diff --git a/src/api/app/controllers/person_controller.rb b/src/api/app/controllers/person_controller.rb
index 4b441f48128..fdc539b7d51 100644
--- a/src/api/app/controllers/person_controller.rb
+++ b/src/api/app/controllers/person_controller.rb
@@ -119,13 +119,6 @@ class ErrRegisterSave < APIException
   end
 
   def internal_register
-    if CONFIG['ldap_mode'] == :on
-      raise ErrRegisterSave.new "LDAP mode enabled, users can only be registered via LDAP"
-    end
-    if CONFIG['proxy_auth_mode'] == :on or CONFIG['ichain_mode'] == :on
-      raise ErrRegisterSave.new "Proxy authentification mode, manual registration is disabled"
-    end
-
     xml = REXML::Document.new( request.raw_post )
     
     logger.debug( "register XML: #{request.raw_post}" )
@@ -135,24 +128,7 @@ def internal_register
     email = xml.elements["/unregisteredperson/email"].text
     password = xml.elements["/unregisteredperson/password"].text
     note = xml.elements["/unregisteredperson/note"].text if xml.elements["/unregisteredperson/note"]
-    status = "confirmed"
-
-    unless User.current and User.current.is_admin?
-      note = ""
-    end
-
-    if ::Configuration.first.registration == "deny"
-      unless User.current and User.current.is_admin?
-        raise ErrRegisterSave.new "User registration is disabled"
-      end
-    elsif ::Configuration.first.registration == "confirmation"
-      status = "unconfirmed"
-    elsif ::Configuration.first.registration != "allow"
-      render_error :message => "Admin configured an unknown config option for registration",
-                   :errorcode => "server_setup_error", :status => 500
-      return
-    end
-    status = xml.elements["/unregisteredperson/state"].text if User.current and User.current.is_admin?
+    status = xml.elements["/unregisteredperson/state"].text
 
     if auth_method == :proxy
       if request.env['HTTP_X_USERNAME'].blank?
@@ -163,29 +139,8 @@ def internal_register
       realname = request.env['HTTP_X_FIRSTNAME'] + " " + request.env['HTTP_X_LASTNAME'] unless request.env['HTTP_X_LASTNAME'].blank?
     end
 
-    newuser = User.create( 
-              :login => login,
-              :password => password,
-              :password_confirmation => password,
-              :email => email )
-
-    newuser.realname = realname
-    newuser.state = User.states[status]
-    newuser.adminnote = note
-    logger.debug("Saving...")
-    newuser.save
-    
-    if !newuser.errors.empty?
-      details = newuser.errors.map{ |key, msg| "#{key}: #{msg}" }.join(", ")
-      raise ErrRegisterSave.new "Could not save the registration, details: #{details}"
-    end
-
-    # create subscription for submit requests
-    if Object.const_defined? :Hermes
-      h = Hermes.new
-      h.add_user(login, email)
-      h.add_request_subscription(login)
-    end
+    User.register(login: login, realname: realname, email:
+        email, password: password, note: note, status: status)
 
     # This may fail when no notification is configured. Not important, so no exception handling for now
     # IchainNotifier.deliver_approval(newuser)
@@ -224,27 +179,13 @@ def update_watchlist( user, xml )
 
   def update_globalroles( user, xml )
     new_globalroles = []
-    old_globalroles = []
-
     xml.elements("globalrole") do |e|
       new_globalroles << e.to_s
     end
-
-    user.roles.where(global: true).each do |ugr|
-      old_globalroles << ugr.title
-    end
-    add_to_globalroles = new_globalroles.collect {|i| old_globalroles.include?(i) ? nil : i}.compact
-    remove_from_globalroles = old_globalroles.collect {|i| new_globalroles.include?(i) ? nil : i}.compact
-
-    remove_from_globalroles.each do |title|
-      user.roles_users.where(role_id: Role.find_by_title!(title).id).delete_all
-    end
-
-    add_to_globalroles.each do |title|
-      user.roles_users.new(role: Role.find_by_title!(title))
-    end
-    return true
+ 
+    user.update_globalroles( new_globalroles )
   end
+
   private :update_globalroles
 
   def change_my_password
diff --git a/src/api/app/models/user.rb b/src/api/app/models/user.rb
index c93c20695d6..154532a091d 100644
--- a/src/api/app/models/user.rb
+++ b/src/api/app/models/user.rb
@@ -808,6 +808,80 @@ def watches?(name)
     watched_projects.joins(:project).where(projects: { name: name }).exists?
   end
 
