From dcd96b0a93f15a9428f18d41dbda40add9759e45 Mon Sep 17 00:00:00 2001
From: "Romain B." <8530352+Rom1-B@users.noreply.github.com>
Date: Mon, 2 Dec 2024 12:25:53 +0100
Subject: [PATCH] fix(user): can not update is_active field

---
 src/Dropdown.php  |  6 +++++-
 src/User.php      |  7 ++++++-
 src/UserEmail.php | 14 ++++++++++++--
 3 files changed, 23 insertions(+), 4 deletions(-)

diff --git a/src/Dropdown.php b/src/Dropdown.php
index 90e6478b1da..1b8db84c1f5 100644
--- a/src/Dropdown.php
+++ b/src/Dropdown.php
@@ -2178,7 +2178,11 @@ public static function showFromArray($name, array $elements, $options = [])
                     $to_display[] = $elements[$value];
                 }
             }
-            $output .= '<span class="form-control" readonly style="width: ' . $param["width"] . '">' . implode(', ', $to_display) . '</span>';
+            $output .= '<span class="form-control" readonly style="width: ' . $param["width"] . '"';
+            if ($param['tooltip']) {
+                $output .= ' title="' . htmlspecialchars($param['tooltip'], ENT_QUOTES) . '"';
+            }
+            $output .= '>' . implode(', ', $to_display) . '</span>';
         } else {
             $output  .= "<select name='$field_name' id='$field_id'";
 
diff --git a/src/User.php b/src/User.php
index 78633b57356..4bec60850c0 100644
--- a/src/User.php
+++ b/src/User.php
@@ -2765,7 +2765,12 @@ public function showForm($ID, array $options = [])
         if (!GLPI_DEMO_MODE) {
             $activerand = mt_rand();
             echo "<td><label for='dropdown_is_active$activerand'>" . __('Active') . "</label></td><td>";
-            Dropdown::showYesNo('is_active', $this->fields['is_active'], -1, ['rand' => $activerand]);
+            $params = ['rand' => $activerand];
+            if (!$higherrights) {
+                $params['readonly'] = true;
+                $params['tooltip'] = __('Not enough rights to change this field');
+            }
+            Dropdown::showYesNo('is_active', $this->fields['is_active'], -1, $params);
             echo "</td>";
         } else {
             echo "<td colspan='2'></td>";
diff --git a/src/UserEmail.php b/src/UserEmail.php
index 3c4a2582fa7..3a2c4c850da 100644
--- a/src/UserEmail.php
+++ b/src/UserEmail.php
@@ -257,7 +257,12 @@ public static function showForUser(User $user)
         ) {
             return;
         }
-        $canedit = ($user->can($users_id, UPDATE) || ($users_id == Session::getLoginUserID()));
+        $canedit = (
+            (
+                $user->can($users_id, UPDATE)
+                && ($user->currentUserHaveMoreRightThan($users_id)))
+            || ($users_id == Session::getLoginUserID())
+        );
 
         parent::showChildsForItemForm($user, '_useremails', $canedit);
     }
@@ -273,7 +278,12 @@ public static function showAddEmailButton(User $user)
         if (!$user->can($users_id, READ) && ($users_id != Session::getLoginUserID())) {
             return false;
         }
-        $canedit = ($user->can($users_id, UPDATE) || ($users_id == Session::getLoginUserID()));
+        $canedit = (
+            (
+                $user->can($users_id, UPDATE)
+                && ($user->currentUserHaveMoreRightThan($users_id)))
+            || ($users_id == Session::getLoginUserID())
+        );
 
         parent::showAddChildButtonForItemForm($user, '_useremails', $canedit);