diff --git a/app/controllers/albums_controller.rb b/app/controllers/albums_controller.rb
index c6cf7a829..14adcebe1 100644
--- a/app/controllers/albums_controller.rb
+++ b/app/controllers/albums_controller.rb
@@ -52,7 +52,7 @@ class AlbumsController < ApplicationController
 
     data = clean_hash(params[:album])
 
-    if @album.update_attributes data
+    if current_user.update_or_repost( @album, data )
       flash[:notice] = "Album #{@album.name} successfully edited."
       respond_with @album
     else
diff --git a/app/controllers/photos_controller.rb b/app/controllers/photos_controller.rb
index afc193413..8d383f53a 100644
--- a/app/controllers/photos_controller.rb
+++ b/app/controllers/photos_controller.rb
@@ -88,7 +88,7 @@ class PhotosController < ApplicationController
 
     data = clean_hash(params)
 
-    if @photo.update_attributes data[:photo]
+    if current_user.update_or_repost( @photo, data[:photo] )
       flash[:notice] = "Photo successfully updated."
       respond_with @photo
     else
diff --git a/app/models/user.rb b/app/models/user.rb
index 06652a494..45f947807 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -122,6 +122,16 @@ class User
     post
   end
 
+  def update_or_repost( post, post_hash = {} )
+    if self.owns? post
+      if post_hash[:aspect_ids]
+        repost(post, post_hash[:aspect_ids]) if validate_aspect_permissions post_hash[:aspect_ids]
+      else 
+        post.update_attributes!(post_hash)
+      end
+    end
+  end
+
   def validate_aspect_permissions(aspect_ids)
     aspect_ids = [aspect_ids.to_s] if aspect_ids.is_a? BSON::ObjectId
 
diff --git a/spec/models/user/posting_spec.rb b/spec/models/user/posting_spec.rb
index da52ed849..6b939b573 100644
--- a/spec/models/user/posting_spec.rb
+++ b/spec/models/user/posting_spec.rb
@@ -64,6 +64,29 @@ describe User do
         aspect1.posts.count.should be 1
       end
     end
+
+    describe '#update_or_repost' do
+      let!(:album) { user.post(:album, :name => "Profile Photos", :to => aspect.id) }
+
+      it 'should repost' do
+        update_hash = { :aspect_ids => aspect1.id }
+        user.should_receive(:repost).with(album, update_hash[:aspect_ids]).and_return album
+        user.update_or_repost( album, update_hash )
+      end
+
+      it 'should update fields' do
+        update_hash = { :name => "Other Photos" }
+        user.update_or_repost( album, update_hash )
+        album.name.should == "Other Photos"
+      end
+
+      it 'should reject posting to an external aspect' do
+        update_hash = { :aspect_ids => [aspect3.id] }
+        proc{
+          user.update_or_repost( album, update_hash )
+        }.should raise_error /Cannot post to an aspect you do not own./
+      end
+    end
   end
 
   context 'dispatching' do