From 777ae059f94ae7da177181c6bb3af4167b966076 Mon Sep 17 00:00:00 2001
From: Emmy D'Anello <emmy.danello@animath.fr>
Date: Sat, 20 May 2023 11:35:37 +0200
Subject: [PATCH] Non-admin users can't promote themselves to admin users

Signed-off-by: Emmy D'Anello <emmy.danello@animath.fr>
---
 registration/views.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/registration/views.py b/registration/views.py
index fc89247..a7bd048 100644
--- a/registration/views.py
+++ b/registration/views.py
@@ -275,6 +275,8 @@ class UserUpdateView(UserMixin, UpdateView):
         if not self.request.user.registration.is_admin:
             if "team" in context["registration_form"].fields:
                 del context["registration_form"].fields["team"]
+            if "admin" in context["registration_form"].fields:
+                del context["registration_form"].fields["admin"]
             del context["registration_form"].fields["email_confirmed"]
         return context
 
@@ -286,6 +288,8 @@ class UserUpdateView(UserMixin, UpdateView):
         if not self.request.user.registration.is_admin:
             if "team" in registration_form.fields:
                 del registration_form.fields["team"]
+            if "admin" in registration_form.fields:
+                del registration_form.fields["admin"]
             del registration_form.fields["email_confirmed"]
 
         if not registration_form.is_valid():