summaryrefslogtreecommitdiff
path: root/app/services/users/destroy_service.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/services/users/destroy_service.rb')
-rw-r--r--app/services/users/destroy_service.rb4
1 files changed, 4 insertions, 0 deletions
diff --git a/app/services/users/destroy_service.rb b/app/services/users/destroy_service.rb
index 2d11305be13..bc0653cb634 100644
--- a/app/services/users/destroy_service.rb
+++ b/app/services/users/destroy_service.rb
@@ -7,6 +7,10 @@ module Users
end
def execute(user, options = {})
+ unless current_user.admin? || current_user == user
+ raise Gitlab::Access::AccessDeniedError, "#{current_user} tried to destroy user #{user}!"
+ end
+
if !options[:delete_solo_owned_groups] && user.solo_owned_groups.present?
user.errors[:base] << 'You must transfer ownership or delete groups before you can remove user'
return user
View Lorry Controller Status