Add protected_usernames() config function

tailbone/config.py

@@ -56,3 +56,6 @@ class ConfigExtension(BaseExtension):
 def legacy_mobile_enabled(config):
     return config.getbool('tailbone', 'legacy_mobile.enabled',
                           default=True)
+
+def protected_usernames(config):
+    return config.getlist('tailbone', 'protected_usernames')

tailbone/views/users.py

@@ -42,6 +42,7 @@ from tailbone import forms
 from tailbone.db import Session
 from tailbone.views import MasterView
 from tailbone.views.principal import PrincipalMasterView, PermissionsRenderer
+from tailbone.config import protected_usernames
 
 
 class UsersView(PrincipalMasterView):
@@ -139,9 +140,9 @@ class UsersView(PrincipalMasterView):
         user is "root".  But if the given user is not protected, this simply
         returns ``True``.
         """
-        if self.user_is_protected(user):
+        if self.request.is_root:
-            return self.request.is_root
             return True
+        return not self.user_is_protected(user)
 
     def deletable_instance(self, user):
         """
@@ -149,9 +150,9 @@ class UsersView(PrincipalMasterView):
         user is "root".  But if the given user is not protected, this simply
         returns ``True``.
         """
-        if self.user_is_protected(user):
+        if self.request.is_root:
-            return self.request.is_root
             return True
+        return not self.user_is_protected(user)
 
     def user_is_protected(self, user):
         """
@@ -165,8 +166,7 @@ class UsersView(PrincipalMasterView):
         "root", otherwise will return ``False``.
         """
         if not hasattr(self, 'protected_usernames'):
-            self.protected_usernames = self.rattail_config.getlist(
+            self.protected_usernames = protected_usernames(self.rattail_config)
-                'tailbone', 'protected_usernames')
         if self.protected_usernames and user.username in self.protected_usernames:
             return True
         return False