Index: user.module
===================================================================
RCS file: /usr/local/cvs/drupal/modules/user.module,v
retrieving revision 1.1
diff -u -r1.1 user.module
--- user.module	30 Jan 2004 06:44:08 -0000	1.1
+++ user.module	3 Feb 2004 04:36:38 -0000
@@ -291,7 +291,7 @@
 /*** Module hooks **********************************************************/
 
 function user_perm() {
-  return array("administer users", "access user list");
+  return array("administer users", "access user list", "access users");
 }
 
 function user_search($keys) {
@@ -1017,15 +1017,20 @@
     print theme("page", $output, $user->name);
   }
   else if ($uid && $account = user_load(array("uid" => $uid, "status" => 1))) {
-    $output = form_item(t("Name"), $account->name);
-
-    $output .= implode("\n", module_invoke_all("user", "view_public", "", $account));
-
-    if (user_access("administer users")) {
-      $output .= form_item(t("Administration"), l(t("edit account"), "admin/user/edit/$account->uid"));
-    }
+    if (user_access("access users")) {
+      $output = form_item(t("Name"), $account->name);
+  
+      $output .= implode("\n", module_invoke_all("user", "view_public", "", $account));
+  
+      if (user_access("administer users")) {
+        $output .= form_item(t("Administration"), l(t("edit account"), "admin/user/edit/$account->uid"));
+      }
 
     print theme("page", $output, $account->name);
+    }
+    else {
+      print theme("page", message_access(), t("Access Denied"));
+    }
   }
   else {
     $output = user_login();