diff --git a/internal/admin/users.go b/internal/admin/users.go
index 234ca36..3988bd9 100644
--- a/internal/admin/users.go
+++ b/internal/admin/users.go
@@ -28,7 +28,19 @@ func NewUserDTO(row *repository.User) types.UserDTO {
 }
 
 func (h *AdminHandler) GetUsers(w http.ResponseWriter, r *http.Request) {
-	users, err := h.repo.FindAllUsers(r.Context())
+	userId, ok := util.GetRequestUserId(r.Context())
+	if !ok {
+		web.Error(w, "failed to get user id from auth session", http.StatusInternalServerError)
+		return
+	}
+
+	user, err := h.repo.FindUserId(r.Context(), uuid.MustParse(userId))
+	if err != nil {
+		web.Error(w, "failed to get access information", http.StatusUnauthorized)
+		return
+	}
+
+	users, err := h.repo.FindAdminUsers(r.Context(), &user.ID)
 	if err != nil {
 		log.Println("ERR: Failed to query users from db:", err)
 		web.Error(w, "failed to get all users", http.StatusInternalServerError)
@@ -89,6 +101,18 @@ type CreateUserRequest struct {
 }
 
 func (h *AdminHandler) CreateUser(w http.ResponseWriter, r *http.Request) {
+	userId, ok := util.GetRequestUserId(r.Context())
+	if !ok {
+		web.Error(w, "failed to get user id from auth session", http.StatusInternalServerError)
+		return
+	}
+
+	user, err := h.repo.FindUserId(r.Context(), uuid.MustParse(userId))
+	if err != nil {
+		web.Error(w, "failed to get access information", http.StatusUnauthorized)
+		return
+	}
+
 	var req CreateUserRequest
 
 	decoder := json.NewDecoder(r.Body)
@@ -112,7 +136,7 @@ func (h *AdminHandler) CreateUser(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	_, err := h.repo.FindUserEmail(r.Context(), req.Email)
+	_, err = h.repo.FindUserEmail(r.Context(), req.Email)
 	if err == nil {
 		web.Error(w, "user with provided email already exists", http.StatusBadRequest)
 		return
@@ -130,11 +154,12 @@ func (h *AdminHandler) CreateUser(w http.ResponseWriter, r *http.Request) {
 		FullName:     req.FullName,
 		PasswordHash: hash,
 		IsAdmin:      false,
+		CreatedBy:    &user.ID,
 	}
 
 	log.Println("INFO: params for user creation:", params)
 
-	userId, err := h.repo.InsertUser(r.Context(), params)
+	id, err := h.repo.InsertUser(r.Context(), params)
 	if err != nil {
 		log.Println("ERR: Failed to insert user into database:", err)
 		web.Error(w, "failed to create user", http.StatusInternalServerError)
@@ -147,7 +172,7 @@ func (h *AdminHandler) CreateUser(w http.ResponseWriter, r *http.Request) {
 
 	encoder := json.NewEncoder(w)
 	if err := encoder.Encode(Response{
-		ID: userId.String(),
+		ID: id.String(),
 	}); err != nil {
 		web.Error(w, "failed to encode response", http.StatusInternalServerError)
 	}