From e23952db5b328018baf06e67b4a96e73ffa519b1 Mon Sep 17 00:00:00 2001
From: Lauren Connors <laurayco@outlook.com>
Date: Thu, 14 Nov 2024 10:55:55 -0600
Subject: [PATCH] Update
 server/impl/src/main/java/com/walmartlabs/concord/server/user/UserResourceV2.java

Co-authored-by: Ivan Bodrov <ibodrov@gmail.com>
---
 .../com/walmartlabs/concord/server/user/UserResourceV2.java   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/server/impl/src/main/java/com/walmartlabs/concord/server/user/UserResourceV2.java b/server/impl/src/main/java/com/walmartlabs/concord/server/user/UserResourceV2.java
index 6c4e1426ac..d0c27980ca 100644
--- a/server/impl/src/main/java/com/walmartlabs/concord/server/user/UserResourceV2.java
+++ b/server/impl/src/main/java/com/walmartlabs/concord/server/user/UserResourceV2.java
@@ -91,8 +91,8 @@ public UserEntry get(@PathParam("id") UUID id) {
 
         UUID authenticatedId = loggedIn.getId();
 
-        if(!authenticatedId.equals(id)) {
-            assertAdmin();
+        if(!authenticatedId.equals(id) && !Roles.isAdmin()) {
+            throw new UnauthorizedException("Users can only view their own information or must have admin privileges.");
         }
 
         return userDao.get(id);