From 6e12e2fa595c0dd4ce080eb27e9a48585df51736 Mon Sep 17 00:00:00 2001
From: Lauri Ojansivu <x@xet7.org>
Date: Tue, 20 Aug 2019 19:16:44 +0300
Subject: [PATCH] [Fix: Some users cannot switch views or
 languages](https://github.com/wekan/wekan/issues/2630).

Thanks to xet7 and justinr1234.
---
 models/users.js | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/models/users.js b/models/users.js
index 1adb4a578..dc286128d 100644
--- a/models/users.js
+++ b/models/users.js
@@ -257,10 +257,23 @@ Users.attachSchema(
   }),
 );
 
+Users.before.update(function(userId, fieldNames) {
+  const user = Users.findOne({ _id: userId });
+  if (user && user.isAdmin || Meteor.user() && Meteor.user().isAdmin) { return true; }
+  if (!user) { return false; }
+  if (_.contains(fieldNames, 'services')) { return false; }
+  if (_.contains(fieldNames, 'heartBeat')) { return false; }
+  if (_.contains(fieldNames, 'isAdmin')) { return false; }
+  if (_.contains(fieldNames, 'loginDisabled')) { return false; }
+  if (_.contains(fieldNames, 'authenticationMethod')) { return false; }
+});
+
 Users.allow({
-  update(userId) {
-    const user = Users.findOne(userId);
-    return user && Meteor.user().isAdmin; // GitHub issue #2590
+  update(userId, doc) {
+     const user = Users.findOne({ _id: userId });
+     if (user && user.isAdmin || Meteor.user() && Meteor.user().isAdmin) return true;
+     if (!user) { return false; }
+     return doc._id === userId;
   },
   remove(userId, doc) {
     const adminsNumber = Users.find({ isAdmin: true }).count();