Don't allow saving of a user with no local account file

CHANGELOG.md

@@ -3,6 +3,7 @@
 
 1. [](#bugfix)
     * Added custom object support for filepicker field
+    * Don't allow saving of a user with no local account file
 
 # v1.8.1
 ## 05/15/2018

classes/admincontroller.php

@@ -613,12 +613,14 @@ class AdminController extends AdminBaseController
 
         // Special handler for user data.
         if ($this->view === 'user') {
+            if (!$this->grav['user']->exists()) {
+                $this->admin->setMessage($this->admin->translate('PLUGIN_ADMIN.NO_USER_EXISTS'),'error');
+                return false;
+            }
             if (!$this->admin->authorize(['admin.super', 'admin.users'])) {
-                //not admin.super or admin.users
+                // no user file or not admin.super or admin.users
                 if ($this->prepareData($data)->username !== $this->grav['user']->username) {
-                    $this->admin->setMessage($this->admin->translate('PLUGIN_ADMIN.INSUFFICIENT_PERMISSIONS_FOR_TASK') . ' save.',
-                        'error');
-
+                    $this->admin->setMessage($this->admin->translate('PLUGIN_ADMIN.INSUFFICIENT_PERMISSIONS_FOR_TASK') . ' save.','error');
                     return false;
                 }
             }

languages/en.yaml

@@ -441,6 +441,7 @@ PLUGIN_ADMIN:
   PAGE_FILE: "Page Template"
   PAGE_FILE_HELP: "Page template file name, and by default the display template for this page"
   NO_USER_ACCOUNTS: "No user accounts found, please create one first..."
+  NO_USER_EXISTS: "No local user exists for this account, cannot save..."
   REDIRECT_TRAILING_SLASH: "Redirect trailing slash"
   REDIRECT_TRAILING_SLASH_HELP: "Perform a 301 redirect rather than transparently handling trailing slash URIs."
   DEFAULT_DATE_FORMAT: "Page date format"