From 4de9dec1f1517754e4c15b6ba15b0aa897142847 Mon Sep 17 00:00:00 2001
From: Thomas Quandt <thquad@gmail.com>
Date: Fri, 5 Mar 2021 09:43:57 +0100
Subject: [PATCH] Dont allow user to edit cnsi when admin_only (4876)

Signed-off-by: Thomas Quandt <thquad@gmail.com>
---
 src/jetstream/main.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/jetstream/main.go b/src/jetstream/main.go
index bcb1705263..6ad5f6d3fd 100644
--- a/src/jetstream/main.go
+++ b/src/jetstream/main.go
@@ -1123,7 +1123,7 @@ func (p *portalProxy) registerRoutes(e *echo.Echo, needSetupMiddleware bool) {
 	// static html will be returned instead. That's why we use the path ""
 	stableEndpointAdminAPIGroup := stableAdminAPIGroup.Group("")
 
-	if p.GetConfig().UserEndpointsEnabled != config.UserEndpointsConfigEnum.Disabled {
+	if p.GetConfig().UserEndpointsEnabled == config.UserEndpointsConfigEnum.Enabled {
 		stableEndpointAdminAPIGroup.Use(p.endpointAdminMiddleware)
 		stableEndpointAdminAPIGroup.POST("/endpoints", p.pluginRegisterRouter)
 		// Use middleware in route directly, because documentation is faulty