diff --git a/api/src/com/cloud/storage/Snapshot.java b/api/src/com/cloud/storage/Snapshot.java
index 453fa57abbc..d9c190e1d75 100644
--- a/api/src/com/cloud/storage/Snapshot.java
+++ b/api/src/com/cloud/storage/Snapshot.java
@@ -20,9 +20,10 @@ package com.cloud.storage;
 
 import java.util.Date;
 
+import com.cloud.acl.ControlledEntity;
 import com.cloud.hypervisor.Hypervisor.HypervisorType;
 
-public interface Snapshot {
+public interface Snapshot extends ControlledEntity{
     public enum Type {
         MANUAL,
         RECURRING,
diff --git a/server/src/com/cloud/storage/dao/SnapshotDaoImpl.java b/server/src/com/cloud/storage/dao/SnapshotDaoImpl.java
index 0bf743b92d3..163314f382f 100644
--- a/server/src/com/cloud/storage/dao/SnapshotDaoImpl.java
+++ b/server/src/com/cloud/storage/dao/SnapshotDaoImpl.java
@@ -26,19 +26,16 @@ import javax.ejb.Local;
 
 import org.apache.log4j.Logger;
 
-import com.cloud.storage.SnapshotVO;
 import com.cloud.storage.Snapshot.Type;
+import com.cloud.storage.SnapshotVO;
 import com.cloud.storage.VMTemplateStorageResourceAssoc.Status;
 import com.cloud.utils.db.Filter;
 import com.cloud.utils.db.GenericDaoBase;
 import com.cloud.utils.db.GenericSearchBuilder;
 import com.cloud.utils.db.SearchBuilder;
 import com.cloud.utils.db.SearchCriteria;
-import com.cloud.utils.db.Transaction;
 import com.cloud.utils.db.SearchCriteria.Func;
-import com.cloud.vm.VMInstanceVO;
-import com.cloud.vm.VirtualMachine;
-import com.cloud.vm.VirtualMachine.State;
+import com.cloud.utils.db.Transaction;
 
 @Local (value={SnapshotDao.class})
 public class SnapshotDaoImpl extends GenericDaoBase<SnapshotVO, Long> implements SnapshotDao {
diff --git a/server/src/com/cloud/storage/snapshot/SnapshotManagerImpl.java b/server/src/com/cloud/storage/snapshot/SnapshotManagerImpl.java
index fbb7cde393b..e662b447c20 100755
--- a/server/src/com/cloud/storage/snapshot/SnapshotManagerImpl.java
+++ b/server/src/com/cloud/storage/snapshot/SnapshotManagerImpl.java
@@ -63,8 +63,8 @@ import com.cloud.exception.PermissionDeniedException;
 import com.cloud.exception.ResourceAllocationException;
 import com.cloud.exception.StorageUnavailableException;
 import com.cloud.host.HostVO;
-import com.cloud.host.dao.HostDetailsDao;
 import com.cloud.host.dao.HostDao;
+import com.cloud.host.dao.HostDetailsDao;
 import com.cloud.hypervisor.Hypervisor.HypervisorType;
 import com.cloud.storage.Snapshot;
 import com.cloud.storage.Snapshot.Status;
@@ -345,7 +345,7 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
         VolumeVO volume = null;
         boolean backedUp = false;
         // does the caller have the authority to act on this volume
-        checkAccountPermissions(v.getAccountId(), v.getDomainId(), "volume", volumeId);
+        _accountMgr.checkAccess(UserContext.current().getCaller(), null, v);
         try {
             if (v != null && _volsDao.getHypervisorType(v.getId()).equals(HypervisorType.KVM)) {
                 /* KVM needs to lock on the vm of volume, because it takes snapshot on behalf of vm, not volume */
@@ -666,34 +666,12 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
         }
     }
 
-    private Long checkAccountPermissions(long targetAccountId, long targetDomainId, String targetDesc, long targetId) {
-        Long accountId = null;
-
-        Account account = UserContext.current().getCaller();
-        if (account != null) {
-
-            /*
-             * if (!isAdmin(account.getType())) { if (account.getId() != targetAccountId) { throw new
-             * InvalidParameterValueException("Unable to find a " + targetDesc + " with id " + targetId + " for this account");
-             * } } else if (!_domainDao.isChildDomain(account.getDomainId(), targetDomainId)) { throw new
-             * PermissionDeniedException("Unable to perform operation for " + targetDesc + " with id " + targetId +
-             * ", permission denied."); } accountId = account.getId();
-             */
-            _accountMgr.checkAccess(account, _domainDao.findById(targetDomainId));
-        }
-
-        return accountId;
-    }
-
-    private static boolean isAdmin(short accountType) {
-        return ((accountType == Account.ACCOUNT_TYPE_ADMIN) || (accountType == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) || (accountType == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) || (accountType == Account.ACCOUNT_TYPE_READ_ONLY_ADMIN));
-    }
-
     @Override
     @DB
     @ActionEvent(eventType = EventTypes.EVENT_SNAPSHOT_DELETE, eventDescription = "deleting snapshot", async = true)
     public boolean deleteSnapshot(DeleteSnapshotCmd cmd) {
         Long snapshotId = cmd.getId();
+        Account caller = UserContext.current().getCaller();
 
