Merge pull request 'added delete self' (#145) from Max/Backend/UserDelete into master

Reviewed-on: PGL/Clyde#145 Reviewed-by: Wal <karpinskiwal@gmail.com> Reviewed-by: LeoMoulin <leomoulin125@gmail.com> Reviewed-by: Debucquoy Anthony <d.tonitch@gmail.com>
2024-03-18 20:19:41 +01:00 · 2024-03-18 20:19:41 +01:00 · 4f002a29e1
commit 4f002a29e1
parent 66d090d045 a276c24f8f
1 changed files with 1 additions and 1 deletions
--- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java
@ -124,7 +124,7 @@ public class UserController {

    @DeleteMapping("/user/{id}")
    public ResponseEntity<String> deleteStudent(@RequestHeader("Authorization") String token, @PathVariable Long id){
-        if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary},token))
+        if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary},token) || id.equals(authServ.getUserFromToken(token).getRegNo()))
            return new UnauthorizedResponse<>(null);

        User toDelete = userService.getUserById(id);