feat: allow admins to delete accounts

GDGVIT · Feb 3, 2024 · ef3d9bb · ef3d9bb
1 parent bf8b0fe
commit ef3d9bb
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/vitty-backend-api/api/v2/userHandler.go b/vitty-backend-api/api/v2/userHandler.go
@@ -71,7 +71,7 @@ func deleteUser(c *fiber.Ctx) error {
 	request_user := c.Locals("user").(models.User)
 
 	c.Params("username")
-	if request_user.Username != c.Params("username") {
+	if request_user.Username != c.Params("username") && request_user.Role != "admin" {
 		return c.Status(fiber.StatusForbidden).JSON(fiber.Map{
 			"detail": "You are not authorized to delete this user",
 		})