+  def update_globalroles( new_globalroles )
+    old_globalroles = []
+
+    self.roles.where(global: true).each do |ugr|
+      old_globalroles << ugr.title
+    end
+
+    add_to_globalroles = new_globalroles.collect {|i| old_globalroles.include?(i) ? nil : i}.compact
+    remove_from_globalroles = old_globalroles.collect {|i| new_globalroles.include?(i) ? nil : i}.compact
+
+    remove_from_globalroles.each do |title|
+      self.roles_users.where(role_id: Role.find_by_title!(title).id).delete_all
+    end
+
+    add_to_globalroles.each do |title|
+      self.roles_users.new(role: Role.find_by_title!(title))
+    end
+  end
+
+  class ErrRegisterSave < APIException
+  end
+
+  def self.register(opts)
+    if CONFIG['ldap_mode'] == :on
+      raise ErrRegisterSave.new "LDAP mode enabled, users can only be registered via LDAP"
+    end
+    if CONFIG['proxy_auth_mode'] == :on or CONFIG['ichain_mode'] == :on
+      raise ErrRegisterSave.new "Proxy authentification mode, manual registration is disabled"
+    end
+
+    status = "confirmed"
+
+    unless User.current and User.current.is_admin?
+      opts[:note] = nil
+    end
+
+    if ::Configuration.first.registration == "deny"
+      unless User.current and User.current.is_admin?
+        raise ErrRegisterSave.new "User registration is disabled"
+      end
+    elsif ::Configuration.first.registration == "confirmation"
+      status = "unconfirmed"
+    elsif ::Configuration.first.registration != "allow"
+      render_error :message => "Admin configured an unknown config option for registration",
+                   :errorcode => "server_setup_error", :status => 500
+      return
+    end
+    status = opts[:status] if User.current and User.current.is_admin?
+
+    newuser = User.create(
+        :login => opts[:login],
+        :password => opts[:password],
+        :password_confirmation => opts[:password],
+        :email => opts[:email] )
+
+    newuser.realname = opts[:realname]
+    newuser.state = User.states[status]
+    newuser.adminnote = opts[:note]
+    logger.debug("Saving...")
+    newuser.save
+
+    if !newuser.errors.empty?
+      details = newuser.errors.map{ |key, msg| "#{key}: #{msg}" }.join(", ")
+      raise ErrRegisterSave.new "Could not save the registration, details: #{details}"
+    end
+
+    # create subscription for submit requests
+    if Object.const_defined? :Hermes
+      h = Hermes.new
+      h.add_user(login, email)
+      h.add_request_subscription(login)
+    end
+  end
+
   protected
   # This method allows to execute a block while deactivating timestamp
   # updating.
diff --git a/src/api/test/functional/person_controller_test.rb b/src/api/test/functional/person_controller_test.rb
index ba8710ec90c..294c32319ce 100644
--- a/src/api/test/functional/person_controller_test.rb
+++ b/src/api/test/functional/person_controller_test.rb
@@ -180,10 +180,10 @@ def test_register_and_change_password_new_way
 
     u = User.find_by_login "adrianSuSE"
     assert_not_nil u
-    assert_equal u.login, "adrianSuSE"
-    assert_equal u.email, "adrian@suse.de"
-    assert_equal u.realname, "Adrian Schroeter"
-    assert_equal u.adminnote, ""
+    assert_equal "adrianSuSE", u.login
+    assert_equal "adrian@suse.de", u.email
+    assert_equal "Adrian Schroeter", u.realname
+    assert_equal nil, u.adminnote
 
     # change password
     data = 'NEWPASSW0RD'
@@ -232,7 +232,7 @@ def test_register_old_way
     assert_equal u.login, "adrianSuSE"
     assert_equal u.email, "adrian@suse.de"
     assert_equal u.realname, "Adrian Schroeter"
-    assert_equal u.adminnote, ""
+    assert_equal nil, u.adminnote
     u.destroy
 
   end
diff --git a/src/api/test/functional/webui/all_routes_test.rb b/src/api/test/functional/webui/all_routes_test.rb
index d5d30c16a28..564efc0f559 100644
--- a/src/api/test/functional/webui/all_routes_test.rb
+++ b/src/api/test/functional/webui/all_routes_test.rb
@@ -156,7 +156,6 @@ class Webui::AllRoutesTest < Webui::IntegrationTest
     urls << webui_engine.home_list_my_path
     urls << webui_engine.home_requests_path
     urls << webui_engine.home_home_project_path
-    urls << webui_engine.home_remove_watched_project_path
     urls << webui_engine.apidocs_path
     urls << webui_engine.apidocs_index_path
 
diff --git a/src/api/webui/app/controllers/webui/configuration_controller.rb b/src/api/webui/app/controllers/webui/configuration_controller.rb
index 720d7a5bc4c..5f69e3d269f 100644
--- a/src/api/webui/app/controllers/webui/configuration_controller.rb
+++ b/src/api/webui/app/controllers/webui/configuration_controller.rb
@@ -12,7 +12,7 @@ def connect_instance
   end
 
   def users
-    @users = ::User.all.to_a
+    @users = ::User.where("login != '_nobody_'").to_a
   end
   
   def groups
diff --git a/src/api/webui/app/controllers/webui/home_controller.rb b/src/api/webui/app/controllers/webui/home_controller.rb
index e2801126f91..89e193d7a41 100644
--- a/src/api/webui/app/controllers/webui/home_controller.rb
+++ b/src/api/webui/app/controllers/webui/home_controller.rb
@@ -151,13 +151,6 @@ def home_project
     redirect_to :controller => :project, :action => :show, :project => "home:#{User.current.login}"
   end
 
-  def remove_watched_project
-    logger.debug "removing watched project '#{params[:project]}' from user '#{@user}'"
-    @user.remove_watched_project(params[:project])
-    @user.save
-    render :partial => 'watch_list'
-  end
-
   def overwrite_user
     @displayed_user = User.current
     if params['user'].present?
@@ -168,7 +161,7 @@ def overwrite_user
         flash[:error] = "User not found #{params['user']}"
       end
     end
-    unless @displayed_user
+    if @displayed_user.is_nobody?
       flash[:error] = "Please log in"
       redirect_to :controller => :user, :action => :login
     end
diff --git a/src/api/webui/app/controllers/webui/package_controller.rb b/src/api/webui/app/controllers/webui/package_controller.rb
index 99206361dc5..97064ca8550 100644
--- a/src/api/webui/app/controllers/webui/package_controller.rb
+++ b/src/api/webui/app/controllers/webui/package_controller.rb
@@ -142,7 +142,7 @@ def binary
       # ignore files not available
       @durl = nil
     end
-    if @user and !@durl
+    unless User.current.is_nobody? or @durl
       # only use API for logged in users if the mirror is not available
       @durl = rpm_url( @project, @package, @repository, @arch, @filename )
     end
diff --git a/src/api/webui/app/controllers/webui/project_controller.rb b/src/api/webui/app/controllers/webui/project_controller.rb
index 97c562c3c36..f8a3cc36bd8 100644
--- a/src/api/webui/app/controllers/webui/project_controller.rb
+++ b/src/api/webui/app/controllers/webui/project_controller.rb
@@ -1100,10 +1100,10 @@ def package_buildresult
 
   def toggle_watch
     if User.current.watches? @project.name
-      logger.debug "Remove #{@project} from watchlist for #{@user}"
+      logger.debug "Remove #{@project} from watchlist for #{User.current}"
       User.current.remove_watched_project @project.name
     else
-      logger.debug "Add #{@project} to watchlist for #{@user}"
+      logger.debug "Add #{@project} to watchlist for #{User.current}"
       User.current.add_watched_project @project.name
     end
 
diff --git a/src/api/webui/app/controllers/webui/request_controller.rb b/src/api/webui/app/controllers/webui/request_controller.rb
index bd2ec7b5c89..69fc14451fe 100644
--- a/src/api/webui/app/controllers/webui/request_controller.rb
+++ b/src/api/webui/app/controllers/webui/request_controller.rb
@@ -75,8 +75,9 @@ def show
 
