From 60e348fcc188d150b5452cde56ddc941d949daf6 Mon Sep 17 00:00:00 2001
From: advplyr <advplyr@protonmail.com>
Date: Mon, 2 Sep 2024 16:12:57 -0500
Subject: [PATCH] Fix:Updating root user #3366

---
 server/controllers/UserController.js | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/server/controllers/UserController.js b/server/controllers/UserController.js
index 46ba943eb3..f895c0d014 100644
--- a/server/controllers/UserController.js
+++ b/server/controllers/UserController.js
@@ -205,9 +205,12 @@ class UserController {
   async update(req, res) {
     const user = req.reqUser
 
-    if (user.type === 'root' && !req.user.isRoot) {
+    if (user.isRoot && !req.user.isRoot) {
       Logger.error(`[UserController] Admin user "${req.user.username}" attempted to update root user`)
       return res.sendStatus(403)
+    } else if (user.isRoot) {
+      // Root user cannot update type
+      delete req.body.type
     }
 
     const updatePayload = req.body