From 2b42545b77622bf8416c477ede3d6c7dd9f0140e Mon Sep 17 00:00:00 2001 From: Martin McKeaveney Date: Wed, 13 Jul 2022 11:49:23 +0100 Subject: [PATCH] prevent redirect on app overview by allowing builders access to user endpoint --- packages/worker/src/api/routes/global/users.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/worker/src/api/routes/global/users.js b/packages/worker/src/api/routes/global/users.js index 726e61413e..da89ad20eb 100644 --- a/packages/worker/src/api/routes/global/users.js +++ b/packages/worker/src/api/routes/global/users.js @@ -69,7 +69,7 @@ router ) .get("/api/global/users/tenant/:id", controller.tenantUserLookup) // global endpoint but needs to come at end (blocks other endpoints otherwise) - .get("/api/global/users/:id", adminOnly, controller.find) + .get("/api/global/users/:id", builderOrAdmin, controller.find) // DEPRECATED - use new versions with self API .get("/api/global/users/self", selfController.getSelf) .post(