From 476c1a56911e49a3acd5d5d1ef0c5cb050fc7856 Mon Sep 17 00:00:00 2001
From: Toby Zerner <toby.zerner@gmail.com>
Date: Fri, 18 Mar 2016 09:39:41 +1030
Subject: [PATCH] Prevent users from being incorrectly able to delete their own
 discussions

---
 src/Core/Access/DiscussionPolicy.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/Core/Access/DiscussionPolicy.php b/src/Core/Access/DiscussionPolicy.php
index 3781f213f..66bbf5560 100644
--- a/src/Core/Access/DiscussionPolicy.php
+++ b/src/Core/Access/DiscussionPolicy.php
@@ -109,6 +109,8 @@ class DiscussionPolicy extends AbstractPolicy
      */
     public function delete(User $actor, Discussion $discussion)
     {
-        return $this->rename($actor, $discussion);
+        if ($discussion->start_user_id == $actor->id && $discussion->participants_count <= 1) {
+            return true;
+        }
     }
 }