added destroy permission to users policy, this will allow users to deactivate their own profile and admins to deactivate anyone

app/policies/user_policy.rb

@@ -1,4 +1,8 @@
 class UserPolicy < ApplicationPolicy
+  def destroy?
+    done_by_owner_or_admin?
+  end
+
   def credits?
     done_by_owner_or_admin?
   end

spec/policies/user_policy_spec.rb

@@ -14,7 +14,7 @@ describe UserPolicy do
       should_not permit(User.new, user)
     end
 
-    it "should permit access if user is project owner" do
+    it "should permit access if user is updating himself" do
       should permit(user, user)
     end
 
@@ -30,6 +30,8 @@ describe UserPolicy do
 
   permissions(:update?){ it_should_behave_like "update permissions" }
 
+  permissions(:destroy?){ it_should_behave_like "update permissions" }
+
   permissions(:credits?){ it_should_behave_like "update permissions" }
 
   permissions(:update_password?){ it_should_behave_like "update permissions" }