keksAccount/app/Http/Controllers/API/AccountController.php

<?php

namespace App\Http\Controllers\API;

use App\Data\Repository\UserRepository;
use App\Exceptions\HTTPException;
use App\Exceptions\NoPermissionException;
use App\Exceptions\NotLoggedInException;
use App\Exceptions\ResourceNotFound;
use App\Models\User;
use http\Env\Request;
use Illuminate\Support\Facades\Auth;
use Laravel\Lumen\Routing\Controller as BaseController;
use TaGeSo\APIResponse\Response;

class AccountController extends BaseController
{
    public function getUsers(Response $response, UserRepository $userRepository) {

        if(!Auth::check()) {
            throw new NotLoggedInException();
        }

        if(!Auth::user()->admin) {
            throw new NoPermissionException();
        }

        $users = $userRepository->getAllUsers();

        return $response->withData(\App\Http\Resources\API\User::collection(($users)));
    }

    public function getUser(Response $response, UserRepository $userRepository, $id) {
        if(!Auth::check()) {
            throw new NotLoggedInException();
        }

        if(!(Auth::user()->admin || Auth::user()->id == $id)) {
            throw new NoPermissionException();
        }

        $user = $userRepository->findById($id);

        if($user == null) {
            throw new ResourceNotFound();
        }

        return $response->withData(new \App\Http\Resources\API\User($user));
    }

}