Allow user to see their profile page

vedia.rb

@@ -218,6 +218,11 @@ post '/logout' do
   redirect '/login'
 end
 
+get '/users/:id' do
+  require_admin_or_self
+  erb :users_show
+end
+
 get '/admin' do
   require_admin
   @users = User.all
@@ -225,12 +230,6 @@ get '/admin' do
   erb :admin
 end
 
-get '/admin/users/:id' do
-  require_admin
-  @user = User.find(params[:id])
-  erb :admin_users
-end
-
 get '/admin/users/:id/organizers/:vote/delete' do
   require_admin
   rating = Organizer.where(user: params[:id]).where(vote: params[:vote]).each do |organizer|
@@ -652,6 +651,12 @@ helpers do
     redirect '/' unless is_admin
   end
 
+  def require_admin_or_self
+    require_login
+    find_user
+    redirect '/' unless is_admin or current_user == @user
+  end
+
   def find_vote
     @vote = Vote.find_by(secure_id: params[:id])
   end
@@ -660,6 +665,10 @@ helpers do
     @candidate = Candidate.find(params[:cid])
   end
 
+  def find_user
+    @user = User.find(params[:id])
+  end
+
   def all_users_sorted
     User.all.each.sort_by { |user| user.email }
   end