Issue Description

The current authorization logic on the /users/:userId/intro endpoint only allows superusers to view user intro data. This restriction is too broad and prevents users from accessing their own intro data.

The proposed change will:

• Allow users to view their own intro data.
• Retain the ability of superusers to access any user's intro data.
• Implement a 403 error response for unauthorized access attempts.

Expected Behavior

• Users should be able to access their own intro data.
• Superusers should continue to have access to all users' intro data.
• If a user tries to access another user's intro data without superuser privileges, they should receive a 403 "You're not authorized to view this page" response.
• A 404 response should be returned if no data is found for the given user ID.

Current Behavior

Only superusers can access the intro data for any user. Regular users are unable to view their own intro data.

Screenshots

Reproducibility

• This issue is reproducible
• This issue is not reproducible

Steps to Reproduce

Severity/Priority

• Critical
• High
• Medium
• Low

Additional Information

Checklist

• I have read and followed the project's code of conduct.
• I have searched for similar issues before creating this one.
• I have provided all the necessary information to understand and reproduce the issue.
• I am willing to contribute to the resolution of this issue.