From f75286e112ee2d35401c16fa9aa02c345fefecdb Mon Sep 17 00:00:00 2001
From: amcmanu3 <mcdeweykp@gmail.com>
Date: Fri, 19 Aug 2022 15:14:42 -0400
Subject: [PATCH] Fix logical issue in panel_handler

---
 app/classes/web/panel_handler.py | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/app/classes/web/panel_handler.py b/app/classes/web/panel_handler.py
index 624450c5..da5bd7b9 100644
--- a/app/classes/web/panel_handler.py
+++ b/app/classes/web/panel_handler.py
@@ -1138,9 +1138,13 @@ class PanelHandler(BaseHandler):
                     )
                     return
             if (
-                self.controller.users.get_user_by_id(user_id)["manager"]
-                != exec_user["user_id"]
-            ) and not exec_user["superuser"]:
+                (
+                    self.controller.users.get_user_by_id(user_id)["manager"]
+                    != exec_user["user_id"]
+                )
+                and not exec_user["superuser"]
+                and str(exec_user["user_id"]) != str(user_id)
+            ):
                 self.redirect(
                     "/panel/error?error=Unauthorized access: you cannot edit this user"
                 )