From de91618070473fdf2ecff30c722f0770acd1a912 Mon Sep 17 00:00:00 2001
From: Evgeny Khramtsov <ekhramtsov@process-one.net>
Date: Sun, 24 Nov 2019 16:21:01 +0300
Subject: [PATCH] Check also 'access' rule on account removal

According to the documentation we should not allow
account removal when it's forbidden by the rule
from 'access' option.
---
 src/mod_register.erl | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/mod_register.erl b/src/mod_register.erl
index 31bb52c9d..10c55b6f5 100644
--- a/src/mod_register.erl
+++ b/src/mod_register.erl
@@ -114,8 +114,12 @@ process_iq(#iq{from = From, to = To} = IQ, Source) ->
 	end,
     Server = To#jid.lserver,
     Access = mod_register_opt:access_remove(Server),
-    AllowRemove = allow == acl:match_rule(Server, Access, From),
-    process_iq(IQ, Source, IsCaptchaEnabled, AllowRemove).
+    Remove = case acl:match_rule(Server, Access, From) of
+                 deny -> deny;
+                 allow ->
+                     check_access(From#jid.luser, From#jid.lserver, Source)
+             end,
+    process_iq(IQ, Source, IsCaptchaEnabled, Remove == allow).
 
 process_iq(#iq{type = set, lang = Lang,
 	       sub_els = [#register{remove = true}]} = IQ,