diff --git a/bruno/user/Get user.bru b/bruno/user/Get user.bru
new file mode 100644
index 0000000..7de3257
--- /dev/null
+++ b/bruno/user/Get user.bru	
@@ -0,0 +1,15 @@
+meta {
+  name: Get user
+  type: http
+  seq: 2
+}
+
+get {
+  url: {{api_base}}/user/:id
+  body: none
+  auth: inherit
+}
+
+params:path {
+  id: 293ef329-91b2-4912-ad5d-0277490c7b55
+}
diff --git a/bruno/user/Get users.bru b/bruno/user/Get users.bru
new file mode 100644
index 0000000..92d3b6d
--- /dev/null
+++ b/bruno/user/Get users.bru	
@@ -0,0 +1,11 @@
+meta {
+  name: Get users
+  type: http
+  seq: 1
+}
+
+get {
+  url: {{api_base}}/user
+  body: none
+  auth: inherit
+}
diff --git a/crates/backend/src/controller/user.rs b/crates/backend/src/controller/user.rs
index c50281e..0381c4b 100644
--- a/crates/backend/src/controller/user.rs
+++ b/crates/backend/src/controller/user.rs
@@ -1,5 +1,5 @@
-use crate::{entity, error::ApiError, Database};
-use actix_web::{delete, get, post, put, web, Responder};
+use crate::{Database, entity, error::ApiError};
+use actix_web::{Responder, delete, get, post, put, web};
 use serde::Deserialize;
 use validator::Validate;
 
@@ -20,13 +20,21 @@ struct CreateUser {
 }
 
 #[get("")]
-async fn get_users() -> impl Responder {
-    ""
+async fn get_users(
+    db: web::Data<Database>,
+) -> Result<web::Json<Vec<entity::user::Model>>, ApiError> {
+    let users = db.get_users().await?;
+    Ok(web::Json(users))
 }
 
 #[get("/{id}")]
-async fn get_user() -> impl Responder {
-    ""
+async fn get_user(
+    db: web::Data<Database>,
+    id: web::Path<uuid::Uuid>,
+) -> Result<web::Json<entity::user::Model>, ApiError> {
+    let user = db.get_user(id.into_inner()).await?;
+
+    Ok(web::Json(user.unwrap()))
 }
 
 #[post("")]
@@ -48,6 +56,11 @@ async fn update_user() -> impl Responder {
 }
 
 #[delete("/{id}")]
-async fn delete_user() -> impl Responder {
-    ""
+async fn delete_user(
+    db: web::Data<Database>,
+    id: web::Path<uuid::Uuid>,
+) -> Result<web::Json<String>, ApiError> {
+    let id = id.into_inner();
+    db.delete_user(id).await?;
+    Ok(web::Json(format!("User {} deleted", id)))
 }
diff --git a/crates/backend/src/db/user.rs b/crates/backend/src/db/user.rs
index 340ff49..12b1d7f 100644
--- a/crates/backend/src/db/user.rs
+++ b/crates/backend/src/db/user.rs
@@ -1,18 +1,37 @@
 use crate::error::ApiError;
 use argon2::{
-    password_hash::{rand_core::OsRng, PasswordHasher, SaltString},
     Argon2, PasswordHash, PasswordVerifier,
+    password_hash::{PasswordHasher, SaltString, rand_core::OsRng},
 };
 use sea_orm::{
     ActiveModelTrait,
     ActiveValue::{NotSet, Set},
-    ColumnTrait, DbErr, EntityTrait, ModelTrait, QueryFilter, TransactionTrait,
+    ColumnTrait, DbErr, DeleteResult, EntityTrait, ModelTrait, QueryFilter, TransactionTrait,
 };
 use uuid::Uuid;
 
-use crate::{entity, Database};
+use crate::{Database, entity};
 
 impl Database {
+    pub async fn get_users(&self) -> Result<Vec<entity::user::Model>, ApiError> {
+        let users = entity::user::Entity::find().all(&self.conn).await?;
+
+        Ok(users)
+    }
+
+    pub async fn get_user(&self, id: Uuid) -> Result<Option<entity::user::Model>, ApiError> {
+        let user = entity::user::Entity::find()
+            .filter(entity::user::Column::Id.eq(id))
+            .one(&self.conn)
+            .await?;
+
+        if user.is_none() {
+            return Err(ApiError::NotFound);
+        }
+
+        Ok(user)
+    }
+
     pub async fn create_user(
         &self,
         name: String,
@@ -82,6 +101,18 @@ impl Database {
         Ok(user.id)
     }
 
+    pub async fn delete_user(&self, id: Uuid) -> Result<DeleteResult, ApiError> {
+        let user = entity::user::Entity::delete_by_id(id)
+            .exec(&self.conn)
+            .await?;
+
+        if user.rows_affected == 0 {
+            return Err(ApiError::NotFound);
+        }
+
+        Ok(user)
+    }
+
     pub async fn verify_ldap_user() {}
 
     pub async fn change_user_password() {}