diff --git a/src/routes/users/fetch_user.rs b/src/routes/users/fetch_user.rs index f1671d75..ccfcbf94 100644 --- a/src/routes/users/fetch_user.rs +++ b/src/routes/users/fetch_user.rs @@ -8,6 +8,10 @@ use rocket::{serde::json::Json, State}; #[openapi(tag = "User Information")] #[get("/")] pub async fn req(db: &State, user: User, target: Ref) -> Result> { + if target.id == user.id { + return Ok(Json(user)); + } + let target = target.as_user(db).await?; let permissions = perms(&user).user(&target).calc_user(db).await; diff --git a/src/routes/users/find_mutual.rs b/src/routes/users/find_mutual.rs index dab8ee7c..7e5bfaac 100644 --- a/src/routes/users/find_mutual.rs +++ b/src/routes/users/find_mutual.rs @@ -20,12 +20,12 @@ pub struct MutualResponse { #[openapi(tag = "Relationships")] #[get("//mutual")] pub async fn req(db: &State, user: User, target: Ref) -> Result> { - let target = target.as_user(db).await?; - if target.id == user.id { return Err(Error::InvalidOperation); } + let target = target.as_user(db).await?; + if perms(&user) .user(&target) .calc_user(db)