From b68f183e86a22b00dd500d4004cb50c3c62f8c88 Mon Sep 17 00:00:00 2001
From: Toby Zerner <toby.zerner@gmail.com>
Date: Sun, 11 Nov 2018 14:25:21 +1030
Subject: [PATCH] Always allow users to see their own account. fixes #1626

---
 framework/core/src/User/UserPolicy.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/framework/core/src/User/UserPolicy.php b/framework/core/src/User/UserPolicy.php
index 8a37720e4..0a33b012a 100644
--- a/framework/core/src/User/UserPolicy.php
+++ b/framework/core/src/User/UserPolicy.php
@@ -39,7 +39,11 @@ class UserPolicy extends AbstractPolicy
     public function find(User $actor, Builder $query)
     {
         if ($actor->cannot('viewUserList')) {
-            $query->whereRaw('FALSE');
+            if ($actor->isGuest()) {
+                $query->whereRaw('FALSE');
+            } else {
+                $query->where('id', $actor->id);
+            }
         }
     }
 }