diff --git a/src/main/java/org/caosdb/server/jobs/core/AccessControl.java b/src/main/java/org/caosdb/server/jobs/core/AccessControl.java
index af7de1a82eb74b4f0a7822364a498832bb2debea..5c63f9418122b56440be0780628fb13f9ae7bc4b 100644
--- a/src/main/java/org/caosdb/server/jobs/core/AccessControl.java
+++ b/src/main/java/org/caosdb/server/jobs/core/AccessControl.java
@@ -28,6 +28,7 @@ import org.caosdb.server.accessControl.ACMPermissions;
 import org.caosdb.server.entity.DeleteEntity;
 import org.caosdb.server.entity.EntityInterface;
 import org.caosdb.server.entity.InsertEntity;
+import org.caosdb.server.entity.Role;
 import org.caosdb.server.entity.UpdateEntity;
 import org.caosdb.server.jobs.ContainerJob;
 import org.caosdb.server.jobs.JobAnnotation;
@@ -47,12 +48,15 @@ public class AccessControl extends ContainerJob {
       super(permission, description);
     }
 
-    public final String toString(String entityRole) {
-      return toString().replace(ENTITY_ROLE_PARAMETER, entityRole);
+    public final String toString(Role entityRole) {
+      String roleString = entityRole == null ? "" : entityRole.toString();
+      return toString().replace(ENTITY_ROLE_PARAMETER, roleString);
     }
 
-    public final String toString(String transaction, String entityRole) {
-      return "TRANSACTION:" + transaction + (entityRole != null ? (":" + entityRole) : "");
+    public final String toString(String transaction, Role entityRole) {
+      return "TRANSACTION:"
+          + transaction
+          + (entityRole != null ? (":" + entityRole.toString()) : "");
     }
 
     public static String init() {
@@ -87,17 +91,16 @@ public class AccessControl extends ContainerJob {
 
     for (final EntityInterface e : getContainer()) {
 
-      // per role permission
       if (e instanceof InsertEntity) {
-        if (subject.isPermitted(INSERT.toString(e.getRole().toString()))) {
+        if (subject.isPermitted(INSERT.toString(e.getRole()))) {
           continue;
         }
       } else if (e instanceof DeleteEntity) {
-        if (subject.isPermitted(DELETE.toString(e.getRole().toString()))) {
+        if (subject.isPermitted(DELETE.toString(e.getRole()))) {
           continue;
         }
       } else if (e instanceof UpdateEntity) {
-        if (subject.isPermitted(UPDATE.toString(e.getRole().toString()))) {
+        if (subject.isPermitted(UPDATE.toString(e.getRole()))) {
           continue;
         }
       }