Added admin check

app/Http/Controllers/Api/UsersController.php

@@ -462,7 +462,7 @@ class UsersController extends Controller
                 }
             }
 
-            $user->permissions = $permissions_array;
+            $user->permissions = json_encode($permissions_array);
         }
 
         // 

app/Http/Controllers/Users/UsersController.php

@@ -259,12 +259,19 @@ class UsersController extends Controller
         // Figure out of this user was an admin before this edit
         $orig_permissions_array = $user->decodePermissions();
         $orig_superuser = '0';
+        $orig_admin = '0';
         if (is_array($orig_permissions_array)) {
             if (array_key_exists('superuser', $orig_permissions_array)) {
                 $orig_superuser = $orig_permissions_array['superuser'];
             }
         }
 
+        if (is_array($orig_permissions_array)) {
+            if (array_key_exists('admin', $orig_permissions_array)) {
+                $orig_admin = $orig_permissions_array['admin'];
+            }
+        }
+
 
         // Update the user fields
 
@@ -323,6 +330,11 @@ class UsersController extends Controller
                 $permissions_array['superuser'] = $orig_superuser;
             }
 
+            if ((! auth()->user()->isSuperUser()) && (! auth()->user()->isAdmin())) {
+                unset($permissions_array['admin']);
+                $permissions_array['admin'] = $orig_admin;
+            }
+
             $user->permissions = json_encode($permissions_array);
 
             // Only save groups if the user is a superuser