Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/services/users/destroy_service.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/services/users/destroy_service.rb')
-rw-r--r--app/services/users/destroy_service.rb4
1 files changed, 4 insertions, 0 deletions
diff --git a/app/services/users/destroy_service.rb b/app/services/users/destroy_service.rb
index 2d11305be13..bc0653cb634 100644
--- a/app/services/users/destroy_service.rb
+++ b/app/services/users/destroy_service.rb
@@ -7,6 +7,10 @@ module Users
end
def execute(user, options = {})
+ unless current_user.admin? || current_user == user
+ raise Gitlab::Access::AccessDeniedError, "#{current_user} tried to destroy user #{user}!"
+ end
+
if !options[:delete_solo_owned_groups] && user.solo_owned_groups.present?
user.errors[:base] << 'You must transfer ownership or delete groups before you can remove user'
return user
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-15 14:29:10 +0300