From f64d34d250664e5ad78ef8f60c57a73a23806dbc Mon Sep 17 00:00:00 2001
From: Zambom <erikzambom@hotmail.com>
Date: Tue, 17 Jan 2017 02:04:40 -0200
Subject: [PATCH] Adjusting user deletion access

---
 users/views.py | 10 ++++++++++
 1 file changed, 10 insertions(+), 0 deletions(-)

diff --git a/users/views.py b/users/views.py
index 422328b..8274c09 100644
--- a/users/views.py
+++ b/users/views.py
@@ -155,6 +155,16 @@ class DeleteView(braces_mixins.LoginRequiredMixin, generic.DeleteView):
 	slug_url_kwarg = 'email'
 	context_object_name = 'acc'
 
+	def dispatch(self, request, *args, **kwargs):
+		email = self.kwargs.get('email', None)
+
+		if not email is None:
+			if not request.user.is_staff:
+				return redirect(reverse_lazy('subjects:home'))
+
+		return super(DeleteView, self).dispatch(request, *args, **kwargs)
+
+
 	def get_object(self):
 		email = self.kwargs.get('email', None)
 
--
libgit2 0.21.2