diff --git a/app/Api/V1/Controllers/Data/DestroyController.php b/app/Api/V1/Controllers/Data/DestroyController.php index 61a92a0bd4..98bbfabc50 100644 --- a/app/Api/V1/Controllers/Data/DestroyController.php +++ b/app/Api/V1/Controllers/Data/DestroyController.php @@ -42,8 +42,6 @@ use FireflyIII\Repositories\PiggyBank\PiggyBankRepositoryInterface; use FireflyIII\Repositories\Recurring\RecurringRepositoryInterface; use FireflyIII\Repositories\RuleGroup\RuleGroupRepositoryInterface; use FireflyIII\Repositories\Tag\TagRepositoryInterface; -use FireflyIII\Repositories\TransactionGroup\TransactionGroupRepository; -use FireflyIII\Repositories\TransactionGroup\TransactionGroupRepositoryInterface; use FireflyIII\Services\Internal\Destroy\AccountDestroyService; use FireflyIII\Services\Internal\Destroy\JournalDestroyService; use Illuminate\Http\JsonResponse; diff --git a/app/Api/V1/Requests/DataDestroyRequest.php b/app/Api/V1/Requests/DataDestroyRequest.php index dbdec0da59..2b14817c3d 100644 --- a/app/Api/V1/Requests/DataDestroyRequest.php +++ b/app/Api/V1/Requests/DataDestroyRequest.php @@ -36,7 +36,7 @@ class DataDestroyRequest extends Request public function authorize(): bool { // Only allow authenticated users - return auth()->check(); + return auth()->check() && !auth()->user()->hasRole('demo'); } /**