From c688970b321abe492d97e2e2fa96dafd6e3f6255 Mon Sep 17 00:00:00 2001
From: Stefan Auditor <stefan.auditor@erdfisch.de>
Date: Sun, 15 Apr 2018 19:53:24 +0200
Subject: [PATCH] Respect user enabled flag in admin authentication

---
 core/admin/mailu/internal/views.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/core/admin/mailu/internal/views.py b/core/admin/mailu/internal/views.py
index 2b441ce7..b97d329e 100644
--- a/core/admin/mailu/internal/views.py
+++ b/core/admin/mailu/internal/views.py
@@ -27,7 +27,8 @@ def admin_authentication():
     """ Fails if the user is not an authenticated admin.
     """
     if (not flask_login.current_user.is_anonymous
-        and flask_login.current_user.global_admin):
+        and flask_login.current_user.global_admin
+        and flask_login.current_user.enabled):
         return ""
     return flask.abort(403)