From 9fc2d2b76bcfe443ddf0b300505d340fe18736b0 Mon Sep 17 00:00:00 2001
From: Umar Bolatov <bolatovumar@gmail.com>
Date: Wed, 7 Apr 2021 20:48:38 -0700
Subject: [PATCH] Remove CanDeleteUser constraint from "/api/v1/users/{userId}"
 endpoint

---
 BTCPayServer/Controllers/GreenField/UsersController.cs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/BTCPayServer/Controllers/GreenField/UsersController.cs b/BTCPayServer/Controllers/GreenField/UsersController.cs
index 51fccca01..8ee74b3af 100644
--- a/BTCPayServer/Controllers/GreenField/UsersController.cs
+++ b/BTCPayServer/Controllers/GreenField/UsersController.cs
@@ -197,7 +197,7 @@ namespace BTCPayServer.Controllers.GreenField
         }
 
         [HttpDelete("~/api/v1/users/{userId}")]
-        [Authorize(Policy = Policies.CanDeleteUser, AuthenticationSchemes = AuthenticationSchemes.GreenfieldAPIKeys)]
+        [Authorize(AuthenticationSchemes = AuthenticationSchemes.GreenfieldAPIKeys)]
         public async Task<ActionResult<ApplicationUserData>> DeleteUser(string userId)
         {
             // Only admins should be allowed to delete users