diff --git a/app/controllers/personal_repositories_controller.rb b/app/controllers/personal_repositories_controller.rb
index 873c20836..1b9e84556 100644
--- a/app/controllers/personal_repositories_controller.rb
+++ b/app/controllers/personal_repositories_controller.rb
@@ -26,8 +26,7 @@ class PersonalRepositoriesController < ApplicationController
 
   def add_project
     if params[:project_id]
-      @project = Project.find(params[:project_id])
-      # params[:project_id] = nil
+      @project = current_user.own_projects.find(params[:project_id])
       unless @repository.projects.find_by_name(@project.name)
         @repository.projects << @project
         flash[:notice] = t('flash.repository.project_added')
@@ -36,13 +35,13 @@ class PersonalRepositoriesController < ApplicationController
       end
       redirect_to personal_repository_path(@repository)
     else
-      @projects = Project.addable_to_repository(@repository.id).paginate(:page => params[:project_page])
+      @projects = current_user.own_projects.addable_to_repository(@repository.id).paginate(:page => params[:project_page])
       render 'projects_list'
     end
   end
 
   def remove_project
-    @project = Project.find(params[:project_id])
+    @project = current_user.own_projects.find(params[:project_id])
     ProjectToRepository.where(:project_id => @project.id, :repository_id => @repository.id).destroy_all
     redirect_to personal_repository_path(@repository), :notice => t('flash.repository.project_removed')
   end
diff --git a/app/models/user.rb b/app/models/user.rb
index 45d6f270b..b48d3f2a5 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -6,8 +6,6 @@ class User < ActiveRecord::Base
 
   has_many :authentications, :dependent => :destroy
 
-  has_many :roles, :through => :targets
-
   has_many :relations, :as => :object, :dependent => :destroy
   has_many :targets, :as => :object, :class_name => 'Relation'
 
diff --git a/spec/controllers/personal_repositories_controller_spec.rb b/spec/controllers/personal_repositories_controller_spec.rb
index 6fb764ae8..0adb82d7a 100644
--- a/spec/controllers/personal_repositories_controller_spec.rb
+++ b/spec/controllers/personal_repositories_controller_spec.rb
@@ -67,6 +67,8 @@ describe PersonalRepositoriesController do
   	before(:each) do
   		@admin = Factory(:admin)
   		set_session_for(@admin)
+
+      @project.update_attribute(:owner, @admin)
 		end
 
     it_should_behave_like 'personal repository owner'
@@ -87,6 +89,8 @@ describe PersonalRepositoriesController do
   		@user = Factory(:user)
   		set_session_for(@user)
 
+      @project.update_attribute(:owner, @user)
+
   		@repository.update_attribute(:owner, @user)
   		@repository.relations.create!(:object_type => 'User', :object_id => @user.id, :role => 'admin')