diff --git a/src/users.js b/src/users.js
index fb3c45b2d..ea121ad9f 100644
--- a/src/users.js
+++ b/src/users.js
@@ -546,12 +546,13 @@ async function isActivated() {
     return result[0].total !== 0;
 }
 
-async function get(userId) {
-    assert.strictEqual(typeof userId, 'string');
+async function internalGet(fieldName, fieldValue) {
+    assert.strictEqual(typeof fieldName, 'string');
+    assert.strictEqual(typeof fieldValue, 'string');
 
     const results = await database.query(`SELECT ${USERS_FIELDS},GROUP_CONCAT(groupMembers.groupId) AS groupIds ` +
-        ' FROM users LEFT OUTER JOIN groupMembers ON users.id = groupMembers.userId ' +
-        ' GROUP BY users.id HAVING users.id = ?', [ userId ]);
+    ' FROM users LEFT OUTER JOIN groupMembers ON users.id = groupMembers.userId ' +
+    ` GROUP BY users.id HAVING users.${fieldName} = ?`, [ fieldValue ]);
 
     if (results.length === 0) return null;
 
@@ -560,24 +561,14 @@ async function get(userId) {
     return postProcess(results[0]);
 }
 
-async function getByEmail(email) {
-    assert.strictEqual(typeof email, 'string');
-
-    const result = await database.query(`SELECT ${USERS_FIELDS} FROM users WHERE email = ?`, [ email ]);
-    if (result.length === 0) return null;
-
-    return postProcess(result[0]);
+async function get(userId) {
+    assert.strictEqual(typeof userId, 'string');
+    return await internalGet('id', userId);
 }
 
-async function getByRole(role) {
-    assert.strictEqual(typeof role, 'string');
-
-    // the mailer code relies on the first object being the 'owner' (thus the ORDER)
-    const results = await database.query(`SELECT ${USERS_FIELDS} FROM users WHERE role=? ORDER BY creationTime`, [ role ]);
-
-    results.forEach(postProcess);
-
-    return results;
+async function getByEmail(email) {
+    assert.strictEqual(typeof email, 'string');
+    return await internalGet('email', email);
 }
 
 async function getByResetToken(resetToken) {
@@ -586,10 +577,7 @@ async function getByResetToken(resetToken) {
     const error = validateToken(resetToken);
     if (error) throw error;
 
-    const result = await database.query(`SELECT ${USERS_FIELDS} FROM users WHERE resetToken=?`, [ resetToken ]);
-    if (result.length === 0) return null;
-
-    return postProcess(result[0]);
+    return await internalGet('resetToken', resetToken);
 }
 
 async function getByInviteToken(inviteToken) {
@@ -598,19 +586,13 @@ async function getByInviteToken(inviteToken) {
     const error = validateToken(inviteToken);
     if (error) throw error;
 
-    const result = await database.query(`SELECT ${USERS_FIELDS} FROM users WHERE inviteToken=?`, [ inviteToken ]);
-    if (result.length === 0) return null;
-
-    return postProcess(result[0]);
+    return await internalGet('inviteToken', inviteToken);
 }
 
 async function getByUsername(username) {
     assert.strictEqual(typeof username, 'string');
 
-    const result = await database.query(`SELECT ${USERS_FIELDS} FROM users WHERE username = ?`, [ username ]);
-    if (result.length === 0) return null;
-
-    return postProcess(result[0]);
+    return await internalGet('username', username);
 }
 
 async function update(user, data, auditSource) {
@@ -697,21 +679,38 @@ async function updateProfile(user, profile, auditSource) {
     await update(user, profile, auditSource);
 }
 
+async function listByRole(role) {
+    assert.strictEqual(typeof role, 'string');
+
+    // the mailer code relies on the first object being the 'owner' (thus the ORDER)
+    const results = await database.query(`SELECT ${USERS_FIELDS},GROUP_CONCAT(groupMembers.groupId) AS groupIds ` +
+        ' FROM users LEFT OUTER JOIN groupMembers ON users.id = groupMembers.userId ' +
+        ' GROUP BY users.id HAVING role = ? ORDER BY users.creationTime', [ role ]);
+
+    results.forEach(function (result) {
+        result.groupIds = result.groupIds ? result.groupIds.split(',') : [ ];
+    });
+
+    results.forEach(postProcess);
+
+    return results;
+}
+
 async function getOwner() {
-    const owners = await getByRole(exports.ROLE_OWNER);
+    const owners = await listByRole(exports.ROLE_OWNER);
     if (owners.length === 0) return null;
     return owners[0];
 }
 
 async function getAdmins() {
-    const owners = await getByRole(exports.ROLE_OWNER);
-    const admins = await getByRole(exports.ROLE_ADMIN);
+    const owners = await listByRole(exports.ROLE_OWNER);
+    const admins = await listByRole(exports.ROLE_ADMIN);
 
     return owners.concat(admins);
 }
 
 async function getSuperadmins() {
-    return await getByRole(exports.ROLE_OWNER);
+    return await listByRole(exports.ROLE_OWNER);
 }
 
 async function getPasswordResetLink(user, auditSource) {