diff --git a/cps/web.py b/cps/web.py
index 5fba962a..67b0c9d4 100755
--- a/cps/web.py
+++ b/cps/web.py
@@ -2194,29 +2194,37 @@ def remove_from_shelf(shelf_id, book_id):
 
     # if shelf is public and use is allowed to edit shelfs, or if shelf is private and user is owner
     # allow editing shelfs
-    if (not shelf.is_public and not shelf.user_id == int(current_user.id)) \
-            or not (shelf.is_public and current_user.role_edit_shelfs()):
+    # result   shelf public   user allowed    user owner
+    #   false        1             0             x
+    #   true         1             1             x
+    #   true         0             x             1
+    #   false        0             x             0
+
+    if (not shelf.is_public and shelf.user_id == int(current_user.id)) \
+            or (shelf.is_public and current_user.role_edit_shelfs()):
+        book_shelf = ub.session.query(ub.BookShelf).filter(ub.BookShelf.shelf == shelf_id,
+                                                           ub.BookShelf.book_id == book_id).first()
+
+        if book_shelf is None:
+            app.logger.info("Book already removed from shelf")
+            if not request.is_xhr:
+                return redirect(url_for('index'))
+            return "Book already removed from shelf", 410
+
+        ub.session.delete(book_shelf)
+        ub.session.commit()
+
         if not request.is_xhr:
-            app.logger.info("Sorry you are not allowed to remove a book from this shelf: %s" % shelf.name)
-            return redirect(url_for('index'))
-        return "Sorry you are not allowed to add a book to the the shelf: %s" % shelf.name, 403
-
-    book_shelf = ub.session.query(ub.BookShelf).filter(ub.BookShelf.shelf == shelf_id,
-                                                       ub.BookShelf.book_id == book_id).first()
-
-    if book_shelf is None:
-        app.logger.info("Book already removed from shelf")
+            flash(_(u"Book has been removed from shelf: %(sname)s", sname=shelf.name), category="success")
+            return redirect(request.environ["HTTP_REFERER"])
+        return "", 204
+    else:
+        app.logger.info("Sorry you are not allowed to remove a book from this shelf: %s" % shelf.name)
         if not request.is_xhr:
+            flash(_(u"Sorry you are not allowed to remove a book from this shelf: %(sname)s", sname=shelf.name), category="error")
             return redirect(url_for('index'))
-        return "Book already removed from shelf", 410
+        return "Sorry you are not allowed to remove a book from this shelf: %s" % shelf.name, 403
 
-    ub.session.delete(book_shelf)
-    ub.session.commit()
-
-    if not request.is_xhr:
-        flash(_(u"Book has been removed from shelf: %(sname)s", sname=shelf.name), category="success")
-        return redirect(request.environ["HTTP_REFERER"])
-    return "", 204
 
 
 @app.route("/shelf/create", methods=["GET", "POST"])