From 4b543dbc76c0725b22f1ebce1d023ff5203e440c Mon Sep 17 00:00:00 2001
From: Ron Rennick <wpmuguru@git.wordpress.org>
Date: Mon, 5 Apr 2010 22:28:21 +0000
Subject: [PATCH] add permission checks to grant/revoke_super_admin(), see
 #12109, related #12460

git-svn-id: https://develop.svn.wordpress.org/trunk@14011 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-admin/includes/ms.php | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/wp-admin/includes/ms.php b/wp-admin/includes/ms.php
index a89876eb96..0b1ae2e78f 100644
--- a/wp-admin/includes/ms.php
+++ b/wp-admin/includes/ms.php
@@ -807,6 +807,11 @@ function _admin_notice_multisite_activate_plugins_page() {
  * @param $user_id
  */
 function grant_super_admin( $user_id ) {
+	global $current_user;
+
+	if ( $current_user->ID == $user_id || !current_user_can( 'manage_network_options' ) )
+		return;
+
 	$super_admins = get_site_option( 'site_admins', array( 'admin' ) );
 
 	$user = new WP_User( $user_id );
@@ -823,7 +828,15 @@ function grant_super_admin( $user_id ) {
  * @param $user_id
  */
 function revoke_super_admin( $user_id ) {
+	global $current_user;
+
+	if ( $current_user->ID == $user_id || !current_user_can( 'manage_network_options' ) )
+		return;
+
 	$super_admins = get_site_option( 'site_admins', array( 'admin' ) );
+	if ( count( $super_admins ) < 2 )
+		return;
+
 	$admin_email = get_site_option( 'admin_email' );
 	
 	$user = new WP_User( $user_id );