set_user_role (demote) and admin_delete_user counted ALL admins incl. suspended ones, so with e.g. 1 active + 1 suspended admin you could demote/delete the only ACTIVE admin — leaving a single suspended admin who can never sign in → permanent admin lockout needing DB surgery. Now both guards mirror the (already-correct) suspend guard: block only when the target is an active admin AND it's the last one (`not target.is_suspended and count_admins(active_only=True) <= 1`) — which also correctly still allows removing a SUSPENDED admin while one active admin remains. |
||
|---|---|---|
| .. | ||
| alembic | ||
| app | ||
| alembic.ini | ||
| Dockerfile | ||
| entrypoint.sh | ||
| log_config.json | ||
| requirements.txt | ||