From 1c90c4f9dee75f1309f07b900d769b1b6e598514 Mon Sep 17 00:00:00 2001
From: John Cardinal <support@ayanova.com>
Date: Tue, 27 Apr 2021 21:16:02 +0000
Subject: [PATCH]

---
 server/AyaNova/biz/UserBiz.cs | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/server/AyaNova/biz/UserBiz.cs b/server/AyaNova/biz/UserBiz.cs
index 74ff0954..273e5144 100644
--- a/server/AyaNova/biz/UserBiz.cs
+++ b/server/AyaNova/biz/UserBiz.cs
@@ -714,6 +714,25 @@ namespace AyaNova.Biz
                 AddError(ApiErrorCode.VALIDATION_NOT_UNIQUE, "Login");
             }
 
+
+            //SUPERUSER ACCOUNT CAN"T BE MODIFIED IN SOME WAYS
+            if(!isNew && proposedObj.Id==1){
+                //prevent certain changes to superuser account like roles etc
+
+                if(proposedObj.Roles!=currentObj.Roles)
+                    AddError(ApiErrorCode.NOT_AUTHORIZED, "Roles");
+                
+                if(proposedObj.Active!=currentObj.Active)
+                    AddError(ApiErrorCode.NOT_AUTHORIZED, "Active");
+
+                if(proposedObj.Name!=currentObj.Name)
+                    AddError(ApiErrorCode.NOT_AUTHORIZED, "Name");
+
+                if(proposedObj.UserType!=currentObj.UserType)
+                    AddError(ApiErrorCode.NOT_AUTHORIZED, "UserType");
+                
+            }
+
             //TODO: Validation rules that require future other objects that aren't present yet:
             /*