diff --git a/src/main/java/net/hostsharing/hsadminng/hs/office/contact/HsOfficeContactRepository.java b/src/main/java/net/hostsharing/hsadminng/hs/office/contact/HsOfficeContactRepository.java
index 11eddd23..998af916 100644
--- a/src/main/java/net/hostsharing/hsadminng/hs/office/contact/HsOfficeContactRepository.java
+++ b/src/main/java/net/hostsharing/hsadminng/hs/office/contact/HsOfficeContactRepository.java
@@ -21,7 +21,7 @@ public interface HsOfficeContactRepository extends Repository<HsOfficeContactEnt
 
     HsOfficeContactEntity save(final HsOfficeContactEntity entity);
 
-    void deleteByUuid(final UUID uuid);
+    int deleteByUuid(final UUID uuid);
 
     long count();
 }
diff --git a/src/test/java/net/hostsharing/hsadminng/hs/office/contact/HsOfficeContactRepositoryIntegrationTest.java b/src/test/java/net/hostsharing/hsadminng/hs/office/contact/HsOfficeContactRepositoryIntegrationTest.java
index ec62d9c4..4987b10b 100644
--- a/src/test/java/net/hostsharing/hsadminng/hs/office/contact/HsOfficeContactRepositoryIntegrationTest.java
+++ b/src/test/java/net/hostsharing/hsadminng/hs/office/contact/HsOfficeContactRepositoryIntegrationTest.java
@@ -2,8 +2,8 @@ package net.hostsharing.hsadminng.hs.office.contact;
 
 import net.hostsharing.hsadminng.context.Context;
 import net.hostsharing.hsadminng.context.ContextBasedTest;
-import net.hostsharing.hsadminng.rbac.rbacgrant.RbacGrantRepository;
-import net.hostsharing.hsadminng.rbac.rbacrole.RbacRoleRepository;
+import net.hostsharing.hsadminng.rbac.rbacgrant.RawRbacGrantRepository;
+import net.hostsharing.hsadminng.rbac.rbacrole.RawRbacRoleRepository;
 import net.hostsharing.test.Array;
 import net.hostsharing.test.JpaAttempt;
 import org.junit.jupiter.api.AfterEach;
@@ -23,8 +23,8 @@ import java.util.List;
 import java.util.function.Supplier;
 
 import static net.hostsharing.hsadminng.hs.office.contact.TestHsOfficeContact.hsOfficeContact;
-import static net.hostsharing.hsadminng.rbac.rbacgrant.RbacGrantDisplayExtractor.grantDisplaysOf;
-import static net.hostsharing.hsadminng.rbac.rbacrole.RbacRoleNameExtractor.roleNamesOf;
+import static net.hostsharing.hsadminng.rbac.rbacgrant.RawRbacGrantDisplayExtractor.grantDisplaysOf;
+import static net.hostsharing.hsadminng.rbac.rbacrole.RawRbacRoleNameExtractor.roleNamesOf;
 import static net.hostsharing.test.JpaAttempt.attempt;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assumptions.assumeThat;
@@ -38,10 +38,10 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
     HsOfficeContactRepository contactRepo;
 
     @Autowired
-    RbacRoleRepository roleRepo;
+    RawRbacRoleRepository rawRoleRepo;
 
     @Autowired
-    RbacGrantRepository grantRepo;
+    RawRbacGrantRepository rawGrantRepo;
 
     @Autowired
     EntityManager em;
@@ -97,9 +97,8 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
         public void createsAndGrantsRoles() {
             // given
             context("drew@hostsharing.org");
-            final var count = contactRepo.count();
-            final var initialRoleNames = roleNamesOf(roleRepo.findAll());
-            final var initialGrantCount = grantRepo.findAll().size();
+            final var initialRoleNames = roleNamesOf(rawRoleRepo.findAll());
+            final var initialGrantNames = grantDisplaysOf(rawGrantRepo.findAll());
 
             // when
             attempt(em, () -> contactRepo.save(
@@ -107,18 +106,23 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
             ).assumeSuccessful();
 
