diff --git a/app/controller/project/project.controller.js b/app/controller/project/project.controller.js
index 0387f55..5176759 100644
--- a/app/controller/project/project.controller.js
+++ b/app/controller/project/project.controller.js
@@ -14,7 +14,7 @@ const validator = function (req, res, next) {
 const project = async function (req, res) {
   const requestedProject = req.params.projectName;
   const embedProject = req.route.path.endsWith('embed');
-  let loggedUser = "anyone";
+  let loggedUser = 'anyone';
   if(req.isAuthenticated()) {
     loggedUser = req.user.username;
   } else if(req.isTokenAuthenticated) {
@@ -60,11 +60,11 @@ const project = async function (req, res) {
  * @param {Object} res Res object from express
  * @returns {void}
  */
-var settings = async function(req, res) {
-  console.log("Settings");
+const settings = async function(req, res) {
+  console.log('Settings');
   const requestedProject = req.params.projectName;
 
-  var loggedUser = "anyone";
+  let loggedUser = 'anyone';
   if(req.isAuthenticated()) {
     loggedUser = req.user.username;
   } else if(req.isTokenAuthenticated) {
@@ -76,9 +76,9 @@ var settings = async function(req, res) {
   let json = await req.appConfig.db.queryProject({shortname: requestedProject});
   if(typeof json === 'undefined') {
     json = {
-      name: "",
+      name: '',
       shortname: requestedProject,
-      url: "",
+      url: '',
       created: (new Date()).toJSON(),
       owner: loggedUser,
       collaborators: {
@@ -115,9 +115,9 @@ var settings = async function(req, res) {
   if (AccessControlService.canViewCollaborators(json, loggedUser)) {
     const arr1 = [];
     for(let j=0; j<json.collaborators.list.length; j++) {
-      if (Object.keys(json.collaborators.list[j]).includes("username") === false) {
+      if (Object.keys(json.collaborators.list[j]).includes('username') === false) {
 
-        return res.send("Error with user in project. Contact the adminstrators at https://mattermost.brainhack.org/brainhack/channels/microdraw").status(500);
+        return res.send('Error with user in project. Contact the adminstrators at https://mattermost.brainhack.org/brainhack/channels/microdraw').status(500);
       }
 
       arr1.push(req.appConfig.db.queryUser({username: json.collaborators.list[j].username}));
@@ -129,7 +129,7 @@ var settings = async function(req, res) {
         if(collaboratorsList[j]) { // name found
           json.collaborators.list[j].name=collaboratorsList[j].name;
         } else { // name not found: set to empty
-          json.collaborators.list[j].name = "";
+          json.collaborators.list[j].name = '';
         }
       }
     } catch(e) {
@@ -139,7 +139,7 @@ var settings = async function(req, res) {
     json.collaborators.list = json.collaborators.list.filter((collaborator) => collaborator.username === 'anyone');
   }
 
-  var context = {
+  const context = {
     projectShortname: json.shortname,
     owner: json.owner,
     projectInfo: JSON.stringify(json),
@@ -156,9 +156,9 @@ var settings = async function(req, res) {
  * @returns {void}
  */
 const projectNew = function (req, res) {
-  console.log("New Project");
+  console.log('New Project');
 
-  let loggedUser = "anyone";
+  let loggedUser = 'anyone';
   if(req.isAuthenticated()) {
     loggedUser = req.user.username;
   } else
@@ -169,22 +169,22 @@ const projectNew = function (req, res) {
   // Store return path in case of login
   req.session.returnTo = req.originalUrl;
 
-  if(loggedUser === "anyone" ) {
+  if(loggedUser === 'anyone' ) {
     res.render('askForLogin', {
-      title: "MicroDraw: New Project",
-      functionality: "create a new project",
+      title: 'MicroDraw: New Project',
+      functionality: 'create a new project',
       loggedUser: JSON.stringify(req.user || null)
     });
   } else {
     res.render('projectNew', {
-      title: "MicroDraw: New Project",
+      title: 'MicroDraw: New Project',
       loggedUser: JSON.stringify(req.user || null)
     });
   }
 };
 
 const apiProject = async function (req, res) {
-  console.log("GET project", req.params);
+  console.log('GET project', req.params);
   let json = await req.appConfig.db.queryProject({shortname: req.params.projectName, backup: {$exists: false}});
   if (_.isNil(json)) {
     res.status(404).json({error: 'Project not found'});
@@ -192,7 +192,7 @@ const apiProject = async function (req, res) {
     return;
   }
 
-  let loggedUser = "anyone";
+  let loggedUser = 'anyone';
   if(req.isAuthenticated()) {
     loggedUser = req.user.username;
   } else if(req.isTokenAuthenticated) {
@@ -257,11 +257,11 @@ const postProject = async function (req, res) {
     return;
   }
 
-  const newProject = typeof req.body.data === "string" ? JSON.parse(req.body.data): req.body.data;
+  const newProject = typeof req.body.data === 'string' ? JSON.parse(req.body.data): req.body.data;
   const oldProject = await req.appConfig.db.queryProject({shortname: newProject.shortname});
 
   let ignoredChanges = [];
-  if (oldProject !== null || typeof oldProject !== 'undefined') {
+  if (oldProject !== null && typeof oldProject !== 'undefined') {
     if (!AccessControlService.hasFilesAccess(AccessLevel.EDIT, oldProject, loggedUser)) {
       res.status(403).json({ error: 'error', message: 'User does not have edit rights' });
 
@@ -271,7 +271,7 @@ const postProject = async function (req, res) {
   }
 
 
-  let successMessage = "Project settings updated.";
+  let successMessage = 'Project settings updated.';
   if(ignoredChanges.length > 0) {
     successMessage += ` Some changes (on ${ignoredChanges.join(', ')}) were ignored due to a lack of permissions.`;
   }
@@ -285,7 +285,7 @@ const postProject = async function (req, res) {
 };
 
 const deleteProject = async function (req, res) {
-  console.log("DELETE Project");
+  console.log('DELETE Project');
 
   let loggedUser = 'anonymous';
   if(req.isAuthenticated()) {
@@ -300,7 +300,7 @@ const deleteProject = async function (req, res) {
   if(loggedUser === 'anonymous') {
     res
       .status(403)
-      .send({message: "Log in required"})
+      .send({message: 'Log in required'})
       .end();
   } else {
     const {projectName} = req.params;