diff --git a/Web/Models/Entities/MediaCollection.php b/Web/Models/Entities/MediaCollection.php
index f3f340b4..91c9a247 100644
--- a/Web/Models/Entities/MediaCollection.php
+++ b/Web/Models/Entities/MediaCollection.php
@@ -60,6 +60,11 @@ abstract class MediaCollection extends RowModel
         }
     }
 
+    public function getOwnerId(): int
+    {
+        return (int) $this->getRecord()->owner;
+    }
+
     public function getPrettyId(): string
     {
         return $this->getRecord()->owner . "_" . $this->getRecord()->id;
diff --git a/Web/Presenters/PhotosPresenter.php b/Web/Presenters/PhotosPresenter.php
index 9bc150cb..fc37f448 100644
--- a/Web/Presenters/PhotosPresenter.php
+++ b/Web/Presenters/PhotosPresenter.php
@@ -284,13 +284,15 @@ final class PhotosPresenter extends OpenVKPresenter
         }
 
         if ($_SERVER["REQUEST_METHOD"] == "GET" || $this->queryParam("act") == "finish") {
-            if (!$album) {
+            if (!$album || $album->isCreatedBySystem()) {
                 $this->flashFail("err", tr("error"), tr("error_adding_to_deleted"));
             }
         }
 
         if ($album && !$album->canBeModifiedBy($this->user->identity)) {
-            $this->flashFail("err", tr("error_access_denied_short"), tr("error_access_denied"));
+            if ($album->getOwnerId() != $this->user->id) {
+                $this->flashFail("err", tr("error_access_denied_short"), tr("error_access_denied"));
+            }
         }
 
         if ($_SERVER["REQUEST_METHOD"] === "POST") {