diff --git a/gvafile/gvacommon/celeryrouters.py b/gvafile/gvacommon/celeryrouters.py
index ec7b122..44c4b4f 100644
--- a/gvafile/gvacommon/celeryrouters.py
+++ b/gvafile/gvacommon/celeryrouters.py
@@ -5,7 +5,7 @@ from __future__ import unicode_literals
 class GvaRouter(object):
 
     def route_for_task(self, task, args=None, kwargs=None):
-        for route in ['ldap', 'file', 'mysql', 'pgsql']:
+        for route in ['ldap', 'file', 'mysql', 'pgsql', 'web']:
             if route in task:
                 return {
                     'exchange': route,
diff --git a/gvafile/gvacommon/viewmixins.py b/gvafile/gvacommon/viewmixins.py
new file mode 100644
index 0000000..fc7f106
--- /dev/null
+++ b/gvafile/gvacommon/viewmixins.py
@@ -0,0 +1,42 @@
+"""
+This module defines mixins for gnuviechadmin views.
+
+"""
+from __future__ import unicode_literals
+
+from django.http import HttpResponseForbidden
+from django.utils.translation import ugettext as _
+
+from braces.views import LoginRequiredMixin
+
+
+class StaffOrSelfLoginRequiredMixin(LoginRequiredMixin):
+    """
+    Mixin that makes sure that a user is logged in and matches the current
+    customer or is a staff user.
+
+    """
+
+    def dispatch(self, request, *args, **kwargs):
+        if (
+            request.user.is_staff or
+            request.user == self.get_customer_object()
+        ):
+            return super(StaffOrSelfLoginRequiredMixin, self).dispatch(
+                request, *args, **kwargs
+            )
+        return HttpResponseForbidden(
+            _('You are not allowed to view this page.')
+        )
+
+    def get_customer_object(self):
+        """
+        Views based on this mixin have to implement this method to return
+        the customer that must be an object of the same class as the
+        django.contrib.auth user type.
+
+        :return: customer
+        :rtype: settings.AUTH_USER_MODEL
+
+        """
+        raise NotImplemented("subclass has to implement get_customer_object")