🚀 [Feature] Delete user as admin through API only

Created by: Tirokk

Authored by roschaefer Feb 10, 2020 Closed Mar 10, 2020

---

🚀 Feature

This is a required step in order to finish #17 (closed).

Problem

So, let's say for safety reasons we might not implement #17 (closed) at all - but we allow admins to delete users. Admins can use external UIs for a graphQL endpoint e.g. Postman.

Implementation

Basically you only need to change this line into something like this:

      DeleteUser: or(isDeletingOwnAccount, isAdmin),

And then provide sufficient backend testing for this critical security feature.

Design & Layout

None.