diff --git a/backend/GameDevPortal.WebAPI/Controllers/UsersController.cs b/backend/GameDevPortal.WebAPI/Controllers/UsersController.cs
index 5a8c5bf..ffcb077 100644
--- a/backend/GameDevPortal.WebAPI/Controllers/UsersController.cs
+++ b/backend/GameDevPortal.WebAPI/Controllers/UsersController.cs
@@ -70,6 +70,7 @@ public async Task<ActionResult<IEnumerable<UserGetDto>>> Get(Guid id)
         var userId = User.Claims.FirstOrDefault(c => c.Type == "UserId")?.Value;
         var userRole = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Role)?.Value;
 
+        // TODO: Use a policy to do this together with an IAuthorizationService
         if (id.ToString() != userId && userRole != "Administrator")
         {
             return Unauthorized("You are not authorized to access this account's information.");