From 7fd32f9461cc66bf2ad7e85898c55dfdef35ccc6 Mon Sep 17 00:00:00 2001
From: Kristiaan Van den Eynde <magentix@gmail.com>
Date: Mon, 26 Jun 2017 11:30:29 +0200
Subject: [PATCH] interdiff

---
 core/modules/user/src/RoleAccessControlHandler.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/core/modules/user/src/RoleAccessControlHandler.php b/core/modules/user/src/RoleAccessControlHandler.php
index e979f2d..f784a31 100644
--- a/core/modules/user/src/RoleAccessControlHandler.php
+++ b/core/modules/user/src/RoleAccessControlHandler.php
@@ -20,7 +20,12 @@ class RoleAccessControlHandler extends EntityAccessControlHandler {
   protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
     switch ($operation) {
       case 'delete':
-        if ($entity->id() == RoleInterface::ANONYMOUS_ID || $entity->id() == RoleInterface::AUTHENTICATED_ID) {
+        $internal_roles = [
+          RoleInterface::ANONYMOUS_ID,
+          RoleInterface::AUTHENTICATED_ID,
+          RoleInterface::ADMINISTRATOR_ID,
+        ];
+        if (in_array($entity->id(), $internal_roles)) {
           return AccessResult::forbidden();
         }
 
-- 
2.8.1