diff --git a/users.php b/users.php
index 2b8f57c..72bdb94 100644
--- a/users.php
+++ b/users.php
@@ -1,10 +1,10 @@
 <?php
+session_start();
 require_once 'db/config.php';
 require_once 'auth-check.php';
 require_once 'auth-helpers.php';
 
-echo "Test";
-exit();
+
 
 // Only Admins can access this page
 if (!can($_SESSION['user_role'], 'user', 'read')) {
@@ -14,7 +14,20 @@ if (!can($_SESSION['user_role'], 'user', 'read')) {
 
 // Get allowed fields for the current user
 $allowed_fields_str = can($_SESSION['user_role'], 'user', 'read');
-$allowed_fields = $allowed_fields_str ? explode(',', $allowed_fields_str) : [];
+$allowed_fields = ($allowed_fields_str && $allowed_fields_str !== '*') ? explode(',', $allowed_fields_str) : [];
+
+if ($allowed_fields_str === '*') {
+    try {
+        $pdo = db();
+        $stmt = $pdo->query("SHOW COLUMNS FROM users");
+        $columns = $stmt->fetchAll(PDO::FETCH_COLUMN);
+        // Exclude sensitive fields like password
+        $allowed_fields = array_diff($columns, ['password']);
+    } catch (PDOException $e) {
+        // Handle error, maybe default to a safe subset of fields
+        $allowed_fields = ['id', 'name', 'email', 'role'];
+    }
+}
 
 function get_users($fields) {
     if (empty($fields)) {