self-service delete_contact, RT#37375

[freeside.git] / FS / FS / ClientAPI / MyAccount / contact.pm

diff --git a/FS/FS/ClientAPI/MyAccount/contact.pm b/FS/FS/ClientAPI/MyAccount/contact.pm
index 30316c7..099da29 100644 (file)
--- a/FS/FS/ClientAPI/MyAccount/contact.pm
+++ b/FS/FS/ClientAPI/MyAccount/contact.pm
@@ -129,7 +129,11 @@ sub delete_contact {
   my($context, $session, $custnum) = _custoragent_session_custnum($p);
   return { 'error' => $session } if $context eq 'error';
 
-  my $cust_contact = qsearchs('cust_contact', { contactnum=>$p->{contactnum} } )
+  return { 'error' => 'Cannot delete the currently-logged in contact.' }
+    if $p->{contactnum} == $session->{contactnum};
+
+  my $cust_contact = qsearchs('cust_contact', { contactnum => $p->{contactnum},
+                                                custnum    => $custnum,       })
     or return { 'error' => 'Unknown contactnum' };
 
   my $contact = $cust_contact->contact;