diff --git a/endpoints/api/superuser.py b/endpoints/api/superuser.py
index 0606154fa..62218075f 100644
--- a/endpoints/api/superuser.py
+++ b/endpoints/api/superuser.py
@@ -9,7 +9,7 @@ from flask import request
import features
-from app import app, avatar, superusers, authentication
+from app import app, avatar, superusers, authentication, config_provider
from endpoints.api import (ApiResource, nickname, resource, validate_json_request,
internal_only, require_scope, show_if, parse_args,
query_param, abort, require_fresh_login, path_param, verify_not_prod)
@@ -397,6 +397,18 @@ class SuperUserManagement(ApiResource):
user.enabled = bool(user_data['enabled'])
user.save()
+ if 'superuser' in user_data:
+ config_object = config_provider.get_config()
+ superusers_set = set(config_object['SUPER_USERS'])
+
+ if user_data['superuser']:
+ superusers_set.add(username)
+ elif username in superusers_set:
+ superusers_set.remove(username)
+
+ config_object['SUPER_USERS'] = list(superusers_set)
+ config_provider.save_config(config_object)
+
return user_view(user, password=user_data.get('password'))
abort(403)
diff --git a/static/js/pages/superuser.js b/static/js/pages/superuser.js
index 5976e3c60..2b6d9e461 100644
--- a/static/js/pages/superuser.js
+++ b/static/js/pages/superuser.js
@@ -160,6 +160,31 @@
}, errorHandler)
};
+ $scope.setSuperuser = function(user, status) {
+ var setSuperuser = function() {
+ var params = {
+ 'username': user.username
+ };
+
+ var data = {
+ 'superuser': status
+ };
+
+ ApiService.changeInstallUser(data, params).then(function(resp) {
+ $scope.requiresRestart = true;
+ }, ApiService.errorDisplay('Could not change user'));
+ };
+
+ var msg = 'Note: This change, once applied, will require your installation ' +
+ 'to be restarted to take effect';
+
+ bootbox.confirm(msg, function(status) {
+ if (status) {
+ setSuperuser();
+ }
+ });
+ };
+
$scope.showDeleteUser = function(user) {
if (user.username == UserService.currentUser().username) {
bootbox.dialog({
diff --git a/static/partials/super-user.html b/static/partials/super-user.html
index 8b7ff1483..ce08488f3 100644
--- a/static/partials/super-user.html
+++ b/static/partials/super-user.html
@@ -185,6 +185,17 @@
<td style="text-align: center;">
<span class="cor-options-menu"
ng-if="user.username != current_user.username && !current_user.super_user">
+ <span class="cor-option" option-click="setSuperuser(current_user, true)"
+ quay-show="!current_user.super_user">
+ <i class="fa">Ω</i>
+ Make Superuser
+ </span>
+ <span class="cor-option" option-click="setSuperuser(current_user, false)"
+ quay-show="current_user.super_user">
+ <i class="fa">ω</i>
+ Remove Superuser
+ </span>
+
<span class="cor-option" option-click="showChangeEmail(current_user)"
quay-show="Config.AUTHENTICATION_TYPE == 'Database'">
<i class="fa fa-envelope-o"></i> Change E-mail Address