From 3d49fc131517c93d9857070626f76a7de757d8ec Mon Sep 17 00:00:00 2001
From: Toby Zerner <toby.zerner@gmail.com>
Date: Fri, 18 Mar 2016 09:39:41 +1030
Subject: [PATCH] Prevent users from being incorrectly able to delete their own
 discussions

---
 framework/core/src/Core/Access/DiscussionPolicy.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/framework/core/src/Core/Access/DiscussionPolicy.php b/framework/core/src/Core/Access/DiscussionPolicy.php
index 3781f213f..66bbf5560 100644
--- a/framework/core/src/Core/Access/DiscussionPolicy.php
+++ b/framework/core/src/Core/Access/DiscussionPolicy.php
@@ -109,6 +109,8 @@ class DiscussionPolicy extends AbstractPolicy
      */
     public function delete(User $actor, Discussion $discussion)
     {
-        return $this->rename($actor, $discussion);
+        if ($discussion->start_user_id == $actor->id && $discussion->participants_count <= 1) {
+            return true;
+        }
     }
 }