don't disable PIs in user-mgmt

simonLeary42 · simonLeary42 · commit 3c8149eb96ae · 2026-01-29T10:39:43.000-05:00
diff --git a/webroot/admin/user-mgmt.php b/webroot/admin/user-mgmt.php
@@ -10,6 +10,7 @@
     UnityHTTPD::forbidden("not an admin", "You are not an admin.");
 }
 
+$pi_uids = $LDAP->getAllNonDisabledPIGroupOwnerUIDs();
 $users_with_flags = [];
 foreach (UserFlag::cases() as $flag) {
     $users_with_flags[$flag->value] = $LDAP->userFlagGroups[$flag->value]->getMemberUIDs();
@@ -126,6 +127,13 @@ class="stripe compact hover"
             $access_button_disabled = "";
             [$action, $action_lowercase, $form_type] = ["Lock", "lock", "lockUser"];
         }
+        if (in_array($uid, $pi_uids)) {
+            $disable_button_disabled = "disabled";
+            $disable_button_title = "PI group owners cannot be disabled.";
+        } else {
+            $disable_button_disabled = "";
+            $disable_button_title = "";
+        }
         echo "
             <div style='display: flex; gap: 5px;'>
                 <form action='' method='POST'>
@@ -152,7 +160,14 @@ class="stripe compact hover"
                     $CSRFTokenHiddenFormInput
                     <input type='hidden' name='form_type' value='disableUser'>
                     <input type='hidden' name='uid' value='$uid'>
-                    <input type='submit' name='action' value='Disable' class='danger'>
+                    <input
+                        type='submit'
+                        name='action'
+                        value='Disable'
+                        class='danger'
+                        title='$disable_button_title'
+                        $disable_button_disabled
+                    >
                 </form>
             </div>
         ";
