From 287e6b950e8b97bf223530dc693beda08ad5344b Mon Sep 17 00:00:00 2001
From: dashevchenko <dshevchenko@thingsboard.io>
Date: Fri, 5 Dec 2025 13:00:01 +0200
Subject: [PATCH] fixed UserController getUsersByIds method

---
 .../java/org/thingsboard/server/controller/UserController.java  | 2 +-
 .../org/thingsboard/server/controller/UserControllerTest.java   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/application/src/main/java/org/thingsboard/server/controller/UserController.java b/application/src/main/java/org/thingsboard/server/controller/UserController.java
index 8da3978aeb..27a55353ba 100644
--- a/application/src/main/java/org/thingsboard/server/controller/UserController.java
+++ b/application/src/main/java/org/thingsboard/server/controller/UserController.java
@@ -599,7 +599,7 @@ public class UserController extends BaseController {
 
     @ApiOperation(value = "Get Users By Ids (getUsersByIds)",
             notes = "Requested users must be owned by tenant or assigned to customer which user is performing the request. ")
-    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
+    @PreAuthorize("hasAnyAuthority('TENANT_ADMIN', 'CUSTOMER_USER')")
     @GetMapping(value = "/users", params = {"userIds"})
     public List<User> getUsersByIds(
             @Parameter(description = "A list of user ids, separated by comma ','", array = @ArraySchema(schema = @Schema(type = "string")), required = true)
diff --git a/application/src/test/java/org/thingsboard/server/controller/UserControllerTest.java b/application/src/test/java/org/thingsboard/server/controller/UserControllerTest.java
index 4379b57b45..f5f51a0c6b 100644
--- a/application/src/test/java/org/thingsboard/server/controller/UserControllerTest.java
+++ b/application/src/test/java/org/thingsboard/server/controller/UserControllerTest.java
@@ -269,7 +269,7 @@ public class UserControllerTest extends AbstractControllerTest {
 
     @Test
     public void testFindUsersByIds() throws Exception {
-        loginSysAdmin();
+        loginTenantAdmin();
         List<User> savedUsers = new ArrayList<>();
         for (int i = 0; i < 10; i++) {
             User user = createTenantAdminUser();