From c24ca46af5a83bf1a07a5aa328007e03fe85ba70 Mon Sep 17 00:00:00 2001
From: Martin McKeaveney <martinmckeaveney@gmail.com>
Date: Wed, 13 Jul 2022 11:49:23 +0100
Subject: [PATCH] prevent redirect on app overview by allowing builders access
 to user endpoint

---
 packages/worker/src/api/routes/global/users.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/worker/src/api/routes/global/users.js b/packages/worker/src/api/routes/global/users.js
index 726e61413e..da89ad20eb 100644
--- a/packages/worker/src/api/routes/global/users.js
+++ b/packages/worker/src/api/routes/global/users.js
@@ -69,7 +69,7 @@ router
   )
   .get("/api/global/users/tenant/:id", controller.tenantUserLookup)
   // global endpoint but needs to come at end (blocks other endpoints otherwise)
-  .get("/api/global/users/:id", adminOnly, controller.find)
+  .get("/api/global/users/:id", builderOrAdmin, controller.find)
   // DEPRECATED - use new versions with self API
   .get("/api/global/users/self", selfController.getSelf)
   .post(