From 3f085a977ccd095480ea07fceceacae45d265b4f Mon Sep 17 00:00:00 2001
From: Anthony Lapenna <lapenna.anthony@gmail.com>
Date: Thu, 13 Jul 2017 09:12:06 +0200
Subject: [PATCH] fix(UAC): allow a team member to delete a resource control
 (#1030)

---
 api/http/security/authorization.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api/http/security/authorization.go b/api/http/security/authorization.go
index b19dad1f6..30d6dfb72 100644
--- a/api/http/security/authorization.go
+++ b/api/http/security/authorization.go
@@ -22,7 +22,7 @@ func AuthorizedResourceControlDeletion(resourceControl *portainer.ResourceContro
 	if teamAccessesCount > 0 {
 		for _, access := range resourceControl.TeamAccesses {
 			for _, membership := range context.UserMemberships {
-				if membership.TeamID == access.TeamID && membership.Role == portainer.TeamLeader {
+				if membership.TeamID == access.TeamID {
 					return true
 				}
 			}