diff --git a/Controller/AlbumController.php b/Controller/AlbumController.php
index 684cc14..ed25941 100644
--- a/Controller/AlbumController.php
+++ b/Controller/AlbumController.php
@@ -131,9 +131,15 @@ protected function getAlbumUrl(AlbumInterface $album)
         return $this->container->get('foq_album.url_generator')->getAlbumUrl('foq_album_album_show', $album);
     }
 
+    /**
+     * @param AlbumInterface $album
+     * @throws AccessDeniedException
+     * @return void
+     */
     protected function checkAlbumOwning(AlbumInterface $album)
     {
-        if ($album->getUser() !== $this->container->get('foq_album.security_helper')->getUser()) {
+        if (!$this->container->get('foq_album.security_helper') ||
+            $album->getUser()->getId() !== $this->container->get('foq_album.security_helper')->getUser()->getId()) {
             throw new AccessDeniedException();
         }
     }
diff --git a/SecurityHelper.php b/SecurityHelper.php
index 699bb8e..48f5be3 100644
--- a/SecurityHelper.php
+++ b/SecurityHelper.php
@@ -14,6 +14,9 @@ public function __construct(SecurityContext $securityContext)
         $this->securityContext = $securityContext;
     }
 
+    /**
+     * @return void|User
+     */
     public function getUser()
     {
         if ($token = $this->securityContext->getToken()) {