## Summary
**What** — What changes are introduced in this PR?
Allow users to delete other users and prevent them from deleting themselves.
**Why** — Why are these changes relevant or necessary?
Inability to delete other users causes old users that maybe don't work anymore with the business to have access still.
**How** — How have these changes been implemented?
Inverted the check in the admin delete user endpoint, to allow users deleting other users but themselves.
**Testing** — How have these changes been tested, or how can the reviewer test the feature?
Integration tests
---
## Examples
Provide examples or code snippets that demonstrate how this feature works, or how it can be used in practice.
This helps with documentation and ensures maintainers can quickly understand and verify the change.
```ts
// Example usage
```
---
## Checklist
Please ensure the following before requesting a review:
- [x] I have added a **changeset** for this PR
- Every non-breaking change should be marked as a **patch**
- To add a changeset, run `yarn changeset` and follow the prompts
- [x] The changes are covered by relevant **tests**
- [x] I have verified the code works as intended locally
- [x] I have linked the related issue(s) if applicable
---
## Additional Context
Add any additional context, related issues, or references that might help the reviewer understand this PR.
closes OPS-97
---
> [!NOTE]
> Enables deleting other users via admin DELETE endpoint while blocking self-deletion, with corresponding integration tests and changeset.
>
> - **Backend**
> - Update `DELETE /admin/users/:id` in `packages/medusa/src/api/admin/users/[id]/route.ts`:
> - Disallow self-deletion when `actor_id === id` with `NOT_ALLOWED` error.
> - Execute `removeUserAccountWorkflow` and return standard delete response.
> - **Tests**
> - Expand `integration-tests/http/__tests__/user/admin/user.spec.ts`:
> - Create a second admin user; delete it and verify auth identity `app_metadata` no longer includes `user_id`.
> - Confirm token still authenticates but access is revoked (401 on `/admin/users/me`).
> - Assert self-deletion returns 400 with message `"A user cannot delete itself"`.
> - **Changeset**
> - Add `.changeset/dull-plants-create.md` (patch for `@medusajs/medusa`).
>
> <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit f1f8252b91593b8a8fb03dc9d26460d09a10cfaa. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup>
* wip
* more work
* working on stuff
* more
* fix test
* remove incorrect test
* fix test
* fix: Only allow deletion of yourself
* remove redundant tests