     @my_open_reviews = @req['my_open_reviews']
     @other_open_reviews = @req['other_open_reviews']
-    @can_add_reviews = ['new', 'review'].include?(@state) && (@is_author || @is_target_maintainer || @my_open_reviews.length > 0) && !@user.nil?
-    @can_handle_request = ['new', 'review', 'declined'].include?(@state) && (@is_target_maintainer || @is_author) && !@user.nil?
+    @can_add_reviews = ['new', 'review'].include?(@state) && (@is_author || @is_target_maintainer || @my_open_reviews.length > 0) && !User.current.is_nobody?
+    @can_handle_request = ['new', 'review', 'declined'].include?(@state) && (@is_target_maintainer || @is_author) && !User.current.is_nobody?
+Rails.logger.debug "CHR #{@can_handle_request} - #{@is_target_maintainer} - #{@is_author}"
 
     @events = @req['events']
     @actions = @req['actions']
@@ -197,9 +198,9 @@ def delete_request_dialog
   end
 
   def delete_request
-    required_parameters :project, :package
+    required_parameters :project
     begin
-      req = BsRequest.new(:type => 'delete', :targetproject => params[:project], :targetpackage => params[:package], :description => params[:description])
+      req = Webui::BsRequest.new(:type => 'delete', :targetproject => params[:project], :targetpackage => params[:package], :description => params[:description])
       req.save(:create => true)
       Rails.cache.delete 'requests_new'
     rescue ActiveXML::Transport::Error => e
diff --git a/src/api/webui/app/controllers/webui/user_controller.rb b/src/api/webui/app/controllers/webui/user_controller.rb
index 734e4796268..3d568fa7eda 100644
--- a/src/api/webui/app/controllers/webui/user_controller.rb
+++ b/src/api/webui/app/controllers/webui/user_controller.rb
@@ -8,19 +8,18 @@ class UserController < WebuiController
   before_filter :check_user, :only => [:edit, :save, :change_password, :register, :delete, :confirm, :lock, :admin]
   before_filter :require_login, :only => [:edit, :save]
   before_filter :overwrite_user, :only => [:edit]
-  before_filter :require_admin, :only => [:edit]
+  before_filter :require_admin, :only => [:edit, :delete, :lock, :confirm, :admin]
   
   def logout
     logger.info "Logging out: #{session[:login]}"
     reset_session
-    @user = nil
+    User.current = nil
     @return_to_path = root_path
     if CONFIG['proxy_auth_mode'] == :on
       redirect_to CONFIG['proxy_auth_logout_page']
     else
       redirect_to root_path
     end
-    Person.free_cache session[:login]
   end
 
   def login
@@ -59,19 +58,25 @@ def do_login
   end
 
   def save
-    person_opts = { :login => params[:user],
-                    :realname => params[:realname],
-                    :email => params[:email],
-                    :globalrole => params[:globalrole],
-                    :state => params[:state]}
-    begin
-      person = Person.new(person_opts)
-      person.save
-    rescue ActiveXML::Transport::Error => e
-      flash[:error] = e.message
+    if User.current.is_admin?
+      person = User.find_by_login!(params[:user])
+    else
+      person = User.current
+      if person.login != params[:user]
+        flash[:error] = "Can't edit #{params[:user]}"
+        redirect_to(:back) and return
+      end
+    end
+    person.realname = params[:realname]
+    person.email = params[:email]
+    if User.current.is_admin?
+      person.state = User.states[params[:state]]
+      roles = [ params[:globalrole] ]
+      person.update_globalroles(roles)
     end
+    person.save!
+
     flash[:success] = "User data for user '#{person.login}' successfully updated."
-    Rails.cache.delete("person_#{person.login}")
     redirect_back_or_to :controller => 'home', :action => :index
   end
 
@@ -81,39 +86,27 @@ def edit
   end
 
   def delete
-    user = Person.find( params[:user] )
-    params[:realname] = user.realname
-    params[:email] = user.email
-    params[:globalrole] = user.globalrole
-    params[:state] = 'deleted'
-    save
+    u = User.find_by_login( params[:user] )
+    u.state = User.states['deleted']
+    u.save
   end
 
   def confirm
-    user = Person.find( params[:user] )
-    params[:realname] = user.realname
-    params[:email] = user.email
-    params[:globalrole] = user.globalrole
-    params[:state] = 'confirmed'
-    save
+    u = User.find_by_login( params[:user] )
+    u.state = User.states['confirmed']
+    u.save
   end
   
   def lock
-    user = Person.find( params[:user] )
-    params[:realname] = user.realname
-    params[:email] = user.email
-    params[:globalrole] = user.globalrole
-    params[:state] = 'locked'
-    save
+    u = User.find_by_login( params[:user] )
+    u.state = User.states['locked']
+    u.save
   end
 
   def admin
-    user = Person.find( params[:user] )
-    params[:realname] = user.realname
-    params[:email] = user.email
-    params[:globalrole] = 'Admin'
-    params[:state] = user.state
-    save
+    u = User.find_by_login( params[:user] )
+    u.update_globalroles(['Admin'])
+    u.save
   end
 
   def save_dialog
@@ -130,16 +123,14 @@ def overwrite_user
 
 
   def register
-    unreg_person_opts = { :login => params[:login],
-                          :email => params[:email],
-                          :realname => params[:realname],
-                          :password => params[:password],
-                          :state => params[:state]}
+    opts = { :login => params[:login],
+             :email => params[:email],
+             :realname => params[:realname],
+             :password => params[:password],
+             :state => params[:state]}
     begin
-      person = Unregisteredperson.new(unreg_person_opts)
-      logger.debug "Registering user #{params[:login]}"
-      person.save({:create => true})
-    rescue ActiveXML::Transport::Error => e
+      person = User.register(opts)
+    rescue APIException => e
       flash[:error] = e.message
       redirect_back_or_to :controller => 'main', :action => 'index' and return
     end
@@ -194,14 +185,42 @@ def change_password
     redirect_to :controller => :home, :action => :index
   end 
 
+
   def autocomplete
     required_parameters :term
-    render json: Person.list(params[:term])
+    render json: list_users(params[:term])
   end
 
   def tokens
     required_parameters :q
-    render json: Person.list(params[:q], true)
+    render json: list_users(params[:q], true)
+  end
+
+  protected
+
+  def list_users(prefix=nil, hash=nil)
+    prefix = URI.encode(prefix)
+    user_list = Rails.cache.fetch("user_list_#{prefix.to_s}", :expires_in => 10.minutes) do
+      transport ||= ActiveXML::api
+      path = "/person?prefix=#{prefix}"
+      begin
+        logger.debug 'Fetching user list from API'
+        response = transport.direct_http URI("#{path}"), :method => 'GET'
+        names = []
+        if hash
+          Webui::Collection.new(response).each do |user|
+            user = { 'name' => user.name }
+            names << user
+          end
+        else
+          Webui::Collection.new(response).each {|user| names << user.name}
+        end
+        names
+      rescue ActiveXML::Transport::Error => e
+        raise ListError, e.summary
+      end
+    end
+    return user_list
   end
 
 end
diff --git a/src/api/webui/app/controllers/webui/webui_controller.rb b/src/api/webui/app/controllers/webui/webui_controller.rb
index d9dad3da616..b76828cdbac 100644
--- a/src/api/webui/app/controllers/webui/webui_controller.rb
+++ b/src/api/webui/app/controllers/webui/webui_controller.rb
@@ -33,10 +33,10 @@ class WebuiController < ActionController::Base
     elsif exception.code == 'unconfirmed_user'
       render file: Rails.root.join('public/402'), formats: [:html], status: 402, layout: false
     else
-      if @user
-        render file: Rails.root.join('public/403'), formats: [:html], status: :forbidden, layout: false
-      else
+      if User.current.is_nobody?
         render file: Rails.root.join('public/401'), formats: [:html], status: :unauthorized, layout: false
+      else
+        render file: Rails.root.join('public/403'), formats: [:html], status: :forbidden, layout: false
       end
     end
   end
@@ -223,7 +223,6 @@ def check_spiders
     @spider_bot = false
     if defined? TREAT_USER_LIKE_BOT or request.env.has_key? 'HTTP_OBS_SPIDER'
       @spider_bot = true
-      return
     end
   end
   private :check_spiders
@@ -239,10 +238,8 @@ def lockout_spiders
 
   def check_user
     check_spiders
-    @user ||= Person.find(session[:login]) if session[:login]
-    if @user
+    if session[:login]
       User.current = User.find_by_login session[:login]
-      Rails.cache.set_domain(@user.to_s) if Rails.cache.respond_to?('set_domain')
       @nr_requests_that_need_work = 0
       unless request.xhr?
         User.current.request_ids_by_class.each { |key,array| @nr_requests_that_need_work += array.size }
diff --git a/src/api/webui/app/models/webui/package.rb b/src/api/webui/app/models/webui/package.rb
index 2b98711c8b2..381c951f333 100644
--- a/src/api/webui/app/models/webui/package.rb
+++ b/src/api/webui/app/models/webui/package.rb
@@ -114,16 +114,7 @@ def linking_packages
   end
 
   def user_has_role?(user, role)
-    if user
-      if user.kind_of? User
-        return api_obj.relationships.where(user: user, role_id: Role.rolecache[role]).exists?
-      end
-      raise 'user needs to be a Person' unless user.kind_of? Person
-      each_person do |p|
-        return true if p.role == role and p.userid == user.to_s
-      end
-    end
-    return false
+    user && api_obj.relationships.where(user: user, role_id: Role.rolecache[role]).exists?
   end
 
   def group_has_role?(groupid, role)
diff --git a/src/api/webui/app/models/webui/person.rb b/src/api/webui/app/models/webui/person.rb
deleted file mode 100644
index 133f22b2dfe..00000000000
--- a/src/api/webui/app/models/webui/person.rb
+++ /dev/null
@@ -1,74 +0,0 @@
-module Webui
-class Person < Node
-
-  class ListError < Exception; end
-
-  default_find_parameter :login
-
-  handles_xml_element 'person'
-
-  class << self
-    def make_stub( opt )
-      logger.debug "make stub params: #{opt.inspect}"
-      realname = ""
-      realname = opt[:realname] if opt.has_key? :realname
-      email = ""
-      email = opt[:email] if opt.has_key? :email
-      state = ""
-      state = opt[:state] if opt.has_key? :state
-      globalrole = ""
-      globalrole = opt[:globalrole] if opt.has_key? :globalrole
-
-      reply = <<-EOF
-        <person>
-           <login>#{opt[:login]}</login>
-           <email>#{email}</email>
-           <realname>#{realname}</realname>
-           <state>#{state}</state>
-           <globalrole>#{globalrole}</globalrole>
-        </person>
-      EOF
-      return reply
-    end
-  end
-
-  def initialize(data)
-    super(data)
-    @login = self.to_hash["login"]
-  end
-
-  def to_str
-    login
-  end
-
-  def to_s
-    login
-  end
-
-  def self.list(prefix=nil, hash=nil)
-    prefix = URI.encode(prefix)
-    user_list = Rails.cache.fetch("user_list_#{prefix.to_s}", :expires_in => 10.minutes) do
-      transport ||= ActiveXML::api
-      path = "/person?prefix=#{prefix}"
-      begin
-        logger.debug 'Fetching user list from API'
-        response = transport.direct_http URI("#{path}"), :method => 'GET'
-        names = []
-        if hash
-          Webui::Collection.new(response).each do |user|
-            user = { 'name' => user.name }
-            names << user
-          end
-        else
-          Webui::Collection.new(response).each {|user| names << user.name}
-        end
-        names
-      rescue ActiveXML::Transport::Error => e
-        raise ListError, e.summary
-      end
-    end
-    return user_list
-  end
-
-end
-end
diff --git a/src/api/webui/app/models/webui/unregisteredperson.rb b/src/api/webui/app/models/webui/unregisteredperson.rb
deleted file mode 100644
index 9b22fdaa8bd..00000000000
--- a/src/api/webui/app/models/webui/unregisteredperson.rb
+++ /dev/null
@@ -1,28 +0,0 @@
-class Webui::Unregisteredperson < Webui::Node
-
-  default_find_parameter :login
-  class << self
-    def make_stub( opt )
-      realname = ""
-      realname = opt[:realname] if opt.has_key? :realname
-      email = ""
-      email = opt[:email] if opt.has_key? :email
-      password = "opensuse"
-      password = opt[:password] if opt.has_key? :password
-      state = ""
-      state = opt[:state] if opt.has_key? :state
-
-      reply = <<-END
-        <unregisteredperson>
-           <login>#{opt[:login]}</login>
-           <realname>#{realname}</realname>
-           <email>#{email}</email>
-           <state>#{state}</state>
-           <password>#{password}</password>
-        </unregisteredperson>
-      END
-
-      return reply
-    end
-  end
-end
diff --git a/src/api/webui/app/models/webui_project.rb b/src/api/webui/app/models/webui_project.rb
index ec81588683d..cac26592c7b 100644
--- a/src/api/webui/app/models/webui_project.rb
+++ b/src/api/webui/app/models/webui_project.rb
@@ -181,18 +181,7 @@ def bugowners
   end
 
   def user_has_role?(user, role)
-    return false unless user
-    if user.kind_of? User
-      return api_obj.relationships.where(user: user, role_id: Role.rolecache[role]).exists?
-    end
-    raise 'user needs to be a Person' unless user.kind_of? Webui::Person
-    login = user.to_hash['login']
-    if user && login
-      to_hash.elements('person') do |p|
-        return true if p['role'] == role && p['userid'] == login
-      end
-    end
-    return false
+    user && api_obj.relationships.where(user: user, role_id: Role.rolecache[role]).exists?
   end
 
   def group_has_role?(group, role)
diff --git a/src/api/webui/app/views/shared/_involved_users.html.erb b/src/api/webui/app/views/shared/_involved_users.html.erb
index 8659c600676..5e2e733aaad 100644
--- a/src/api/webui/app/views/shared/_involved_users.html.erb
+++ b/src/api/webui/app/views/shared/_involved_users.html.erb
@@ -39,7 +39,7 @@
                     <% end %>
                 <% end %>
                 <td class="nowrap">
-                  <% if @user -%>
+                  <% unless User.current.is_nobody? -%>
                       <% mail_to = 'mailto:' + user.email + '?subject=openSUSE%20Build%20Service%20-%20' + @project.name %>
                       <% mail_to += '/' + @package.name if defined? @package %>
                       <%= link_to(sprite_tag('email', title: "Send mail to user"), mail_to) %>
diff --git a/src/api/webui/app/views/webui/attribute/_attributes.html.erb b/src/api/webui/app/views/webui/attribute/_attributes.html.erb
index 435107ef8de..6c9d826eced 100644
--- a/src/api/webui/app/views/webui/attribute/_attributes.html.erb
+++ b/src/api/webui/app/views/webui/attribute/_attributes.html.erb
@@ -6,7 +6,7 @@
       <tr>
         <th>Attribute</th>
         <th>Values</th>
-       <% if @user %>
+       <% unless User.current.is_nobody? %>
         <th>Actions</th>
        <% end %>
       </tr>
@@ -18,7 +18,7 @@
               <%= value %><br/>
             <% end %>
           </td>
-       <% if @user %>
+       <% unless User.current.is_nobody? %>
           <td>
             <%= link_to(image_tag('note_edit.png', :alt => 'Edit values', :title => 'Edit values'), { :controller => 'attribute', :action => 'edit', :project => @project.name, :package => @package, :namespace => attribute.namespace, :name => attribute.name }, class: 'edit-values') %>
             <%= button_to('Delete attribute',
@@ -32,9 +32,8 @@
   </div>
 <% end %>
 
-<% if @user %>
+<% unless User.current.is_nobody? %>
   <p>
-    <%= link_to(image_tag('note_add.png'), :controller => :attribute, :action => :edit, :project => @project.name, :package => @package) %>
-    <%= link_to('Add a new attribute', { :controller => :attribute, :action => :edit, :project => @project.name, :package => @package}, id: 'add-new-attribute') %>
+    <%= link_to(sprite_tag('note_add', title: 'Add a new attribute') + 'Add a new attribute', { :controller => :attribute, :action => :edit, :project => @project.name, :package => @package}, id: 'add-new-attribute') %>
   </p>
 <% end %>
diff --git a/src/api/webui/app/views/webui/comment/_new.html.erb b/src/api/webui/app/views/webui/comment/_new.html.erb
index 3c72406007f..e3b2e283b3b 100644
--- a/src/api/webui/app/views/webui/comment/_new.html.erb
+++ b/src/api/webui/app/views/webui/comment/_new.html.erb
@@ -1,4 +1,4 @@
-<% if @user %>
+<% unless User.current.is_nobody? %>
   <%= save_comment_form do %>
     <p>
       <%= text_field_tag 'title',@title, :placeholder => 'Comment Title', :required => 'required'%>
diff --git a/src/api/webui/app/views/webui/configuration/groups.html.erb b/src/api/webui/app/views/webui/configuration/groups.html.erb
index 3d0e3429ee7..b5535852716 100644
--- a/src/api/webui/app/views/webui/configuration/groups.html.erb
+++ b/src/api/webui/app/views/webui/configuration/groups.html.erb
@@ -23,7 +23,7 @@
           <td><%= link_to(group.title, {:controller => 'group', :action => 'show', id: group.title}, {id: group.title }) %></td>
           <td>
           <% group.groups_users.each do |member| %>
-            <%= link_to_if(@user, member.user, :controller => 'home', :action => 'index', :user => member.user) %>, 
+            <%= link_to_if(!User.current.is_nobody?, member.user, :controller => 'home', :action => 'index', :user => member.user.login) %>, 
           <% end %>
           </td>
           <td class="nowrap">
diff --git a/src/api/webui/app/views/webui/group/show.html.erb b/src/api/webui/app/views/webui/group/show.html.erb
index a75954b66ed..ec9025d61bf 100644
--- a/src/api/webui/app/views/webui/group/show.html.erb
+++ b/src/api/webui/app/views/webui/group/show.html.erb
@@ -12,7 +12,7 @@
   <tbody>
     <% @group.person.each do |member| %>
       <tr>
-        <td><%= link_to_if(@user, member.userid, { :controller => 'home', :action => 'index', :user => member.userid}, {:id => member.userid}) %></td>
+        <td><%= link_to_if(!User.current.is_nobody?, member.userid, { :controller => 'home', :action => 'index', :user => member.userid}, {:id => member.userid}) %></td>
       </tr>
     <% end %>
   </tbody>
diff --git a/src/api/webui/app/views/webui/home/_watch_list.html.erb b/src/api/webui/app/views/webui/home/_watch_list.html.erb
deleted file mode 100644
index d1177e3f76d..00000000000
--- a/src/api/webui/app/views/webui/home/_watch_list.html.erb
+++ /dev/null
@@ -1,32 +0,0 @@
-<div id="__watchlist">
-  <% watched_projects = User.current.watched_projects
-     if watched_projects.present? %>
-      <table id="watched_projects-table" class="grid" title="Watched Projects">
-        <tr>
-          <th>Project</th>
-          <th style="width: 1%">Actions</th>
-        </tr>
-        <% watched_projects.each do |project| %>
-            <tr>
-              <td><%= link_to elide(project.name, 60), :action => :show, :project => project.name, :controller => :project %></td>
-              <td>
-                <%= link_to sprite_tag('monitor', title: 'Monitor'),
-                            :controller => :project, :action => :monitor, :project => project.name %>
-                <%= link_to(sprite_tag('list-remove', title: 'Remove'),
-                            {:action => :remove_watched_project, :project => project.name}, {:class => 'x', :remote => true}) %>
-              </td>
-            </tr>
-        <% end %>
-      </table>
-  <% else %>
-      <p><em>No projects marked to be watched.</em></p>
-
-      <p>Add a project in watchlist menu to watch a project.</p>
-  <% end %>
-</div>
-
-<% content_for :ready_function do %>
-    $('.x').bind('ajax:success', function (event, data, status, xhr) {
-    $("#__watchlist").html(data);
-    });
-<% end %>
diff --git a/src/api/webui/app/views/webui/home/index.html.erb b/src/api/webui/app/views/webui/home/index.html.erb
index fc8e6c0cbb6..3cb3a2fa43e 100644
--- a/src/api/webui/app/views/webui/home/index.html.erb
+++ b/src/api/webui/app/views/webui/home/index.html.erb
@@ -49,10 +49,10 @@
           <%= link_to 'Edit your account', "#{CONFIG['proxy_auth_account_page']}" %><br />
         <% end %>
       <% else %>
-        <%= link_to(sprite_tag('user_edit') + ' Edit your account', { :controller => 'user', :action => 'save_dialog', :user => @user }, {:id => 'save_dialog', :remote => true}) %><br />
+        <%= link_to(sprite_tag('user_edit') + ' Edit your account', { :controller => 'user', :action => 'save_dialog', :user => User.current }, {:id => 'save_dialog', :remote => true}) %><br />
       <% end %>
       <% if @configuration['change_password'] and CONFIG['proxy_auth_mode'] != :on %>
-        <%= link_to(sprite_tag('key') + ' Change your password', { :controller => 'user', :action => 'password_dialog', :user => @user }, {:id => 'password_dialog', :remote => true}) %><br />
+        <%= link_to(sprite_tag('key') + ' Change your password', { :controller => 'user', :action => 'password_dialog', :user => User.current }, {:id => 'password_dialog', :remote => true}) %><br />
       <% end %>
       </p>
     <% end %>
diff --git a/src/api/webui/app/views/webui/main/index.html.erb b/src/api/webui/app/views/webui/main/index.html.erb
index c3f9dcbb7ae..428558ecb42 100644
--- a/src/api/webui/app/views/webui/main/index.html.erb
+++ b/src/api/webui/app/views/webui/main/index.html.erb
@@ -15,7 +15,7 @@
           <%= proceed_link 'list', 'All Projects', :controller => 'project', :action => 'list_public' %>
           <%= proceed_link 'system-search', 'Search', :controller => 'search', :action => 'index' %>
         <% else %>
-          <%= proceed_link 'start-here', 'Your Home', :controller => 'home', :action => 'index' if @user %>
+          <%= proceed_link 'start-here', 'Your Home', :controller => 'home', :action => 'index' unless User.current.is_nobody? %>
           <%= proceed_link 'list', 'All Projects', :controller => 'project', :action => 'list_public' %>
           <%= proceed_link 'system-search', 'Search', :controller => 'search', :action => 'index' %>
           <%= proceed_link "document-new", 'New Project', :controller => 'project', :action => 'new', :ns => "home:#{User.current.login}" unless User.current.is_nobody? %>
@@ -37,7 +37,7 @@
 </div>
 
