How can a module call user_delete() without granting the caller the full "administer users" permission?

"administer users" is perhaps the top permission only admin has. So what's the best way to allow one user to delete another user (when certain conditions are met) without hacking the user.module?

When user_delete() is invoked in a module, user_access() will be called first to validate if the caller has the "administer users" permission. It will return false in my case. I hacked the user.module to check my condition. But I'm looking for a clean solution.

thanks in advance.

Comments

newbuntu’s picture

My bad, I got confused. I meant to allow one user to edit another user's profile. (delete actually works. I hacked user.module to allow one user to edit another user's profile). Since I can't change my original post. I guess the title will stay that way ;(

Anonymous’s picture

are you using content profile or just the default drupal profile? I believe content profile has some permission which you can set so a certain role can edit others profile.