Skip to content

Commit

Permalink
Allow user to delete their own contact (#4716)
Browse files Browse the repository at this point in the history 
Co-authored-by: Mh-Asmi <[email protected]>
  • Loading branch information
@ushahidlee @Mh-Asmi
ushahidlee and Mh-Asmi authored Feb 15, 2024
1 parent 87a1886 commit d056fab
Showing 1 changed file with 3 additions and 6 deletions.
9 changes: 3 additions & 6 deletions src/Ushahidi/Modules/V5/Policies/ContactPolicy.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ class ContactPolicy

// Check that the user has the necessary permissions
use AccessControlList;

use OwnerAccess;

protected $user;
Expand Down Expand Up @@ -118,11 +118,8 @@ public function isAllowed($entity, $privilege)
return true;
}


// Allow create, read and update if owner.
// Contacts should not be deleted.
if ($this->isUserOwner($entity, $user)
and in_array($privilege, ['create', 'read', 'update'])) {
// Users can delete their own contacts
if ($this->isUserOwner($entity, $user)) {
return true;
}

Expand Down

0 comments on commit d056fab

Please sign in to comment.