Prevented self edit of active/superuser/verified flags

Author: zonia3000

src/lib/components/admin/UserEditor.svelte

@@ -1,5 +1,6 @@
 <script>
 	import { goto } from '$app/navigation';
+	import { page } from '$app/stores';
 	import { nullifyEmptyStrings, removeNullValues } from '$lib/common/component_utilities';
 	import { displayStandardErrorAlert, getValidationMessagesMap } from '$lib/common/errors';
 	import { onMount } from 'svelte';
@@ -166,7 +167,7 @@
 				<span class="invalid-feedback">{validationErrors['username']}</span>
 			</div>
 		</div>
-		{#if user.id}
+		{#if user.id && user.id !== $page.data.userInfo.id}
 			<div class="row mb-3">
 				<div class="col-sm-9 offset-sm-3">
 					<div class="form-check">

tests/users_crud.spec.js

@@ -157,6 +157,11 @@ test('Create, update and delete a user', async ({ page }) => {
 		verifyChecked(userRow, 4, false);
 		verifyChecked(userRow, 5, true);
 	});
+
+	await test.step("Verify that the admin can't edit his/her superuser status", async () => {
+		await page.goto(`/admin/users/1/edit`);
+		expect(await page.locator('input[type="checkbox"]').count()).toEqual(0);
+	});
 });
 
 /**