diff --git a/uffd/group/views.py b/uffd/group/views.py
index cc4583ecb7eaccce5b46bcbf5b3e2f1099abc157..d14e2ad33b41f41f8494b4dfdd43a0caffc17e89 100644
--- a/uffd/group/views.py
+++ b/uffd/group/views.py
@@ -9,7 +9,7 @@ from .models import Group
 bp = Blueprint("group", __name__, template_folder='templates', url_prefix='/group/')
 
 @bp.before_request
-@login_required
+@login_required()
 def group_acl():
 	pass
 
diff --git a/uffd/selfservice/views.py b/uffd/selfservice/views.py
index fe8e50354ab8c8cc23ed2fe0e2c1796d62235b2c..360779854ff54e5b6e0bfc731fbe610a9fb61f37 100644
--- a/uffd/selfservice/views.py
+++ b/uffd/selfservice/views.py
@@ -11,7 +11,7 @@ from uffd.ldap import get_conn, escape_filter_chars
 bp = Blueprint("selfservice", __name__, template_folder='templates', url_prefix='/self/')
 
 @bp.before_request
-@login_required
+@login_required()
 def self_acl():
 	pass
 
diff --git a/uffd/session/__init__.py b/uffd/session/__init__.py
index a7391f91f1b2289966aaefa00479469d8734b9a6..97d96e52ee61b4d273cefdc10f46a6f69fa2278d 100644
--- a/uffd/session/__init__.py
+++ b/uffd/session/__init__.py
@@ -1,3 +1,3 @@
-from .views import bp as bp_ui, get_current_user, login_required, is_user_in_group, is_valid_session
+from .views import bp as bp_ui, get_current_user, login_required, is_valid_session
 
 bp = [bp_ui]
diff --git a/uffd/session/views.py b/uffd/session/views.py
index d65dc3fa9d94f292e8eddd7b63c87dde0fd6e302..ca88eb29a84591115bd9917198e1c9765a160413 100644
--- a/uffd/session/views.py
+++ b/uffd/session/views.py
@@ -50,18 +50,16 @@ def is_valid_session():
 	return True
 bp.add_app_template_global(is_valid_session)
 
-def is_user_in_group(user, group):
-	return True
-bp.add_app_template_global(is_user_in_group)
-
-def login_required(view, group=None):
-	@functools.wraps(view)
-	def wrapped_view(**kwargs):
-		if not is_valid_session():
-			flash('You need to login first')
-			return redirect(url_for('session.login', ref=request.url))
-		if not is_user_in_group(get_current_user, group):
-			flash('Access denied')
-			return redirect(url_for('index'))
-		return view(**kwargs)
-	return wrapped_view
+def login_required(group=None):
+	def wrapper(func):
+		@functools.wraps(func)
+		def decorator(*args, **kwargs):
+			if not is_valid_session():
+				flash('You need to login first')
+				return redirect(url_for('session.login', ref=request.url))
+			if not get_current_user().is_in_group(group):
+				flash('Access denied')
+				return redirect(url_for('index'))
+			return func(*args, **kwargs)
+		return decorator
+	return wrapper
diff --git a/uffd/user/models.py b/uffd/user/models.py
index d4d3fb39e8d48120971b77ae43d63cfabe33cd32..4a711b1319cd7b761b74efc33c9dd247435df921 100644
--- a/uffd/user/models.py
+++ b/uffd/user/models.py
@@ -82,6 +82,15 @@ class User():
 		self._groups = groups
 		return groups
 
+	def is_in_group(self, name):
+		if not name:
+			return True
+		groups = self.get_groups()
+		for i in groups:
+			if i.name == name:
+				return True
+		return False
+
 	def set_loginname(self, value):
 		if len(value) > 32 or len(value) < 1:
 			return False
diff --git a/uffd/user/views.py b/uffd/user/views.py
index ed38feaa2fb82815ea76373bd041fee36a0daea2..b2217d814398e1e8524ac1d21b3dbebf228e7f93 100644
--- a/uffd/user/views.py
+++ b/uffd/user/views.py
@@ -10,7 +10,7 @@ from .models import User
 bp = Blueprint("user", __name__, template_folder='templates', url_prefix='/user/')
 
 @bp.before_request
-@login_required
+@login_required(group='admins')
 def user_acl():
 	pass