From 3e970343af7d385dd466984d13038cc7d8ae29ae Mon Sep 17 00:00:00 2001
From: wpmuguru <wpmuguru@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Mon, 5 Apr 2010 22:28:21 +0000
Subject: [PATCH] add permission checks to grant/revoke_super_admin(), see
 #12109, related #12460

git-svn-id: http://svn.automattic.com/wordpress/trunk@14011 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-admin/includes/ms.php | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/wp-admin/includes/ms.php b/wp-admin/includes/ms.php
index a89876eb96..0b1ae2e78f 100644
--- a/wp-admin/includes/ms.php
+++ b/wp-admin/includes/ms.php
@@ -807,6 +807,11 @@ function _admin_notice_multisite_activate_plugins_page() {
  * @param $user_id
  */
 function grant_super_admin( $user_id ) {
+	global $current_user;
+
+	if ( $current_user->ID == $user_id || !current_user_can( 'manage_network_options' ) )
+		return;
+
 	$super_admins = get_site_option( 'site_admins', array( 'admin' ) );
 
 	$user = new WP_User( $user_id );
@@ -823,7 +828,15 @@ function grant_super_admin( $user_id ) {
  * @param $user_id
  */
 function revoke_super_admin( $user_id ) {
+	global $current_user;
+
+	if ( $current_user->ID == $user_id || !current_user_can( 'manage_network_options' ) )
+		return;
+
 	$super_admins = get_site_option( 'site_admins', array( 'admin' ) );
+	if ( count( $super_admins ) < 2 )
+		return;
+
 	$admin_email = get_site_option( 'admin_email' );
 	
 	$user = new WP_User( $user_id );