diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index fd70334..2a918d8 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,39 +1,39 @@
 class ApplicationController < ActionController::Base
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
   protect_from_forgery with: :exception
 
   attr_writer :breadcrumb
   helper_method :admin?
 
   def admin?
     params.key?(:admin)
   end
 
   private
 
   def group
-    @group ||= domain.group
+    @group ||= group_scope.find(params[:group_id] || params[:id])
   end
 
   def domain
     @domain ||= domain_scope.find(params[:domain_id] || params[:id])
   end
 
   def record
     @record ||= record_scope.find(params[:record_id] || params[:id])
   end
 
   def group_scope
-    @group_scope ||= Group.all
+    @group_scope ||= current_user.groups
   end
 
   def domain_scope
     @domain_scope ||= Domain.where(group: group_scope)
   end
 
   def record_scope
     @record_scope ||= domain.records
   end
 
 end
diff --git a/app/controllers/domains_controller.rb b/app/controllers/domains_controller.rb
index 4891081..5a157ea 100644
--- a/app/controllers/domains_controller.rb
+++ b/app/controllers/domains_controller.rb
@@ -1,62 +1,66 @@
 class DomainsController < ApplicationController
   before_action :authenticate_user!
 
   before_action :group_scope
 
   before_action :domain, only: [:show, :edit, :update, :destroy]
   before_action :group,  only: [:show, :edit, :update, :destroy]
 
   # GET /domains
   def index
     @domains = domain_scope.all
   end
 
   # GET /domains/1
   def show
   end
 
   # GET /domains/new
   def new
     @domain = Domain.new
   end
 
   # GET /domains/1/edit
   def edit
   end
 
   # POST /domains
   def create
     @domain = Domain.new(domain_params)
 
     if @domain.save
       redirect_to @domain, notice: "#{@domain.name} was successfully created."
     else
       render :new
     end
   end
 
   # PATCH/PUT /domains/1
   def update
     if @domain.update(domain_params)
       redirect_to @domain, notice: "#{@domain.name} was successfully updated."
     else
       render :edit
     end
   end
 
   # DELETE /domains/1
   def destroy
     @domain.destroy
     redirect_to domains_url, notice: "#{@domain.name} was successfully destroyed."
   end
 
   private
 
+  def group
+    domain.group
+  end
+
   def domain_params
     params.require(:domain).tap { |d|
       # Make sure group id is permitted (belongs to group_scope)
       d[:group_id] = group_scope.find_by_id(d[:group_id]).try(:id)
     }.permit(:name, :type, :group_id)
   end
 
 end