Skip to content

Bugfix/2808 admin user should be able to remove admin privileges from the other admin user#2964

Open
vishu-bh wants to merge 5 commits intomainfrom
bugfix/2808-Admin-user-should-be-able-to-remove-admin-privileges-from-the-other-admin-user
Open

Bugfix/2808 admin user should be able to remove admin privileges from the other admin user#2964
vishu-bh wants to merge 5 commits intomainfrom
bugfix/2808-Admin-user-should-be-able-to-remove-admin-privileges-from-the-other-admin-user

Conversation

@vishu-bh
Copy link
Collaborator

🔗 Related Issue

Closes # #2808


📝 Summary

What does this PR do and why?

This PR fixes thes issue When an admin user tries to remove the admin privileges from the other admin user, API returns error message. It should not return an error message untill it is the last admin.

Key Changes:

  • Added a new hidden form field in edit user form "disable_admin_protection". This field is sent to HTMX when edit user button is clicked.
  • Added a new method to set this property to true or false based on user selection action for administrator checkbox. By default this field is None. And when an admin uncheck admin privileges from the other admin user from edit user screen, this field will update to true. And sent back to API with the request.
  • In email_auth_service.py, existing check to protect_all_admins is updated to protect_all_admins if this new flag is false, otherwise skip this check.

The root cause was: There is a flag in config called 'protect_all_admins'. This flag is set to true by in configuration. Hence, it was restricting other admins to demote other admins.


🏷️ Type of Change

  • Bug fix
  • Feature / Enhancement
  • Documentation
  • Refactor
  • Chore (deps, CI, tooling)
  • Other (describe below)

🧪 Verification

Check Command Status
Lint suite make lint ✅ Passed (Pylint score: 10/10)
Unit tests make test ✅ Passed (updated unit tests with the changes)
Coverage ≥ 80% make coverage ✅ Passed (100% for modified files, 99%+ overal

✅ Checklist

  • Code formatted (make black isort pre-commit)
  • Tests added/updated for changes
  • Documentation updated (if applicable)
  • No secrets or credentials committed

📓 Notes (optional)

Screenshots, design decisions, or additional context.

Signed-off-by: Vishu Bhatnagar <vishu.bhatnagar@ibm.com>
…ove-admin-privileges-from-the-other-admin-user
…ove-admin-privileges-from-the-other-admin-user
@vishu-bh vishu-bh marked this pull request as draft February 16, 2026 09:39
@vishu-bh vishu-bh marked this pull request as ready for review February 16, 2026 10:57
@crivetimihai crivetimihai added this to the Release 1.0.0-RC1 milestone Feb 16, 2026
@ja8zyjits
Copy link
Member

Hi @vishu-bh,

  1. Please fix the linters.
  2. Add your sign-off in the previous commits for all the checks here to pass,
    you may run git rebase --signoff HEAD~5

@ja8zyjits ja8zyjits self-requested a review February 17, 2026 11:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants