diff --git a/app/controllers/pair_requests_controller.rb b/app/controllers/pair_requests_controller.rb
index 77308a3..e21ace5 100644
--- a/app/controllers/pair_requests_controller.rb
+++ b/app/controllers/pair_requests_controller.rb
@@ -22,26 +22,10 @@ def update
     @pair = PairRequest.find(params[:id])
     @pair.status = params[:status]
     
-    if pair_belongs_to_current_user?
-      return render_permission_denied if @pair.status == "Accepted" and 
-                                         @pair.sent_from?(current_user)
-         
-      @pair.save
-
-      render 'update.js.haml'
+    if @pair.update_status_by(current_user)
+        render 'update.js.haml'
     else
-
-      render_permission_denied
+      render :nothing => true, :status => :forbidden
     end
   end
-
-  private
-  
-  def pair_belongs_to_current_user?
-    @pair.sender == current_user || @pair.partner == current_user
-  end
-
-  def render_permission_denied
-    render :nothing => true, :status => :forbidden
-  end
 end
diff --git a/app/models/pair_request.rb b/app/models/pair_request.rb
index 9e09eac..2631d36 100644
--- a/app/models/pair_request.rb
+++ b/app/models/pair_request.rb
@@ -6,7 +6,29 @@ class PairRequest < ActiveRecord::Base
   validates :description, :presence => true
   validates :pair_date,   :presence => true
 
+  scope :pair_sessions_of_user, lambda { |id| where("(sender_id = ? OR partner_id = ?) AND status = 'Accepted'", id, id) } 
+
+  def update_status_by(user)
+    return false unless pair_belongs_to?(user) and not user_try_to_accept_himself?(user)
+
+    save
+  end
+  
+  def pair_belongs_to?(user)
+    sent_from?(user) || received_by?(user)
+  end
+
   def sent_from?(user)
     sender == user
   end
+
+  def received_by?(user)
+    partner == user
+  end
+
+  private
+
+  def user_try_to_accept_himself?(user)
+    status == "Accepted" and sent_from?(user)
+  end
 end
diff --git a/app/models/user.rb b/app/models/user.rb
index c833065..0accd6b 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -48,7 +48,7 @@ def self.find_for_database_authentication(conditions)
   end
 
   def pair_sessions
-    PairRequest.where("(sender_id = ? OR partner_id = ?) AND status = 'Accepted'", id, id)
+    PairRequest.pair_sessions_of_user(id)
   end
 
   def avatar_url(size = DEFAULT_SIZE_AVATAR)
diff --git a/spec/models/pair_request_spec.rb b/spec/models/pair_request_spec.rb
index 6af0211..2f68f4a 100644
--- a/spec/models/pair_request_spec.rb
+++ b/spec/models/pair_request_spec.rb
@@ -20,4 +20,24 @@
       pair.sent_from?(sender).should be_true
     end
   end
+
+  describe "#received_by?(user)" do
+    let(:partner) { Factory(:user) }
+    let(:pair) { Factory(:pair_request, :partner => partner) }
+
+    it "should return true when user is the receiver of pair request" do
+      pair.received_by?(partner).should be_true
+    end
+  end
+
+  describe "#pair_belongs_to?(user)" do
+    let(:partner) { Factory(:user) }
+    let(:sender) { Factory(:user) }
+    let(:pair) { Factory(:pair_request, :sender => sender, :partner => partner) }
+
+    it "should return true when user belongs to pair request" do
+      pair.pair_belongs_to?(sender).should be_true
+      pair.pair_belongs_to?(partner).should be_true
+    end
+  end
 end