diff --git a/src/Access.php b/src/Access.php
index 833343f9..544bba7a 100644
--- a/src/Access.php
+++ b/src/Access.php
@@ -2,6 +2,7 @@
 class Access
 {
 	private static $privileges = [];
+	private static $checkPrivileges = true;
 
 	public static function init()
 	{
@@ -30,11 +31,15 @@ class Access
 				self::$privileges[$privilegeName] = $minAccessRank;
 			}
 		}
+
+		//todo: move to scripts etc.
+		#if (php_sapi_name() == 'cli')
+		#	self::disablePrivilegeChecking();
 	}
 
 	public static function check(Privilege $privilege, $user = null)
 	{
-		if (php_sapi_name() == 'cli')
+		if (!self::$checkPrivileges)
 			return true;
 
 		if ($user === null)
@@ -62,6 +67,9 @@ class Access
 
 	public static function checkEmailConfirmation($user = null)
 	{
+		if (!self::$checkPrivileges)
+			return true;
+
 		if ($user === null)
 			$user = Auth::getCurrentUser();
 
@@ -102,7 +110,7 @@ class Access
 
 	public static function getAllowedSafety()
 	{
-		if (php_sapi_name() == 'cli')
+		if (!self::$checkPrivileges)
 			return PostSafety::getAll();
 
 		return array_filter(PostSafety::getAll(), function($safety)
@@ -111,4 +119,14 @@ class Access
 				and Auth::getCurrentUser()->hasEnabledSafety($safety);
 		});
 	}
+
+	public static function disablePrivilegeChecking()
+	{
+		self::$checkPrivileges = false;
+	}
+
+	public static function enablePrivilegeChecking()
+	{
+		self::$checkPrivileges = true;
+	}
 }
diff --git a/src/Api/Api.php b/src/Api/Api.php
index 40dc71e5..efa837f2 100644
--- a/src/Api/Api.php
+++ b/src/Api/Api.php
@@ -1,8 +1,6 @@
 <?php
 final class Api
 {
-	protected static $checkPrivileges = true;
-
 	public static function run($job, $jobArgs)
 	{
 		$user = Auth::getCurrentUser();
@@ -20,9 +18,6 @@ final class Api
 
 	public static function checkPrivileges(AbstractJob $job)
 	{
-		if (!self::$checkPrivileges)
-			return;
-
 		if ($job->requiresAuthentication())
 			Access::assertAuthentication();
 
@@ -53,14 +48,4 @@ final class Api
 		});
 		return $statuses;
 	}
-
-	public static function disablePrivilegeChecking()
-	{
-		self::$checkPrivileges = false;
-	}
-
-	public static function enablePrivilegeChecking()
-	{
-		self::$checkPrivileges = true;
-	}
 }
diff --git a/src/Api/Jobs/AddUserJob.php b/src/Api/Jobs/AddUserJob.php
index 4ba703c2..802c1ab6 100644
--- a/src/Api/Jobs/AddUserJob.php
+++ b/src/Api/Jobs/AddUserJob.php
@@ -19,9 +19,9 @@ class AddUserJob extends AbstractJob
 			: AccessRank::Registered;
 
 		Logger::bufferChanges();
-		Api::disablePrivilegeChecking();
+		Access::disablePrivilegeChecking();
 		Api::run((new EditUserJob)->skipSaving(), $arguments);
-		Api::enablePrivilegeChecking();
+		Access::enablePrivilegeChecking();
 		Logger::setBuffer([]);
 
 		if ($firstUser)