         // Verify parameters
         Snapshot snapshotCheck = _snapshotDao.findByIdIncludingRemoved(snapshotId.longValue());
@@ -701,20 +679,9 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
             throw new InvalidParameterValueException("unable to find a snapshot with id " + snapshotId);
         }
 
-        // If an account was passed in, make sure that it matches the account of the snapshot
-        Account snapshotOwner = _accountDao.findById(snapshotCheck.getAccountId());
-        if (snapshotOwner == null) {
-            throw new InvalidParameterValueException("Snapshot id " + snapshotId + " does not have a valid account");
-        }
-        checkAccountPermissions(snapshotOwner.getId(), snapshotOwner.getDomainId(), "snapshot", snapshotId);
+       _accountMgr.checkAccess(caller, null, snapshotCheck);
 
-        boolean status = deleteSnapshotInternal(snapshotId);
-        if (!status) {
-            s_logger.warn("Failed to delete snapshot");
-            throw new CloudRuntimeException("Failed to delete snapshot:" + snapshotId);
-        }
-
-        return status;
+        return deleteSnapshotInternal(snapshotId);
     }
 
     @DB
@@ -726,7 +693,7 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
         SnapshotVO snapshot = _snapshotDao.findById(snapshotId);
         if (snapshot.getBackupSnapshotId() != null) {
             List<SnapshotVO> snaps = _snapshotDao.listByBackupUuid(snapshot.getVolumeId(), snapshot.getBackupSnapshotId());
-            if (snaps != null && snaps.size() > 1) {
+            if (!snaps.isEmpty()) {
                 snapshot.setBackupSnapshotId(null);
                 _snapshotDao.update(snapshot.getId(), snapshot);
             }
@@ -849,16 +816,15 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
         if (volumeId != null) {
             VolumeVO volume = _volsDao.findById(volumeId);
             if (volume != null) {
-                checkAccountPermissions(volume.getAccountId(), volume.getDomainId(), "volume", volumeId);
+                _accountMgr.checkAccess(UserContext.current().getCaller(), null, volume);
             }
-
         }
 
         Account account = UserContext.current().getCaller();
         Long domainId = cmd.getDomainId();
         String accountName = cmd.getAccountName();
         Long accountId = null;
-        if ((account == null) || isAdmin(account.getType())) {
+        if ((account == null) || _accountMgr.isAdmin(account.getType())) {
             if (domainId != null) {
                 if ((account != null) && !_domainDao.isChildDomain(account.getDomainId(), domainId)) {
                     throw new PermissionDeniedException("Unable to list templates for domain " + domainId + ", permission denied.");
@@ -1059,9 +1025,8 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
 
         AccountVO owner = _accountDao.findById(volume.getAccountId());
         DomainVO domain = _domainDao.findById(owner.getDomainId());
-
-        // If an account was passed in, make sure that it matches the account of the volume
-        checkAccountPermissions(volume.getAccountId(), volume.getDomainId(), "volume", volumeId);
+        
+        _accountMgr.checkAccess(UserContext.current().getCaller(), null, volume);
 
         Long instanceId = volume.getInstanceId();
         if (instanceId != null) {
@@ -1143,7 +1108,7 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
         if (volume == null) {
             throw new InvalidParameterValueException("Unable to find a volume with id " + volumeId);
         }
-        checkAccountPermissions(volume.getAccountId(), volume.getDomainId(), "volume", volumeId);
+        _accountMgr.checkAccess(UserContext.current().getCaller(), null, volume);
         return listPoliciesforVolume(cmd.getVolumeId());
     }
 
@@ -1207,7 +1172,7 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
 
         if (account != null) {
             long volAcctId = volume.getAccountId();
-            if (isAdmin(account.getType())) {
+            if (_accountMgr.isAdmin(account.getType())) {
                 Account userAccount = _accountDao.findById(Long.valueOf(volAcctId));
                 if (!_domainDao.isChildDomain(account.getDomainId(), userAccount.getDomainId())) {
                     throw new PermissionDeniedException("Unable to list snapshot schedule for volume " + volumeId + ", permission denied.");
@@ -1385,8 +1350,7 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
                 throw new InvalidParameterValueException("Policy id given: " + policy + " does not belong to a valid volume");
             }
 
-            // If an account was passed in, make sure that it matches the account of the volume
-            checkAccountPermissions(volume.getAccountId(), volume.getDomainId(), "volume", volume.getId());
+            _accountMgr.checkAccess(UserContext.current().getCaller(), null, volume);
         }
 
         boolean success = true;