diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 2fb297874..ac01521b5 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -184,6 +184,8 @@ class UsersController < ApplicationController
   end
 
   def destroy
+    return render_error status: 422 if @user == User.current && !@user.own_account_deletable?
+
     @user.destroy
     respond_to do |format|
       format.html { redirect_back_or_default(users_path) }
diff --git a/test/functional/users_controller_test.rb b/test/functional/users_controller_test.rb
index 35a1e82d7..d65881996 100644
--- a/test/functional/users_controller_test.rb
+++ b/test/functional/users_controller_test.rb
@@ -838,4 +838,27 @@ class UsersControllerTest < Redmine::ControllerTest
       )
     end
   end
+
+  def test_destroy_without_unsubscribe_is_denied
+    user = User.find(2)
+    user.update(admin: true) # Create other admin so self can be deleted
+    @request.session[:user_id] = user.id
+    with_settings unsubscribe: 0 do
+      assert_no_difference 'User.count' do
+        delete :destroy, params: {id: user.id}
+      end
+      assert_response 422
+    end
+  end
+
+  def test_destroy_last_admin_is_denied
+    user = User.find(1)
+    @request.session[:user_id] = user.id
+    with_settings unsubscribe: 1 do
+      assert_no_difference 'User.count' do
+        delete :destroy, params: {id: user.id}
+      end
+      assert_response 422
+    end
+  end
 end