diff --git a/src/js/client.js b/src/js/client.js
index a6d835c47..7be856c9e 100644
--- a/src/js/client.js
+++ b/src/js/client.js
@@ -336,10 +336,6 @@ angular.module('Application').service('Client', ['$http', '$interval', '$timeout
         this._userInfo.role = userInfo.role;
         this._userInfo.source = userInfo.source;
         this._userInfo.avatarUrl = userInfo.avatarUrl + '?s=128&default=mp&ts=' + Date.now(); // we add the timestamp to avoid caching
-
-        // TODO remove this
-        this._userInfo.admin = userInfo.role === ROLES.OWNER || userInfo.role === ROLES.ADMIN;
-
         this._userInfo.isAtLeastOwner = [ ROLES.OWNER ].indexOf(userInfo.role) !== -1;
         this._userInfo.isAtLeastAdmin = [ ROLES.OWNER, ROLES.ADMIN ].indexOf(userInfo.role) !== -1;
         this._userInfo.isAtLeastUserManager = [ ROLES.OWNER, ROLES.ADMIN, ROLES.USER_MANAGER ].indexOf(userInfo.role) !== -1;
diff --git a/src/js/main.js b/src/js/main.js
index 37a06b396..0e0bb4123 100644
--- a/src/js/main.js
+++ b/src/js/main.js
@@ -31,7 +31,7 @@ angular.module('Application').controller('MainController', ['$scope', '$route',
 
     // NOTE: this function is exported and called from the appstore.js
     $scope.updateSubscriptionStatus = function () {
-        if (!Client.getUserInfo().admin) return;
+        if (!Client.getUserInfo().isAtLeastAdmin) return;
 
         Client.getSubscription(function (error, subscription) {
             if (error && error.statusCode === 412) return; // ignore if not yet registered
diff --git a/src/views/apps.js b/src/views/apps.js
index 61653a571..a09db534f 100644
--- a/src/views/apps.js
+++ b/src/views/apps.js
@@ -66,7 +66,7 @@ angular.module('Application').controller('AppsController', ['$scope', '$timeout'
                 $interval.cancel(refreshAppsTimer);
             });
 
-            if (!$scope.user.admin) return;
+            if (!$scope.user.isAtLeastAdmin) return;
 
             Client.getDomains(function (error, result) {
                 if (error) Client.error(error);
diff --git a/src/views/appstore.html b/src/views/appstore.html
index e1d329158..11dbeb527 100644
--- a/src/views/appstore.html
+++ b/src/views/appstore.html
@@ -57,17 +57,17 @@
             </div>
 
             <!-- for spaces users, the User management is hidden. thus the admin flag check -->
-            <div class="form-group" ng-show="user.admin && appInstall.customAuth && !appInstall.app.manifest.addons.email">
+            <div class="form-group" ng-show="user.isAtLeastAdmin && appInstall.customAuth && !appInstall.app.manifest.addons.email">
               <label class="control-label">User management</label>
               <p>This app has it's own user management.</p>
             </div>
 
-            <div class="form-group" ng-show="user.admin && appInstall.app.manifest.addons.email">
+            <div class="form-group" ng-show="user.isAtLeastAdmin && appInstall.app.manifest.addons.email">
               <label class="control-label">User management</label>
               <p>All users with a mailbox on this Cloudron have access.</p>
             </div>
 
-            <div class="form-group" ng-show="user.admin && !appInstall.customAuth && !appInstall.app.manifest.addons.email">
+            <div class="form-group" ng-show="user.isAtLeastAdmin && !appInstall.customAuth && !appInstall.app.manifest.addons.email">
               <label class="control-label">User management</label>
               <div class="radio" ng-show="appInstall.optionalSso">
                 <label>
@@ -155,7 +155,7 @@
       <div class="modal-footer">
         <button type="button" class="btn btn-success pull-left" ng-click="openSubscriptionSetup()" ng-show="appInstall.state === 'subscriptionRequired'">Setup Subscription</button>
         <button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
-        <button type="button" class="btn btn-danger" ng-show="user.admin && appInstall.state === 'resourceConstraint'" ng-click="appInstall.showForm(true)">Install anyway</button>
+        <button type="button" class="btn btn-danger" ng-show="user.isAtLeastAdmin && appInstall.state === 'resourceConstraint'" ng-click="appInstall.showForm(true)">Install anyway</button>
         <button type="button" class="btn btn-success" ng-show="appInstall.state === 'appInfo'" ng-click="appInstall.showForm()">Install</button>
         <button type="button" class="btn btn-success" ng-show="appInstall.state === 'installForm'" ng-click="appInstall.submit()" ng-disabled="appInstallForm.$invalid || appInstall.busy"><i class="fa fa-circle-notch fa-spin" ng-show="appInstall.busy"></i> Install {{ appInstall.needsOverwrite ? 'and overwrite DNS' : '' }}</button>
       </div>
diff --git a/src/views/appstore.js b/src/views/appstore.js
index 26f202d5f..faad0f982 100644
--- a/src/views/appstore.js
+++ b/src/views/appstore.js
@@ -135,7 +135,7 @@ angular.module('Application').controller('AppStoreController', ['$scope', '$loca
             $scope.appInstall.customAuth = !(manifest.addons['ldap'] || manifest.addons['oauth']);
 
             // for spaces users, the User management is hidden. thus the admin flag check
-            if (!$scope.user.admin) {
+            if (!$scope.user.isAtLeastAdmin) {
                 // just install it with access restriction as just the user
                 var me = $scope.users.find(function (u) { return u.id === $scope.user.id; });
                 $scope.appInstall.accessRestrictionOption = 'groups';
diff --git a/src/views/profile.html b/src/views/profile.html
index 893150988..1ced35b40 100644
--- a/src/views/profile.html
+++ b/src/views/profile.html
@@ -409,11 +409,11 @@
 
   <br/>
 
-  <div class="text-left" ng-show="user.admin">
+  <div class="text-left" ng-show="user.isAtLeastAdmin">
     <h3>API Tokens <button class="btn btn-primary btn-sm pull-right" ng-click="tokens.add.show()"><i class="fa fa-plus"></i> New API Token</button></h3>
   </div>
 
-  <div class="card" ng-show="user.admin">
+  <div class="card" ng-show="user.isAtLeastAdmin">
     <div class="grid-item-top">
       <div class="row">
         <div class="col-xs-12">