LP#1446860 Staff were able to edit their own accounts.

This change reverses what appears to be a thinko in the
original programming.  If the editing user is the same
as the user being edited, disable the Save button.

Signed-off-by: Chris Sharp <csharp@georgialibraries.org>
Signed-off-by: Ben Shum <bshum@biblio.org>

diff --git a/Open-ILS/web/js/ui/default/actor/user/register.js b/Open-ILS/web/js/ui/default/actor/user/register.js
index ced646f..e5846fc 100644 (file)
--- a/Open-ILS/web/js/ui/default/actor/user/register.js
+++ b/Open-ILS/web/js/ui/default/actor/user/register.js
@@ -302,7 +302,7 @@ function load() {
 
        dojo.connect(setExpireDate, 'onClick', setExpireDateHandler);
 
-    if(!patron.isnew() && !checkGrpAppPerm(patron.profile()) && patron.id() != openils.User.user.id()) {
+    if(!patron.isnew() && !checkGrpAppPerm(patron.profile()) && patron.id() == openils.User.user.id()) {
         // we are not allowed to edit this user, so disable the save option
         saveButton.attr('disabled', true);
         saveCloneButton.attr('disabled', true);