );
# Only superusers can grant superuser status
$user->is_superuser( ( $c->user->is_superuser && $c->get_param('is_superuser') ) || 0 );
+ # Superusers can set from_body to any value, but other staff can only
+ # set from_body to the same value as their own from_body.
+ if ($c->user->is_superuser) {
+ $user->from_body( $c->get_param('body') || undef );
+ } elsif ($c->get_param('body') eq $c->user->from_body->id) {
+ $user->from_body( $c->user->from_body );
+ } else {
+ $user->from_body( undef );
+ }
unless ($user->email) {
$c->stash->{field_errors}->{email} = _('Please enter a valid email');
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-26 17:37:36 +0000