RED-4661 - RED_USER_ADMIN should not be able to delete RED_ADMINs

apps/red-ui/src/app/modules/admin/screens/user-listing/user-listing-screen.component.html

@@ -73,7 +73,7 @@
 
                 <iqser-circle-button
                     (action)="openDeleteUsersDialog([user.id], $event)"
-                    [disabled]="user.id === userService.currentUser.id"
+                    [disabled]="deleteDisabled(user)"
                     [tooltip]="'user-listing.action.delete' | translate"
                     [type]="circleButtonTypes.dark"
                     icon="iqser:trash"

apps/red-ui/src/app/modules/admin/screens/user-listing/user-listing-screen.component.ts

@@ -43,7 +43,7 @@ export class UserListingScreenComponent extends ListingComponent<User> implement
     readonly translations = rolesTranslations;
     readonly iconButtonTypes = IconButtonTypes;
     readonly circleButtonTypes = CircleButtonTypes;
-    readonly currentUser = this.userService.currentUser;
+    readonly currentUser = this._userService.currentUser;
     readonly canDeleteSelected$ = this.#canDeleteSelected$;
     readonly tableHeaderLabel = _('user-listing.table-header.title');
     readonly tableColumnConfigs: TableColumnConfig<User>[] = [
@@ -58,14 +58,14 @@ export class UserListingScreenComponent extends ListingComponent<User> implement
             action: (): void => this.openAddEditUserDialog(),
             type: IconButtonTypes.primary,
             icon: 'iqser:plus',
-            disabled$: this.userService.currentUser$.pipe(map(user => !user.isAdmin)),
+            disabled$: this._userService.currentUser$.pipe(map(user => !user.isAdmin)),
         },
     ];
     collapsedDetails = false;
     chartConfig: DonutChartConfig[] = [];
 
     constructor(
-        readonly userService: UserService,
+        private readonly _userService: UserService,
         private readonly _loadingService: LoadingService,
         private readonly _dialogService: AdminDialogService,
         private readonly _translateService: TranslateService,
@@ -110,7 +110,7 @@ export class UserListingScreenComponent extends ListingComponent<User> implement
     async toggleActive(user: User) {
         this._loadingService.start();
         const requestBody = { ...user, roles: user.isActive ? [] : ['RED_USER'] };
-        await firstValueFrom(this.userService.updateProfile(requestBody, user.id));
+        await firstValueFrom(this._userService.updateProfile(requestBody, user.id));
         await this.#loadData();
     }
 
@@ -119,7 +119,7 @@ export class UserListingScreenComponent extends ListingComponent<User> implement
     }
 
     async #loadData() {
-        await firstValueFrom(this.userService.loadAll());
+        await firstValueFrom(this._userService.loadAll());
         this.#computeStats();
         this._loadingService.stop();
     }
@@ -145,4 +145,10 @@ export class UserListingScreenComponent extends ListingComponent<User> implement
         };
         this.filterService.addFilterGroups([roleFiltersGroup]);
     }
+
+    deleteDisabled(user: User): boolean {
+        const userAdmin = user.roles.includes('RED_ADMIN');
+        const currentUserAdmin = this._userService.currentUser.roles.includes('RED_ADMIN');
+        return user.id === this._userService.currentUser.id || (userAdmin && !currentUserAdmin);
+    }
 }