diff --git a/app/controllers/status_messages_controller.rb b/app/controllers/status_messages_controller.rb
index 1397721a2..475a68784 100644
--- a/app/controllers/status_messages_controller.rb
+++ b/app/controllers/status_messages_controller.rb
@@ -22,8 +22,14 @@ class StatusMessagesController < ApplicationController
   end
 
   def destroy
-    @status_message = current_user.find_visible_post_by_id params[:id]
-    @status_message.destroy
+    @status_message = current_user.my_posts.where(:_id =>  params[:id]).first
+    if @status_message
+      @status_message.destroy
+
+    else
+      Rails.logger.info "#{current_user.inspect} is trying to delete a post they don't own with id: #{params[:id]}"
+    end
+
     respond_with :location => root_url
   end
 
diff --git a/spec/controllers/status_message_controller_spec.rb b/spec/controllers/status_message_controller_spec.rb
index 059fe5fb4..8af383128 100644
--- a/spec/controllers/status_message_controller_spec.rb
+++ b/spec/controllers/status_message_controller_spec.rb
@@ -8,9 +8,13 @@ describe StatusMessagesController do
   render_views
 
   let!(:user) { make_user }
-  let!(:aspect) { user.aspects.create(:name => "lame-os") }
+  let!(:aspect) { user.aspects.create(:name => "AWESOME!!") }
+
+  let!(:user2) { make_user }
+  let!(:aspect2) { user2.aspects.create(:name => "WIN!!") }
 
   before do
+    friend_users(user, aspect, user2, aspect2)
     sign_in :user, user
     @controller.stub!(:current_user).and_return(user)
   end
@@ -65,4 +69,28 @@ describe StatusMessagesController do
       end
     end
   end
+
+  describe '#destroy' do
+    let!(:message) {user.post(:status_message, :message => "hey", :to => aspect.id)}
+    let!(:message2) {user2.post(:status_message, :message => "hey", :to => aspect2.id)}
+
+    it 'should let me delete my photos' do
+      delete :destroy, :id => message.id
+      StatusMessage.find_by_id(message.id).should be_nil
+    end
+
+    it 'will not let you destroy posts visible to you' do
+      user.receive message2.to_diaspora_xml, user2.person
+      user.visible_posts.include?(message2).should be true
+      delete :destroy, :id => message2.id
+      StatusMessage.find_by_id(message2.id).should_not be_nil
+    end
+
+    it 'will not let you destory posts you do not own' do
+      user.visible_posts.include?(message2).should be false
+      delete :destroy, :id => message2.id
+      StatusMessage.find_by_id(message2.id).should_not be_nil
+    end
+
+  end
 end
diff --git a/spec/models/user/posting_spec.rb b/spec/models/user/posting_spec.rb
index 79233cb4c..94244efd9 100644
--- a/spec/models/user/posting_spec.rb
+++ b/spec/models/user/posting_spec.rb
@@ -55,6 +55,9 @@ describe User do
       aspect.posts.should include post
     end
 
+
+
+
     it 'should put an album in the aspect post array' do
       album = user.post :album, :name => "Georges", :to => aspect.id
       aspect.reload
@@ -81,6 +84,15 @@ describe User do
     end
   end
 
+  describe '#post' do
+    it 'should not create a post with invalid aspect' do
+      pending "this would just causes db polution"
+      post_count = Post.count
+      proc { user.post(:status_message, :message => "hey", :to => aspect2.id) }.should raise_error /Cannot post to an aspect you do not own./
+      Post.count.should == post_count
+    end
+  end
+
   describe '#update_post' do
     it 'should update fields' do
       album = user.post(:album, :name => "Profile Photos", :to => aspect.id)