diff --git a/app/controllers/admin/user.js b/app/controllers/admin/user.js
index 8687940..e80949d 100644
--- a/app/controllers/admin/user.js
+++ b/app/controllers/admin/user.js
@@ -143,7 +143,7 @@ class UserAdminController extends SiteController {
       switch (req.body.action) {
         case 'update':
           if (req.user._id.equals(res.locals.userAccount._id)) {
-             if (req.user.flags.isAdmin && !(userDefinition.isAdmin === 'on')) {
+             if (req.user.flags.isAdmin && (req.body.isAdmin !== 'on')) {
                throw new SiteError(400, "You can't remove your own admin privileges");
              }
           }