 <div class="grid_5 omega">
-<% unless @user %>
+<% if User.current.is_nobody? %>
   <div class="box box-shadow">
     <h2 class="box-header">New here? Sign up!</h2>
     <%= render :partial => 'shared/sign_up' %>
diff --git a/src/api/webui/app/views/webui/package/_commit_item.html.erb b/src/api/webui/app/views/webui/package/_commit_item.html.erb
index 6f4e4b6eb07..9035fd17062 100644
--- a/src/api/webui/app/views/webui/package/_commit_item.html.erb
+++ b/src/api/webui/app/views/webui/package/_commit_item.html.erb
@@ -8,9 +8,9 @@
       <% realname = User.realname_for_login(user) %>
       <%= user_icon(user) %>
       <% unless realname.empty? %>
-        <%= link_to_if(@user, realname + " (" + user + ")", :controller => :home, :user => user) %>
+        <%= link_to_if(!User.current.is_nobody?, realname + " (" + user + ")", :controller => :home, :user => user) %>
       <% else %>
-        <%= link_to_if(@user, user, :controller => :home, :user => user) %>
+        <%= link_to_if(!User.current.is_nobody?, user, :controller => :home, :user => user) %>
       <% end %>
     <% else %>
        -
diff --git a/src/api/webui/app/views/webui/package/_files_view.html.erb b/src/api/webui/app/views/webui/package/_files_view.html.erb
index fd107f88edd..c009a4e8455 100644
--- a/src/api/webui/app/views/webui/package/_files_view.html.erb
+++ b/src/api/webui/app/views/webui/package/_files_view.html.erb
@@ -25,8 +25,8 @@
           <td><span class="hidden"><%= file[:size].rjust(10, '0') %></span><%= human_readable_fsize(file[:size]) %></td>
           <td><span class="hidden"><%= file[:mtime] %></span><%= fuzzy_time_string(Time.at(file[:mtime].to_i).to_s) %></td>
           <!-- limit download for anonymous user to avoid getting killed by crawlers -->
-          <td><%= if @user or file[:size].to_i < ( 4 * 1024 * 1024 )
-                    link_to image_tag('page_white_get.png', :alt => "Download", :title => "Download File"), 
+          <td><%= if !User.current.is_nobody? or file[:size].to_i < ( 4 * 1024 * 1024 )
+                    link_to sprite_tag('page_white_get', title: "Download File"), 
                             :controller => :package, :action => :rawsourcefile, :package => @package.to_param,
                            :project => @project.to_param, :filename => file[:name], :srcmd5 => file[:srcmd5]
                   end %>
diff --git a/src/api/webui/app/views/webui/package/rdiff.html.erb b/src/api/webui/app/views/webui/package/rdiff.html.erb
index 3063c682641..984ac7cdb00 100644
--- a/src/api/webui/app/views/webui/package/rdiff.html.erb
+++ b/src/api/webui/app/views/webui/package/rdiff.html.erb
@@ -23,7 +23,7 @@
     <pre><%= @last_req['comment'] %></pre>
 <% end %>
 
-<% if @user && @filenames && !@filenames.empty? %>
+<% if !User.current.is_nobody? && @filenames && !@filenames.empty? %>
     <% if @oproject && @opackage && !WebuiProject.has_attribute?(@oproject, 'OBS', 'RejectRequests') && 
 		   !Webui::Package.has_attribute?(@oproject, @opackage, 'OBS', 'RejectRequests') %>
         <% msg = "Submit to #{@oproject.to_s + ' / ' + @opackage.to_s}" %>
diff --git a/src/api/webui/app/views/webui/package/show.html.erb b/src/api/webui/app/views/webui/package/show.html.erb
index 6169d93eefc..d175b4f3989 100644
--- a/src/api/webui/app/views/webui/package/show.html.erb
+++ b/src/api/webui/app/views/webui/package/show.html.erb
@@ -73,16 +73,15 @@
     <% end %>
   </div>
 
-  <% if (not @bugowners_mail.empty? and @configuration['bugzilla_url']) or @user %>
+  <% if (not @bugowners_mail.empty? and @configuration['bugzilla_url']) or !User.current.is_nobody? %>
     <div class="grid_16 alpha omega">
       <ul class="horizontal-list">
         <% unless @bugowners_mail.empty? or @configuration['bugzilla_url']%>
           <li>
-            <%= link_to image_tag('tools-report-bug.png', :title => 'Report Bug'), bugzilla_url(@bugowners_mail, "#{@project.name}/#{@package.name}: Bug") %>
-            <%= link_to 'Report Bug', bugzilla_url(@bugowners_mail, "#{@project.name}/#{@package.name}: Bug") %>
+	    <%= link_to sprite_tag('tools-report-bug.png', :title => 'Report Bug') + 'Report Bug', bugzilla_url(@bugowners_mail, "#{@project.name}/#{@package.name}: Bug") %>
           </li>
         <% end %>
-        <% if @user %>
+        <% unless User.current.is_nobody? %>
           <% if @current_rev %>
             <li>
               <%= link_to(sprite_tag('arrow_branch'), {:action => :branch_dialog, :project => @project, :package => @package}, :remote => true) %>
diff --git a/src/api/webui/app/views/webui/package/view_file.html.erb b/src/api/webui/app/views/webui/package/view_file.html.erb
index 379209abc1d..53753ecf937 100644
--- a/src/api/webui/app/views/webui/package/view_file.html.erb
+++ b/src/api/webui/app/views/webui/package/view_file.html.erb
@@ -13,7 +13,7 @@
   <p>
       <%# Rather hacky attempt to provide 'osc vc'-like functionality, would benefit of proper 'snippet' support for editor: %>
       <%= link_to_function('Insert changes entry template',
-	  'addChangesEntryTemplate()', data: { 'email' => @user.email },
+	  'addChangesEntryTemplate()', data: { 'email' => User.current.email },
       class: "changes-link") %>
   </p>
     <% end %>
diff --git a/src/api/webui/app/views/webui/project/_incident_request_dialog.html.erb b/src/api/webui/app/views/webui/project/_incident_request_dialog.html.erb
index a882482be8c..b4ee9a32c76 100644
--- a/src/api/webui/app/views/webui/project/_incident_request_dialog.html.erb
+++ b/src/api/webui/app/views/webui/project/_incident_request_dialog.html.erb
@@ -7,7 +7,7 @@
         <%= hidden_field_tag(:project, @project) %>
         <p>
           <%= label_tag(:sourceproject, 'Project submitted as Update:') %><br/>
-          <%= text_field_tag(:sourceproject, format_projectname(@project.name, @user.login), :size => 40, :disabled => true) %><br/>
+          <%= text_field_tag(:sourceproject, format_projectname(@project.name, User.current.login), :size => 40, :disabled => true) %><br/>
 
