From 7e56e0eec4940d07ee25dbc640727325d37c76ac Mon Sep 17 00:00:00 2001
From: Evert Prants <evert@lunasqu.ee>
Date: Wed, 14 Sep 2022 20:44:18 +0300
Subject: [PATCH] allow non admins to delete their clients

---
 src/modules/api/admin/oauth2-admin.controller.ts | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/modules/api/admin/oauth2-admin.controller.ts b/src/modules/api/admin/oauth2-admin.controller.ts
index 23f239c..451c98d 100644
--- a/src/modules/api/admin/oauth2-admin.controller.ts
+++ b/src/modules/api/admin/oauth2-admin.controller.ts
@@ -312,7 +312,9 @@ export class OAuth2AdminController {
       );
     }
 
-    if (client.activated) {
+    const isAdmin = this._service.userHasPrivilege(user, 'admin:oauth2');
+
+    if (client.activated && isAdmin) {
       throw new BadRequestException('Please deactivate the client first.');
     }