diff --git a/src/endpoints/UserEndpoint.ts b/src/endpoints/UserEndpoint.ts index a5096e5..21c4909 100644 --- a/src/endpoints/UserEndpoint.ts +++ b/src/endpoints/UserEndpoint.ts @@ -44,6 +44,12 @@ export class UserEndpoint extends ScimEndpoint implements IScimEndpoint { } public async _delete(ctx: Context): Promise { + if (ctx.id() === (await ctx.rc.getUserId())) { + throw new SCIMError() + .setStatus(HttpStatusCode.FORBIDDEN) + .setScimType(SCIMErrorType.MUTABILITY) + .setDetail("The admin user can't be deleted"); + } const o = await ctx.rc.user.delete({ userId: ctx.id(), confirmRelinquish: true,