From af588be5276fca1cc5d9b593152b643e53a8930e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?David=20Barrag=C3=A1n=20Merino?=
 <david.barragan@kaleidos.net>
Date: Thu, 17 Mar 2016 20:42:10 +0100
Subject: [PATCH] Project owners can not be no admin

---
 taiga/projects/serializers.py         | 10 +++++++---
 tests/integration/test_memberships.py | 14 ++++++++++++++
 2 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/taiga/projects/serializers.py b/taiga/projects/serializers.py
index 3c649ece..93de28c3 100644
--- a/taiga/projects/serializers.py
+++ b/taiga/projects/serializers.py
@@ -190,9 +190,13 @@ class MembershipSerializer(serializers.ModelSerializer):
         if project is None:
             project = self.object.project
 
-        if (self.object and
-                not services.project_has_valid_admins(project, exclude_user=self.object.user)):
-            raise serializers.ValidationError(_("In this project at least one of the users must be an active admin."))
+        if (self.object):
+            if self.object.user.id == project.owner_id and attrs[source] != True:
+                raise serializers.ValidationError(_("Project owner must be admin."))
+
+            if not services.project_has_valid_admins(project, exclude_user=self.object.user):
+                raise serializers.ValidationError(_("In this project at least one of the users "
+                                                    "must be an active admin."))
 
         return attrs
 
diff --git a/tests/integration/test_memberships.py b/tests/integration/test_memberships.py
index a408f838..3b9df18c 100644
--- a/tests/integration/test_memberships.py
+++ b/tests/integration/test_memberships.py
@@ -347,6 +347,20 @@ def test_api_edit_membership(client):
 
     assert response.status_code == 200
 
+def test_api_change_owner_membership_to_no_admin_return_error(client):
+    project = f.ProjectFactory()
+    membership_owner = f.MembershipFactory(project=project, user=project.owner, is_admin=True)
+    membership = f.MembershipFactory(project=project, is_admin=True)
+
+    url = reverse("memberships-detail", args=[membership_owner.id])
+    data = {"is_admin": False}
+
+    client.login(membership.user)
+    response = client.json.patch(url, json.dumps(data))
+
+    assert response.status_code == 400
+    assert 'is_admin' in response.data
+
 
 def test_api_delete_membership(client):
     membership = f.MembershipFactory(is_admin=True)