diff options
| -rw-r--r-- | modules/user/controllers/users.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php index 88f499e6..a0e89922 100644 --- a/modules/user/controllers/users.php +++ b/modules/user/controllers/users.php @@ -82,7 +82,7 @@ class Users_Controller extends REST_Controller { * @see REST_Controller::_delete($resource) */ public function _delete($user) { - if (!user::active()->admin) { + if (!user::active()->admin || $user->id == user::active()->id ) { access::forbidden(); } // Prevent CSRF |