create structure for rules checking

server/router/organizationroute/controller.go

@@ -239,6 +239,10 @@ func (c *controller) handleRemoveAddress(ctx echo.Context) error {
 		return routeutils.HandleAPIError(ctx, err)
 	}
 
+	if !authorization.CanDeleteAddress(authUser, address) {
+		return routeutils.ResponseAPIAuthorizationError(ctx)
+	}
+
 	address.UpdatedUser.ID = authUser.ID
 
 	err = c.svc.Organization.InactivateOrganizationAddress(orgUUID, address, authUser)
@@ -315,6 +319,10 @@ func (c *controller) handleRemoveContact(ctx echo.Context) error {
 		return routeutils.HandleAPIError(ctx, err)
 	}
 
+	if !authorization.CanDeleteContact(authUser, contact) {
+		return routeutils.ResponseAPIAuthorizationError(ctx)
+	}
+
 	contact.UpdatedUser.ID = authUser.ID
 
 	err = c.svc.Organization.InactivateOrganizationContact(orgUUID, contact, authUser)