diff --git a/app/controllers/project_groups_controller.rb b/app/controllers/project_groups_controller.rb
deleted file mode 100644
index 2d81d39..0000000
--- a/app/controllers/project_groups_controller.rb
+++ /dev/null
@@ -1,94 +0,0 @@
-class ProjectGroupsController < ApplicationController
-  after_action :verify_authorized
-
-	def create
-		@project_group = ProjectGroup.new(params[:project_group])
-    authorize @project_group
-		access_level = params[:project_group][:access_level].to_i
-		if access_level >= 3 then
-  			@project_group.project_administrator = true
-  		end
-  		if access_level >= 2 then
-  			@project_group.project_editor = true
-  		end
-  		if (user_signed_in?) && @project_group.project.administerable_by(current_user.id) then
-			respond_to do |format|
-				if params[:project_group][:email].present? && params[:project_group][:email].length > 0 then
-					message = I18n.t('helpers.project.user_added')
-					if @project_group.save
-						if @project_group.user.nil? then
-							if User.find_by_email(params[:project_group][:email]).nil? then
-								User.invite!(:email => params[:project_group][:email])
-								message = I18n.t('helpers.project.invitation_success')
-								@project_group.user = User.find_by_email(params[:project_group][:email])
-								@project_group.save
-							else
-								@project_group.user = User.find_by_email(params[:project_group][:email])
-								@project_group.save
-								UserMailer.sharing_notification(@project_group).deliver
-							end
-						else
-							UserMailer.sharing_notification(@project_group).deliver
-						end
-						flash[:notice] = message
-						format.html { redirect_to :controller => 'projects', :action => 'share', :id => @project_group.project.slug }
-					else
-						format.html { render action: "new" }
-					end
-				else
-					flash[:notice] = I18n.t('helpers.project.enter_email')
-					format.html { redirect_to :controller => 'projects', :action => 'share', :id => @project_group.project.slug }
-				end
-			end
-		else
-			render(:file => File.join(Rails.root, 'public/403.html'), :status => 403, :layout => false)
-		end
-
-	end
-
-	def update
-    	@project_group = ProjectGroup.find(params[:id])
-      authorize @project_group
-    	access_level = params[:project_group][:access_level].to_i
-		if access_level >= 3 then
-  			@project_group.project_administrator = true
-  		else
-  			@project_group.project_administrator = false
-  		end
-  		if access_level >= 2 then
-  			@project_group.project_editor = true
-  		else
-  			@project_group.project_editor = false
-  		end
-    	if (user_signed_in?) && @project_group.project.administerable_by(current_user.id) then
-			respond_to do |format|
-				if @project_group.update_attributes(params[:project_group])
-					flash[:notice] = I18n.t('helpers.project.sharing_updated')
-					UserMailer.permissions_change_notification(@project_group).deliver
-					format.html { redirect_to :controller => 'projects', :action => 'share', :id => @project_group.project.slug }
-				else
-					format.html { render action: "edit" }
-				 end
-			end
-    	else
-			render(:file => File.join(Rails.root, 'public/403.html'), :status => 403, :layout => false)
-		end
-  	end
-
-	def destroy
-		@project_group = ProjectGroup.find(params[:id])
-    authorize @project_group
-		if (user_signed_in?) && @project_group.project.administerable_by(current_user.id) then
-			user = @project_group.user
-			project = @project_group.project
-			@project_group.destroy
-			respond_to do |format|
-				flash[:notice] = I18n.t('helpers.project.access_removed')
-				UserMailer.project_access_removed_notification(user, project).deliver
-				format.html { redirect_to :controller => 'projects', :action => 'share', :id => @project_group.project.slug }
-			end
-		else
-			render(:file => File.join(Rails.root, 'public/403.html'), :status => 403, :layout => false)
-		end
-	end
-end
\ No newline at end of file
diff --git a/app/controllers/roles_controller.rb b/app/controllers/roles_controller.rb
new file mode 100644
index 0000000..8958582
--- /dev/null
+++ b/app/controllers/roles_controller.rb
@@ -0,0 +1,93 @@
+class RolesController < ApplicationController
+  after_action :verify_authorized
+
+	def create
+		@role = Role.new(params[:role])
+    authorize @role
+		access_level = params[:role][:access_level].to_i
+		if access_level >= 3 then
+		  @role.administrator = true
+		end
+		if access_level >= 2 then
+			@role.editor = true
+		end
+		if (user_signed_in?) && @role.plan.administerable_by(current_user.id) then
+    	respond_to do |format|
+    		if params[:role][:email].present? && params[:role][:email].length > 0 then
+    			message = I18n.t('helpers.project.user_added')
