Index: modules/user/user.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/user/user.module,v
retrieving revision 1.777
diff -u -p -r1.777 user.module
--- modules/user/user.module	30 Apr 2007 17:03:29 -0000	1.777
+++ modules/user/user.module	5 May 2007 23:55:20 -0000
@@ -755,6 +755,10 @@ function user_edit_access($account) {
   return ($GLOBALS['user']->uid == $account->uid) || array('administer users');
 }
 
+function user_delete_access($account) {
+  return ($account->uid > 1 && user_access('administer users'));
+}
+
 function user_load_self($arg) {
   $arg[1] = user_load($GLOBALS['user']->uid);
   return $arg;
@@ -933,8 +937,8 @@ function user_menu() {
   $items['user/%user/delete'] = array(
     'title' => 'Delete',
     'page callback' => 'user_edit',
-    'access callback' => 'user_access',
-    'access arguments' => array('administer users'),
+    'access callback' => 'user_delete_access',
+    'access arguments' => array(1),
     'type' => MENU_CALLBACK,
   );
 
@@ -1580,7 +1584,7 @@ function user_edit($category = 'account'
   $form['_category'] = array('#type' => 'value', '#value' => $category);
   $form['_account'] = array('#type' => 'value', '#value' => $account);
   $form['submit'] = array('#type' => 'submit', '#value' => t('Submit'), '#weight' => 30);
-  if (user_access('administer users')) {
+  if (user_access('administer users') && ($account->uid != 1)) {
     $form['delete'] = array('#type' => 'submit', '#value' => t('Delete'), '#weight' => 31);
   }
   $form['#attributes']['enctype'] = 'multipart/form-data';
@@ -2269,6 +2273,12 @@ function user_admin_account_validate($fo
   if (count($form_values['accounts']) == 0) {
     form_set_error('', t('No users selected.'));
   }
+  if ($form_values['operation'] == 'delete') {
+    if (!empty($form_values['accounts'][1])) {
+      $user = user_load(1);
+      form_set_error('', t('%name is the superuser and cannot be deleted.', array('%name' => $user->name)));
+    }
+  }
 }
 
 /**
@@ -2488,7 +2498,7 @@ function user_admin($callback_arg = '') 
       $output = drupal_get_form('user_register');
       break;
     default:
-      if (!empty($_POST['accounts']) && isset($_POST['operation']) && ($_POST['operation'] == 'delete')) {
+      if (!empty($_POST['accounts']) && isset($_POST['operation']) && ($_POST['operation'] == 'delete') && empty($_POST['accounts'][1])) {
         $output = drupal_get_form('user_multiple_delete_confirm');
       }
       else {