diff --git a/csharp/App/Backend/DataTypes/Methods/Session.cs b/csharp/App/Backend/DataTypes/Methods/Session.cs
index 394aadafd..5b8dfae0a 100644
--- a/csharp/App/Backend/DataTypes/Methods/Session.cs
+++ b/csharp/App/Backend/DataTypes/Methods/Session.cs
@@ -1,4 +1,3 @@
-using System.Security.Cryptography;
 using InnovEnergy.App.Backend.Database;
 using InnovEnergy.App.Backend.Relations;
 
@@ -37,7 +36,7 @@ public static class SessionMethods
         return user is not null
             && folder is not null
             && user.HasWriteAccess
-            && user.HasAccessTo(folder)   //   TODO: && user.HasAccessTo(folder.Parent()) ??? 
+            && user.HasAccessTo(folder)
             && Db.Delete(folder);
     }
     
@@ -46,12 +45,14 @@ public static class SessionMethods
     {
         var user = session?.User;
         
+        //Note: keep generation of access _after_ generation of object to prevent "zombie" access-rights.
+        
         return user is not null
             && installation is not null
             && user.HasWriteAccess
             && user.HasAccessTo(installation.Parent()) 
             && Db.Create(installation)
-            && InstallationMethods.CreateBucket(installation).Result
+            && installation.CreateBucket().Result
             && Db.Create(new InstallationAccess { UserId = user.Id, InstallationId = installation.Id });
     }
 
@@ -75,7 +76,7 @@ public static class SessionMethods
         return user is not null
             && installation is not null
             && user.HasWriteAccess
-            && user.HasAccessTo(installation)   //   TODO: && user.HasAccessTo(installation.Parent()) ??? 
+            && user.HasAccessTo(installation)
             && Db.Delete(installation);
     }
     
diff --git a/csharp/App/Backend/DataTypes/Methods/User.cs b/csharp/App/Backend/DataTypes/Methods/User.cs
index 97eb4d10a..d64e2e84b 100644
--- a/csharp/App/Backend/DataTypes/Methods/User.cs
+++ b/csharp/App/Backend/DataTypes/Methods/User.cs
@@ -180,10 +180,8 @@ public static class UserMethods
         return $"{user.Id}InnovEnergy";   
     }
     
-
-
-
-    // TODO
+    
+    // TODO?
     private static Boolean IsValidEmail(String email)
     {
         try
diff --git a/csharp/App/Backend/Database/Create.cs b/csharp/App/Backend/Database/Create.cs
index 537192476..d1b6d8318 100644
--- a/csharp/App/Backend/Database/Create.cs
+++ b/csharp/App/Backend/Database/Create.cs
@@ -21,7 +21,7 @@ public static partial class Db
     
     public static Boolean Create(User user)
     {
-        if (GetUserByEmail(user.Email) is not null)  // TODO: User unique by username instead of email?
+        if (GetUserByEmail(user.Email) is not null) 
             return false;
 
         user.Password = user.SaltAndHashPassword(user.Password);