diff --git a/csharp/App/Backend/Controllers/Controller.cs b/csharp/App/Backend/Controllers/Controller.cs
index 1995fbd99..e25c51e55 100644
--- a/csharp/App/Backend/Controllers/Controller.cs
+++ b/csharp/App/Backend/Controllers/Controller.cs
@@ -72,8 +72,8 @@ public class Controller : ControllerBase
         return installation;
     }
     
-    [HttpGet(nameof(GetUsersWithAccessToInstallation))]
-    public ActionResult<IEnumerable<Object>> GetUsersWithAccessToInstallation(Int64 id, Token authToken)
+    [HttpGet(nameof(GetUsersWithDirectAccessToInstallation))]
+    public ActionResult<IEnumerable<Object>> GetUsersWithDirectAccessToInstallation(Int64 id, Token authToken)
     {
         var user = Db.GetSession(authToken)?.User;
         if (user == null)
@@ -84,21 +84,32 @@ public class Controller : ControllerBase
         if (installation is null || !user.HasAccessTo(installation))
             return Unauthorized();
 
-        var directAccess = installation
-                          .UsersWithDirectAccess()
-                          .Where(u => u.IsDescendantOf(user));
-
-        var inheritedAccess = installation
-                             .Ancestors()
-                             .SelectMany(f => f.UsersWithDirectAccess()
-                                               .Where(u => u.IsDescendantOf(user))
-                                               .Select(u => new { folderId = f.Id, user = u }));
-        
-        return directAccess
-              .Concat<Object>(inheritedAccess)
-              .Apply(Ok);  // TODO: typing
+        return installation
+            .UsersWithDirectAccess()
+            .Where(u => u.IsDescendantOf(user))
+            .ToList();
     }
-    
+
+    [HttpGet(nameof(GetUsersWithInheritedAccessToInstallation))]
+    public ActionResult<IEnumerable<Object>> GetUsersWithInheritedAccessToInstallation(Int64 id, Token authToken)
+    {
+        var user = Db.GetSession(authToken)?.User;
+        if (user == null)
+            return Unauthorized();
+
+        var installation = Db.GetInstallationById(id);
+
+        if (installation is null || !user.HasAccessTo(installation))
+            return Unauthorized();
+
+        return installation
+            .Ancestors()
+            .SelectMany(f => f.UsersWithDirectAccess()
+                .Where(u => u.IsDescendantOf(user))
+                .Select(u => new { folderId = f.Id, user = u }))
+            .ToList();
+    }
+
     [HttpGet(nameof(GetUsersWithAccessToFolder))]
     public ActionResult<IEnumerable<Object>> GetUsersWithAccessToFolder(Int64 id, Token authToken)
     {
@@ -135,6 +146,15 @@ public class Controller : ControllerBase
         return folder;
     }
     
+    [HttpGet(nameof(GetAllChildUsers))]
+    public ActionResult<IEnumerable<User>> GetAllChildUsers(Token authToken)
+    {
+        var user = Db.GetSession(authToken)?.User;
+        if (user == null)
+            return Unauthorized();
+
+        return user.ChildUsers().ToList();
+    }
     
     [HttpGet(nameof(GetAllInstallations))]
     public ActionResult<IEnumerable<Installation>> GetAllInstallations(Token authToken)