diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2829819c..3a953daa 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,7 +11,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
 
 ### Added
 
-- Admin flag to the database.
+- Admin flag to the database. Now not only the first user in the system can create new users, but also users with the admin flag set to true. This will make easier introduction of more admin functions in the future.
 
 ### Fixed
 
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 04950a57..775eeeb7 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -16,7 +16,7 @@ class ApplicationController < ActionController::Base
   def authenticate_admin!
     return if current_user.admin?
 
-    redirect_to root_path, notice: 'You are not authorized to perform this action.', status: :unauthorized
+    redirect_to root_path, notice: 'You are not authorized to perform this action.', status: :see_other
   end
 
   def authenticate_api_key
diff --git a/spec/factories/users.rb b/spec/factories/users.rb
index 52eebd22..dfdf60a7 100644
--- a/spec/factories/users.rb
+++ b/spec/factories/users.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :user do
     sequence :email do |n|
@@ -5,5 +7,9 @@ FactoryBot.define do
     end
 
     password { SecureRandom.hex(8) }
+
+    trait :admin do
+      admin { true }
+    end
   end
 end
diff --git a/spec/requests/settings/background_jobs_spec.rb b/spec/requests/settings/background_jobs_spec.rb
index 8eef2501..95a13826 100644
--- a/spec/requests/settings/background_jobs_spec.rb
+++ b/spec/requests/settings/background_jobs_spec.rb
@@ -17,53 +17,62 @@ RSpec.describe '/settings/background_jobs', type: :request do
   end
 
   context 'when user is authenticated' do
-    let(:user) { create(:user) }
+    before { sign_in create(:user) }
 
-    before do
-      sign_in user
-    end
-
-    describe 'GET /index' do
-      it 'renders a successful response' do
+    context 'when user is not an admin' do
+      it 'redirects to root page' do
         get settings_background_jobs_url
 
-        expect(response).to be_successful
+        expect(response).to redirect_to(root_url)
+        expect(flash[:notice]).to eq('You are not authorized to perform this action.')
       end
     end
 
-    describe 'POST /create' do
-      let(:params) { { job_name: 'start_reverse_geocoding' } }
+    context 'when user is an admin' do
+      before { sign_in create(:user, :admin) }
 
-      context 'with valid parameters' do
-        it 'enqueues a new job' do
-          expect do
-            post settings_background_jobs_url, params:
-          end.to have_enqueued_job(EnqueueReverseGeocodingJob)
+      describe 'GET /index' do
+        it 'renders a successful response' do
+          get settings_background_jobs_url
+
+          expect(response).to be_successful
+        end
+      end
+
+      describe 'POST /create' do
+        let(:params) { { job_name: 'start_reverse_geocoding' } }
+
+        context 'with valid parameters' do
+          it 'enqueues a new job' do
+            expect do
+              post settings_background_jobs_url, params:
+            end.to have_enqueued_job(EnqueueReverseGeocodingJob)
+          end
+
+          it 'redirects to the created settings_background_job' do
+            post(settings_background_jobs_url, params:)
+
+            expect(response).to redirect_to(settings_background_jobs_url)
+          end
+        end
+      end
+
+      describe 'DELETE /destroy' do
+        it 'clears the Sidekiq queue' do
+          queue = instance_double(Sidekiq::Queue)
+          allow(Sidekiq::Queue).to receive(:new).and_return(queue)
+
+          expect(queue).to receive(:clear)
+
+          delete settings_background_job_url('queue_name')
         end
 
-        it 'redirects to the created settings_background_job' do
-          post(settings_background_jobs_url, params:)
+        it 'redirects to the settings_background_jobs list' do
+          delete settings_background_job_url('queue_name')
 
           expect(response).to redirect_to(settings_background_jobs_url)
         end
       end
     end
-
-    describe 'DELETE /destroy' do
-      it 'clears the Sidekiq queue' do
-        queue = instance_double(Sidekiq::Queue)
-        allow(Sidekiq::Queue).to receive(:new).and_return(queue)
-
-        expect(queue).to receive(:clear)
-
-        delete settings_background_job_url('queue_name')
-      end
-
-      it 'redirects to the settings_background_jobs list' do
-        delete settings_background_job_url('queue_name')
-
-        expect(response).to redirect_to(settings_background_jobs_url)
-      end
-    end
   end
 end
diff --git a/spec/requests/settings/users_spec.rb b/spec/requests/settings/users_spec.rb
index e7bd4dfd..6685e6c4 100644
--- a/spec/requests/settings/users_spec.rb
+++ b/spec/requests/settings/users_spec.rb
@@ -3,41 +3,61 @@
 require 'rails_helper'
 
 RSpec.describe '/settings/users', type: :request do
-  before do
-    sign_in create(:user)
+  let(:valid_attributes) { { email: 'user@domain.com' } }
+
+  context 'when user is not authenticated' do
+    it 'redirects to sign in page' do
+      post settings_users_url, params: { user: valid_attributes }
+
+      expect(response).to redirect_to(new_user_session_url)
+    end
   end
 
-  describe 'POST /create' do
-    context 'with valid parameters' do
-      let(:valid_attributes) { { email: 'user@domain.com' } }
+  context 'when user is authenticated' do
+    context 'when user is not an admin' do
+      before { sign_in create(:user) }
 
-      it 'creates a new User' do
-        expect do
-          post settings_users_url, params: { user: valid_attributes }
-        end.to change(User, :count).by(1)
-      end
-
-      it 'redirects to the created settings_user' do
+      it 'redirects to root page' do
         post settings_users_url, params: { user: valid_attributes }
 
-        expect(response).to redirect_to(settings_url)
-        expect(flash[:notice]).to eq("User was successfully created, email is #{valid_attributes[:email]}, password is \"password\".")
+        expect(response).to redirect_to(root_url)
       end
     end
 
-    context 'with invalid parameters' do
-      let(:invalid_attributes) { { email: nil } }
+    context 'when user is an admin' do
+      before { sign_in create(:user, :admin) }
 
-      it 'does not create a new User' do
-        expect do
-          post settings_users_url, params: { user: invalid_attributes }
-        end.to change(User, :count).by(0)
-      end
+      describe 'POST /create' do
+        context 'with valid parameters' do
+          it 'creates a new User' do
+            expect do
+              post settings_users_url, params: { user: valid_attributes }
+            end.to change(User, :count).by(1)
+          end
 
-      it 'renders a response with 422 status (i.e. to display the "new" template)' do
-        post settings_users_url, params: { user: invalid_attributes }
+          it 'redirects to the created settings_user' do
+            post settings_users_url, params: { user: valid_attributes }
 
-        expect(response).to have_http_status(:unprocessable_entity)
+            expect(response).to redirect_to(settings_url)
+            expect(flash[:notice]).to eq("User was successfully created, email is #{valid_attributes[:email]}, password is \"password\".")
+          end
+        end
+
+        context 'with invalid parameters' do
+          let(:invalid_attributes) { { email: nil } }
+
+          it 'does not create a new User' do
+            expect do
+              post settings_users_url, params: { user: invalid_attributes }
+            end.to change(User, :count).by(0)
+          end
+
+          it 'renders a response with 422 status (i.e. to display the "new" template)' do
+            post settings_users_url, params: { user: invalid_attributes }
+
+            expect(response).to have_http_status(:unprocessable_entity)
+          end
+        end
       end
     end
   end