             // then
-            final var roles = roleRepo.findAll();
-            assertThat(roleNamesOf(roles)).containsExactlyInAnyOrder(
-                    Array.from(
-                            initialRoleNames,
-                            "hs_office_contact#anothernewcontact.owner",
-                            "hs_office_contact#anothernewcontact.admin",
-                            "hs_office_contact#anothernewcontact.tenant"));
-            final var grants = grantRepo.findAll();
-            assertThat(grantDisplaysOf(grants)).containsAll(List.of(
-                    "{ grant assumed role hs_office_contact#anothernewcontact.owner to user drew@hostsharing.org by role global#global.admin }"));
-            assertThat(grants.size()).as("invalid number of grants created")
-                    .isEqualTo(initialGrantCount + 1);
+            final var roles = rawRoleRepo.findAll();
+            assertThat(roleNamesOf(roles)).containsExactlyInAnyOrder(Array.from(
+                    initialRoleNames,
+                    "hs_office_contact#anothernewcontact.owner",
+                    "hs_office_contact#anothernewcontact.admin",
+                    "hs_office_contact#anothernewcontact.tenant"
+            ));
+            assertThat(grantDisplaysOf(rawGrantRepo.findAll())).containsExactlyInAnyOrder(Array.from(
+                    initialGrantNames,
+                    "{ grant role hs_office_contact#anothernewcontact.owner to role global#global.admin by system and assume }",
+                    "{ grant perm edit on hs_office_contact#anothernewcontact to role hs_office_contact#anothernewcontact.admin by system and assume }",
+                    "{ grant role hs_office_contact#anothernewcontact.tenant to role hs_office_contact#anothernewcontact.admin by system and assume }",
+                    "{ grant perm * on hs_office_contact#anothernewcontact to role hs_office_contact#anothernewcontact.owner by system and assume }",
+                    "{ grant role hs_office_contact#anothernewcontact.admin to role hs_office_contact#anothernewcontact.owner by system and assume }",
+                    "{ grant perm view on hs_office_contact#anothernewcontact to role hs_office_contact#anothernewcontact.tenant by system and assume }",
+                    "{ grant role hs_office_contact#anothernewcontact.owner to user drew@hostsharing.org by global#global.admin and assume }"
+            ));
         }
 
         private void assertThatContactIsPersisted(final HsOfficeContactEntity saved) {
@@ -231,25 +235,29 @@ class HsOfficeContactRepositoryIntegrationTest extends ContextBasedTest {
         public void deletingAContactAlsoDeletesRelatedRolesAndGrants() {
             // given
             context("drew@hostsharing.org", null);
-            final var initialRoleCount = roleRepo.findAll().size();
-            final var initialGrantCount = grantRepo.findAll().size();
+            final var initialRoleNames = roleNamesOf(rawRoleRepo.findAll());
+            final var initialGrantNames = grantDisplaysOf(rawGrantRepo.findAll());
             final var givenContact = givenSomeTemporaryContact("drew@hostsharing.org");
-            assumeThat(roleRepo.findAll().size()).as("unexpected number of roles created")
-                    .isEqualTo(initialRoleCount + 2);
-            assumeThat(grantRepo.findAll().size()).as("unexpected number of grants created")
-                    .isEqualTo(initialGrantCount + 1);
+            assumeThat(rawRoleRepo.findAll().size()).as("unexpected number of roles created")
+                    .isEqualTo(initialRoleNames.size() + 3);
+            assumeThat(rawGrantRepo.findAll().size()).as("unexpected number of grants created")
+                    .isEqualTo(initialGrantNames.size() + 7);
 
             // when
             final var result = jpaAttempt.transacted(() -> {
                 context("drew@hostsharing.org", null);
-                contactRepo.deleteByUuid(givenContact.getUuid());
-            }).assumeSuccessful();
+                return contactRepo.deleteByUuid(givenContact.getUuid());
+            });
 