+    			if @role.save
+    				if @role.user.nil? then
+    					if User.find_by_email(params[:role][:email]).nil? then
+    						User.invite!(email: params[:role][:email])
+    						message = I18n.t('helpers.project.invitation_success')
+    						@role.user = User.find_by_email(params[:role][:email])
+    						@role.save
+    					else
+    						@role.user = User.find_by_email(params[:role][:email])
+    						@role.save
+    						UserMailer.sharing_notification(@role).deliver
+    					end
+    				else
+    					UserMailer.sharing_notification(@role).deliver
+    				end
+    				flash[:notice] = message
+    				format.html { redirect_to controller: 'plans', action: 'share', id: @role.plan.slug }
+    			else
+    				format.html { render action: "new" }
+    			end
+    		else
+    			flash[:notice] = I18n.t('helpers.project.enter_email')
+    			format.html { redirect_to controller: 'plans', action: 'share', id: @role.plan.slug }
+    		end
+    	end
+		else
+			render(file: File.join(Rails.root, 'public/403.html'), status: 403, layout: false)
+		end
+	end
+
+	def update
+    	@role = Role.find(params[:id])
+      authorize @role
+    	access_level = params[:role][:access_level].to_i
+		if access_level >= 3 then
+  			@role.administrator = true
+  		else
+  			@role.administrator = false
+  		end
+  		if access_level >= 2 then
+  			@role.editor = true
+  		else
+  			@role.administrator = false
+  		end
+    	if (user_signed_in?) && @role.plan.administerable_by(current_user.id) then
+			respond_to do |format|
+				if @role.update_attributes(params[:role])
+					flash[:notice] = I18n.t('helpers.project.sharing_updated')
+					UserMailer.permissions_change_notification(@role).deliver
+					format.html { redirect_to controller: 'plans', action: 'share', id: @role.plan.slug }
+				else
+					format.html { render action: "edit" }
+				 end
+			end
+    	else
+			render(:file => File.join(Rails.root, 'public/403.html'), status: 403, layout: false)
+		end
+  	end
+
+	def destroy
+		@role = Role.find(params[:id])
+    authorize @role
+		if (user_signed_in?) && @role.plan.administerable_by(current_user.id) then
+			user = @role.user
+			plan = @role.plan
+			@role.destroy
+			respond_to do |format|
+				flash[:notice] = I18n.t('helpers.project.access_removed')
+				UserMailer.project_access_removed_notification(user, plan).deliver
+				format.html { redirect_to controller: 'plans', action: 'share', id: @role.plan.slug }
+			end
+		else
+			render(file: File.join(Rails.root, 'public/403.html'), status: 403, layout: false)
+		end
+	end
+end
\ No newline at end of file
diff --git a/app/models/role.rb b/app/models/role.rb
index fd3883a..4125fda 100644
--- a/app/models/role.rb
+++ b/app/models/role.rb
@@ -28,7 +28,7 @@
   #
   # @return [Boolean, String] false if no email exists, the email otherwise
   def email
-    unless user.nil? 
+    unless user.nil?
       return user.email
     end
   end
diff --git a/app/policies/project_group_policy.rb b/app/policies/project_group_policy.rb
deleted file mode 100644
index 595687e..0000000
--- a/app/policies/project_group_policy.rb
+++ /dev/null
@@ -1,22 +0,0 @@
-class ProjectGroupPolicy < ApplicationPolicy
-  attr_reader :user
-  attr_reader :project_group
-
-  def initialize(user, project_group)
-    raise Pundit::NotAuthorizedError, "must be logged in" unless user
-    @user = user
-    @project_group = project_group
-  end
-
-  def create?
-    @project_group.project.administerable_by(@user.id)
-  end
-
-  def update?
-    @project_group.project.administerable_by(@user.id)
-  end
-
-  def destroy?
-    @project_group.project.administerable_by(@user.id)
-  end
-end
\ No newline at end of file
diff --git a/app/policies/role_policy.rb b/app/policies/role_policy.rb
new file mode 100644
index 0000000..7aebf02
--- /dev/null
+++ b/app/policies/role_policy.rb
@@ -0,0 +1,22 @@
+class RolePolicy < ApplicationPolicy
+  attr_reader :user
+  attr_reader :role
+
+  def initialize(user, role)
+    raise Pundit::NotAuthorizedError, "must be logged in" unless user
+    @user = user
+    @role = role
+  end
+
+  def create?
+    @role.plan.administerable_by(@user.id)
+  end
+
+  def update?
+    @role.plan.administerable_by(@user.id)
+  end
+
+  def destroy?
+    @role.plan.administerable_by(@user.id)
+  end
+end
\ No newline at end of file
diff --git a/config/routes.rb b/config/routes.rb
index bb2e33f..a11677a 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -144,7 +144,7 @@
       end
     end
 
-    resources :project_groups, only: [:create, :update, :destroy]
+    resources :roles, only: [:create, :update, :destroy]
 
     namespace :settings do
       resource :projects, only: [:show, :update]