From a276c24f8fc8aeb2ba60c53a0a841ac161a0b40e Mon Sep 17 00:00:00 2001
From: Bartha Maxime <231026@umons.ac.be>
Date: Mon, 18 Mar 2024 17:30:04 +0100
Subject: [PATCH] added delete self

---
 .../main/java/ovh/herisson/Clyde/EndPoints/UserController.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java
index 3ebf67a..d93ed54 100644
--- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java
@@ -124,7 +124,7 @@ public class UserController {
 
     @DeleteMapping("/user/{id}")
     public ResponseEntity<String> deleteStudent(@RequestHeader("Authorization") String token, @PathVariable Long id){
-        if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary},token))
+        if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary},token) || id.equals(authServ.getUserFromToken(token).getRegNo()))
             return new UnauthorizedResponse<>(null);
 
         User toDelete = userService.getUserById(id);