diff --git a/app/controller/user.js b/app/controller/user.js
index 4d6e11b1..bbda197f 100644
--- a/app/controller/user.js
+++ b/app/controller/user.js
@@ -7,7 +7,6 @@ const settingsController = require('./settings')
 const eventController = require('./event')
 const config = require('../config')
 const mail = require('../mail')
-const bot = require('./bot')
 const { Op } = require('sequelize')
 
 const userController = {
@@ -44,8 +43,8 @@ const userController = {
   },
 
   async delEvent (req, res) {
-    // check if event is mine
     const event = await Event.findByPk(req.params.id)
+    // check if event is mine (or user is admin)
     if (event && (req.user.is_admin || req.user.id === event.userId)) {
       await event.destroy()
       res.sendStatus(200)
diff --git a/app/cron.js b/app/cron.js
index 8826817a..ff3f4dd0 100644
--- a/app/cron.js
+++ b/app/cron.js
@@ -21,7 +21,7 @@ async function sendNotification (notification, event, eventNotification) {
         break
       case 'mastodon':
         // instance publish
-        if (settings.mastodon_auth.instance) {
+        if (settings.mastodon_auth.instance && settings.mastodon_auth.access_token) {
           const b = bot.post(settings.mastodon_auth, event)
           promises.push(b)
         }