diff --git a/_test/tests/inc/auth_deleteprofile.test.php b/_test/tests/inc/auth_deleteprofile.test.php
new file mode 100644
index 0000000000000000000000000000000000000000..dc38fcd16faa10b6467f6ccc4399ba99cf2a8b0a
--- /dev/null
+++ b/_test/tests/inc/auth_deleteprofile.test.php
@@ -0,0 +1,179 @@
+<?php
+
+class Mock_Auth_Plugin extends DokuWiki_Auth_Plugin {
+
+	public $loggedOff = false;
+
+    public function __construct($canDeleteUser = true) {
+		$this->cando['delUser'] = $canDeleteUser;
+    }
+
+    public function checkPass($user, $pass) {
+        return $pass == 'password';
+    }
+
+    public function deleteUsers($users) {
+    	return in_array($_SERVER['REMOTE_USER'], $users);
+    }
+
+    public function logoff() {
+    	$this->loggedOff = true;
+    }
+
+}
+
+class auth_deleteprofile_test extends DokuWikiTest {
+
+    /*
+     * Tests:
+     *
+     * 1.   It works and the user is logged off 
+     * 2.   Password matches when config requires it
+     * 3,4. Auth plugin can prevent & wiki config can prevent
+     * 5.  Any of invalid security token, missing/not set 'delete' flag, missing/unchecked 'confirm_delete'
+     *
+     */
+
+    function test_success() {
+
+        global $ACT, $INPUT, $conf, $auth;
+
+        $ACT = 'profile_delete';
+        $conf['profileconfirm'] = false;
+    	$_SERVER['REMOTE_USER'] = 'testuser';
+
+        $input = array(
+            'do'                 => $ACT,
+            'sectok'             => getSecurityToken(),
+            'delete'             => '1',
+            'confirm_delete'     => '1',
+        );
+
+        $_POST = $input;
+        $_REQUEST = $input;
+        $INPUT = new Input();
+
+        $auth = new Mock_Auth_Plugin();
+
+        $this->assertTrue(auth_deleteprofile());
+        $this->assertTrue($auth->loggedOff);
+    }
+
+    function test_confirmation_required() {
+
+        global $ACT, $INPUT, $conf, $auth;
+
+        $ACT = 'profile_delete';
+        $conf['profileconfirm'] = true;
+    	$_SERVER['REMOTE_USER'] = 'testuser';
+
+        $input = array(
+            'do'                 => $ACT,
+            'sectok'             => getSecurityToken(),
+            'delete'             => '1',
+            'confirm_delete'     => '1',
+            'oldpass'            => 'wrong',
+        );
+
+        $_POST = $input;
+        $_REQUEST = $input;
+        $INPUT = new Input();
+
+        $auth = new Mock_Auth_Plugin();
+
+        // password check required - it fails, so don't delete profile
+        $this->assertFalse(auth_deleteprofile());
+
+        // now it passes, we're good to go
+        $INPUT->set('oldpass','password');
+        $INPUT->post->set('oldpass','password');
+        $this->assertTrue(auth_deleteprofile());
+    }
+
+    function test_authconfig_prevents() {
+
+        global $ACT, $INPUT, $conf, $auth;
+
+        $ACT = 'profile_delete';
+        $conf['profileconfirm'] = false;
+    	$_SERVER['REMOTE_USER'] = 'testuser';
+
+        $input = array(
+            'do'                 => $ACT,
+            'sectok'             => getSecurityToken(),
+            'delete'             => '1',
+            'confirm_delete'     => '1',
+        );
+
+        $_POST = $input;
+        $_REQUEST = $input;
+        $INPUT = new Input();
+
+        $auth = new Mock_Auth_Plugin(false);
+        $conf['disableactions'] = '';
+        $this->assertFalse(auth_deleteprofile());
+    }
+
+    function test_wikiconfig_prevents() {
+
+        global $ACT, $INPUT, $conf, $auth;
+
+        $ACT = 'profile_delete';
+        $conf['profileconfirm'] = false;
+    	$_SERVER['REMOTE_USER'] = 'testuser';
+
+        $input = array(
+            'do'                 => $ACT,
+            'sectok'             => getSecurityToken(),
+            'delete'             => '1',
+            'confirm_delete'     => '1',
+        );
+
+        $_POST = $input;
+        $_REQUEST = $input;
+        $INPUT = new Input();
+
+        $auth = new Mock_Auth_Plugin();
+        $conf['disableactions'] = 'profile_delete';
+
+        $this->assertFalse(actionOK('profile_delete'));
+        $this->assertTrue($auth->canDo('delUser'));
+
+        $this->assertFalse(auth_deleteprofile());
+    }
+
+    function test_basic_parameters() {
+
+        global $ACT, $INPUT, $conf, $auth;
+
+        $ACT = 'profile_delete';
+        $conf['profileconfirm'] = true;
+    	$_SERVER['REMOTE_USER'] = 'testuser';
+
+        $input = array(
+            'do'                 => $ACT,
+            'sectok'             => getSecurityToken(),
+            'delete'             => '1',
+            'confirm_delete'     => '1',
+            'oldpass'            => 'password',
+        );
+
+        $_POST = $input;
+        $_REQUEST = $input;
+        $input_foundation = new Input();
+
+        $auth = new Mock_Auth_Plugin();
+
+        $INPUT = clone $input_foundation;
+        $INPUT->remove('delete');
+        $this->assertFalse(auth_deleteprofile());
+
+        $INPUT = clone $input_foundation;
+        $INPUT->set('sectok','wrong');
+        $this->assertFalse(auth_deleteprofile());
+
+        $INPUT = clone $input_foundation;
+        $INPUT->remove('confirm_delete');
+        $this->assertFalse(auth_deleteprofile());
+    }
+}
\ No newline at end of file
diff --git a/inc/confutils.php b/inc/confutils.php
index 02be0089ca26ce344082a3c5f33d2748c18ab79a..0ac003b72b992fe5509c9a189ff4e2bfac91ea6e 100644
--- a/inc/confutils.php
+++ b/inc/confutils.php
@@ -241,7 +241,7 @@ function getConfigFiles($type) {
  */
 function actionOK($action){
     static $disabled = null;
-    if(is_null($disabled)){
+    if(is_null($disabled) || defined('SIMPLE_TEST')){
         global $conf;
         /** @var auth_basic $auth */
         global $auth;