summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Wintermeyer <stefan.wintermeyer@amooma.de>2013-01-24 13:23:24 +0100
committerStefan Wintermeyer <stefan.wintermeyer@amooma.de>2013-01-24 13:23:24 +0100
commitbcc26106d74a301df09e02d07572ffe90dfb429b (patch)
tree874174357dea6d3a42c808994c2056a531165bdd
parent517dbc54c595adca221249545d0e7c0815df3195 (diff)
Don't let the admin pull out the rug for his/her own account.
-rw-r--r--app/models/ability.rb4
1 files changed, 4 insertions, 0 deletions
diff --git a/app/models/ability.rb b/app/models/ability.rb
index b846af0..0d13dab 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -82,6 +82,10 @@ class Ability
#
cannot [:create, :destroy], GsParameter
cannot [:create, :destroy], GuiFunction
+
+ # An admin can not destroy his/her account
+ #
+ cannot [:destroy], User, :id => user.id
else
# Any user can do the following stuff.
#