           <%= label_tag(:sourceproject, 'Release Targets:') %><br/>
           <% @releasetargets.each do |rt| %>
diff --git a/src/api/webui/app/views/webui/project/list.html.erb b/src/api/webui/app/views/webui/project/list.html.erb
index 5983d287272..c343924666d 100644
--- a/src/api/webui/app/views/webui/project/list.html.erb
+++ b/src/api/webui/app/views/webui/project/list.html.erb
@@ -19,10 +19,9 @@
     <p>
       <%= check_box_tag 'excludefilter', 'home:', (@excludefilter.nil? ? false : true) -%>Exclude user home projects
 
-      <% if @user %>
+      <% unless User.current.is_nobody? %>
         <span style="float: right">
-          <%= link_to image_tag('brick_add.png', :title => 'Create project'), :controller => :project, :action => :new %>
-          <%= link_to 'Create new project', :controller => :project, :action => :new %>
+          <%= link_to sprite_tag('brick_add', title: 'Create new project') + 'Create new project', :controller => :project, :action => :new %>
         </span>
       <% end %>
     </p>
diff --git a/src/api/webui/app/views/webui/project/repositories.html.erb b/src/api/webui/app/views/webui/project/repositories.html.erb
index 3a8ccc85c6b..39219b3cef3 100644
--- a/src/api/webui/app/views/webui/project/repositories.html.erb
+++ b/src/api/webui/app/views/webui/project/repositories.html.erb
@@ -36,10 +36,10 @@
                 $("#<%= repository_id %>").html(data);
               });
             <% end %>
-            <%= sprite_tag('drive_delete') %>
+            <%= sprite_tag('drive_delete', title: 'Delete repository') %>
             <%= link_to('Delete repository', {action: :remove_target, project: @project, target: repository.name},
 			{data: { confirm: "Really remove repository '#{repository.name}'?"}, class: 'x', method: :post}) %>
-          <% elsif @user %>
+	<% elsif !User.current.is_nobody? %>
             <%= sprite_tag('drive_delete', title: 'Delete repository') %>
             <%= link_to('Request repository deletion', {:action => :remove_target_request_dialog, :project => @project, :repository => repository.name}, :remote => true) %>
           <% end %>
diff --git a/src/api/webui/app/views/webui/project/show.html.erb b/src/api/webui/app/views/webui/project/show.html.erb
index 8937f3c421e..0c18c3e605d 100644
--- a/src/api/webui/app/views/webui/project/show.html.erb
+++ b/src/api/webui/app/views/webui/project/show.html.erb
@@ -100,7 +100,7 @@
     <% end %>
   </div>
 
-  <% if (not @bugowners_mail.empty? and !CONFIG['bugzilla_host'].nil?) or @user %>
+  <% if (not @bugowners_mail.empty? and !CONFIG['bugzilla_host'].nil?) or !User.current.is_nobody? %>
     <div class="grid_16 alpha omega">
       <ul class="horizontal-list">
         <% if not @bugowners_mail.empty? and !CONFIG['bugzilla_host'].nil? %>
diff --git a/src/api/webui/config/initializers/activexml.rb b/src/api/webui/config/initializers/activexml.rb
index df2ac2bfeab..13b1859cc4b 100644
--- a/src/api/webui/config/initializers/activexml.rb
+++ b/src/api/webui/config/initializers/activexml.rb
@@ -43,14 +43,11 @@ def add(d)
     map.connect :tag, 'rest:///user/:user/tags/:project/:package',
       :tags_by_object => 'rest:///source/:project/:package/_tags'
 
-    map.connect :person, 'rest:///person/:login',
-      :all => 'rest:///person/'
     map.connect :webuigroup, 'rest:///group/:title',
       :all => 'rest:///group/'
     map.connect :owner, 'rest:///search/owner?:binary&:devel&:limit&:project&:attribute'
     map.connect :reverseowner, 'rest:///search/owner?:user&:devel&:limit&:project&:attribute'
 
-    map.connect :unregisteredperson, 'rest:///person/register'
     map.connect :userchangepasswd, 'rest:///person/changepasswd'
 
     map.connect :architecture, 'rest:///architectures/:name', :all => 'rest:///architectures/',
diff --git a/src/api/webui/config/routes.rb b/src/api/webui/config/routes.rb
index c5b215e34c1..896a354a7d0 100644
--- a/src/api/webui/config/routes.rb
+++ b/src/api/webui/config/routes.rb
@@ -270,7 +270,6 @@
     get 'home/list_my' => :index
     get 'home/requests' => :requests
     get 'home/home_project' => :home_project
-    get 'home/remove_watched_project' => :remove_watched_project
     get 'user/:user/icon' => :icon, constraints: cons
   end