in app/controllers/users_controller.rb [74:78]
def correct_user @user = User.find(params[:id]) redirect_to(root_url, status: :see_other) unless current_user?(@user) end