From e59c3613ac998b98eac469e8b1953dda48d4f7bf Mon Sep 17 00:00:00 2001
From: Erin <121973038+erinysong@users.noreply.github.com>
Date: Mon, 1 Apr 2024 13:01:45 -0700
Subject: [PATCH] Add analyst or superuser check for deleting user role

---
 src/registrar/views/utility/mixins.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/registrar/views/utility/mixins.py b/src/registrar/views/utility/mixins.py
index aa0c9cd6b..c7083ce48 100644
--- a/src/registrar/views/utility/mixins.py
+++ b/src/registrar/views/utility/mixins.py
@@ -307,7 +307,12 @@ class UserDeleteDomainRolePermission(PermissionsLoginMixin):
             domain=domain_pk,
             domain__permissions__user=self.request.user,
         ).exists()
-        if not has_delete_permission:
+
+        user_is_analyst_or_superuser = self.request.user.has_perm(
+            "registrar.analyst_access_permission"
+        ) or self.request.user.has_perm("registrar.full_access_permission")
+
+        if not (has_delete_permission or user_is_analyst_or_superuser):
             return False
 
         # Check if more than one manager exists on the domain.