From 1d26ccac4ea9846d97ab303805351eb12353a84a Mon Sep 17 00:00:00 2001
From: snipe <snipe@snipe.net>
Date: Sat, 22 Jun 2024 19:33:06 +0100
Subject: [PATCH] Check for the additional auth for that user

Signed-off-by: snipe <snipe@snipe.net>
---
 app/Http/Controllers/Users/UsersController.php | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/app/Http/Controllers/Users/UsersController.php b/app/Http/Controllers/Users/UsersController.php
index 0be1d697f1..0b16dd0a95 100755
--- a/app/Http/Controllers/Users/UsersController.php
+++ b/app/Http/Controllers/Users/UsersController.php
@@ -335,13 +335,13 @@ class UsersController extends Controller
      */
     public function destroy(DeleteUserRequest $request, $id = null)
     {
-
         $this->authorize('delete', User::class);
 
         if ($user = User::find($id)) {
 
-            if ($user->delete()) {
+            $this->authorize('delete', $user);
 
+            if ($user->delete()) {
                 if (Storage::disk('public')->exists('avatars/' . $user->avatar)) {
                     try {
                         Storage::disk('public')->delete('avatars/' . $user->avatar);
@@ -351,7 +351,6 @@ class UsersController extends Controller
                 }
                 return redirect()->route('users.index')->with('success', trans('admin/users/message.success.delete'));
             }
-
         }
         return redirect()->route('users.index')->with('error', trans('admin/users/message.user_not_found'));