From e0c34c81ad2aa45e37f5a2f9434d11990bf05442 Mon Sep 17 00:00:00 2001 From: Lum Date: Thu, 16 Jul 2026 11:03:37 -0700 Subject: [PATCH] Project admins should be able to view user details from the project user page. --- core/src/org/labkey/core/user/UserController.java | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/core/src/org/labkey/core/user/UserController.java b/core/src/org/labkey/core/user/UserController.java index 644bc6cb4e2..75fcb5dac0d 100644 --- a/core/src/org/labkey/core/user/UserController.java +++ b/core/src/org/labkey/core/user/UserController.java @@ -1587,11 +1587,10 @@ public ModelAndView getView(UserQueryForm form, BindException errors) if (schema == null) throw new NotFoundException(CoreQuerySchema.NAME + " schema"); - // use getTable(forWrite=true) because we hack on this TableInfo - // TODO don't hack on the TableInfo, shouldn't the schema check canSeeUserDetails() and has AdminPermission? - TableInfo table = schema.getTable(CoreQuerySchema.SITE_USERS_TABLE_NAME, null, true, true); + String tableName = isUserManager ? CoreQuerySchema.SITE_USERS_TABLE_NAME : CoreQuerySchema.USERS_TABLE_NAME; + TableInfo table = schema.getTable(tableName, null, true, true); if (table == null) - throw new NotFoundException(CoreQuerySchema.SITE_USERS_TABLE_NAME + " table"); + throw new NotFoundException(tableName + " table"); else if (table instanceof AbstractTableInfo) { // conditionally remove the email and groups columns only for this view