X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fuser.ex;h=2e225415c3922c779acdf119e23e4b9bb28a7cc2;hb=29155137fdae15fccfaa68fb9c954e98078ce0c4;hp=7ce9e17df53f55e5ec31517bb564d256fcd916de;hpb=70410dfafd272bd1f38602446cc4f6e83645326f;p=akkoma

diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex
index 7ce9e17df..2e225415c 100644
--- a/lib/pleroma/user.ex
+++ b/lib/pleroma/user.ex
@@ -1882,9 +1882,9 @@ defmodule Pleroma.User do
       ])
 
     with {:ok, updated_user} <- update_and_set_cache(changeset) do
-      if user.is_admin && !updated_user.is_admin do
-        # Tokens & authorizations containing any admin scopes must be revoked (revoking all).
-        # This is an extra safety measure (tokens' admin scopes won't be accepted for non-admins).
+      if user.is_admin != updated_user.is_admin do
+        # Admin status change results in change of accessible OAuth scopes, and instead of changing
+        #   already issued tokens we revoke them, requiring user to sign in again
         global_sign_out(user)
       end