From 8fe0a333a8577838abcc17a7bc75d2d38e57bbfa Mon Sep 17 00:00:00 2001
From: Wenkai Yin <yinw@vmware.com>
Date: Fri, 28 Oct 2016 14:47:19 +0800
Subject: [PATCH] user can not be deleted in LDAP authentication mode

---
 src/ui/api/user.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/ui/api/user.go b/src/ui/api/user.go
index 7b023b9dc..17def3bf1 100644
--- a/src/ui/api/user.go
+++ b/src/ui/api/user.go
@@ -241,6 +241,12 @@ func (ua *UserAPI) Delete() {
 		return
 	}
 
+	// TODO read from conifg
+	authMode := os.Getenv("AUTH_MODE")
+	if authMode == "ldap_auth" {
+		ua.CustomAbort(http.StatusForbidden, "user can not be deleted in LDAP authentication mode")
+	}
+
 	if ua.currentUserID == ua.userID {
 		ua.CustomAbort(http.StatusForbidden, "can not delete yourself")
 	}