             // then
-            assertThat(roleRepo.findAll().size()).as("invalid number of roles deleted")
-                    .isEqualTo(initialRoleCount);
-            assertThat(grantRepo.findAll().size()).as("invalid number of grants revoked")
-                    .isEqualTo(initialGrantCount);
+            result.assertSuccessful();
+            assertThat(result.returnedValue()).isEqualTo(1);
+            assertThat(roleNamesOf(rawRoleRepo.findAll())).containsExactlyInAnyOrder(Array.from(
+                    initialRoleNames
+            ));
+            assertThat(grantDisplaysOf(rawGrantRepo.findAll())).containsExactlyInAnyOrder(Array.from(
+                    initialGrantNames
+            ));
         }
     }
 
diff --git a/src/test/java/net/hostsharing/hsadminng/hs/office/partner/HsOfficePartnerRepositoryIntegrationTest.java b/src/test/java/net/hostsharing/hsadminng/hs/office/partner/HsOfficePartnerRepositoryIntegrationTest.java
index 837bd102..506ba6bc 100644
--- a/src/test/java/net/hostsharing/hsadminng/hs/office/partner/HsOfficePartnerRepositoryIntegrationTest.java
+++ b/src/test/java/net/hostsharing/hsadminng/hs/office/partner/HsOfficePartnerRepositoryIntegrationTest.java
@@ -96,8 +96,7 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTest {
             // given
             context("alex@hostsharing.net");
             final var initialRoleNames = roleNamesOf(rawRoleRepo.findAll());
-            final var initialGrantCount = rawGrantRepo.findAll().size();
-            final var initialGrantsDisplayNames = grantDisplaysOf(rawGrantRepo.findAll()); // TODO
+            final var initialGrantNames = grantDisplaysOf(rawGrantRepo.findAll());
 
             // when
             attempt(em, () -> {
@@ -117,18 +116,18 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTest {
                     "hs_office_partner#ErbenBesslerMelBessler-forthcontact.admin",
                     "hs_office_partner#ErbenBesslerMelBessler-forthcontact.owner",
                     "hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant"));
-            assertThat(grantDisplaysOf(rawGrantRepo.findAll())).containsAll(List.of(
-                            "{ grant role hs_office_partner#ErbenBesslerMelBessler-forthcontact.owner to role global#global.admin by system and assume }",
-                            "{ grant role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant to role hs_office_contact#forthcontact.admin by system and assume }",
-                            "{ grant perm edit on hs_office_partner#ErbenBesslerMelBessler-forthcontact to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.admin by system and assume }",
-                            "{ grant role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.admin by system and assume }",
-                            "{ grant perm * on hs_office_partner#ErbenBesslerMelBessler-forthcontact to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.owner by system and assume }",
-                            "{ grant role hs_office_partner#ErbenBesslerMelBessler-forthcontact.admin to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.owner by system and assume }",
-                            "{ grant perm view on hs_office_partner#ErbenBesslerMelBessler-forthcontact to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant by system and assume }",
-                            "{ grant role hs_office_contact#forthcontact.tenant to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant by system and assume }",
-                            "{ grant role hs_office_person#ErbenBesslerMelBessler.tenant to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant by system and assume }",
-                            "{ grant role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant to role hs_office_person#ErbenBesslerMelBessler.admin by system and assume }"))
-                    .as("invalid number of grants created").hasSize(initialGrantCount + 10);
+            assertThat(grantDisplaysOf(rawGrantRepo.findAll())).containsExactlyInAnyOrder(Array.from(
+                    initialGrantNames,
+                    "{ grant role hs_office_partner#ErbenBesslerMelBessler-forthcontact.owner to role global#global.admin by system and assume }",
+                    "{ grant role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant to role hs_office_contact#forthcontact.admin by system and assume }",
+                    "{ grant perm edit on hs_office_partner#ErbenBesslerMelBessler-forthcontact to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.admin by system and assume }",
+                    "{ grant role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.admin by system and assume }",
+                    "{ grant perm * on hs_office_partner#ErbenBesslerMelBessler-forthcontact to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.owner by system and assume }",
+                    "{ grant role hs_office_partner#ErbenBesslerMelBessler-forthcontact.admin to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.owner by system and assume }",
+                    "{ grant perm view on hs_office_partner#ErbenBesslerMelBessler-forthcontact to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant by system and assume }",
+                    "{ grant role hs_office_contact#forthcontact.tenant to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant by system and assume }",
+                    "{ grant role hs_office_person#ErbenBesslerMelBessler.tenant to role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant by system and assume }",
+                    "{ grant role hs_office_partner#ErbenBesslerMelBessler-forthcontact.tenant to role hs_office_person#ErbenBesslerMelBessler.admin by system and assume }"));
         }
 
         private void assertThatPartnerIsPersisted(final HsOfficePartnerEntity saved) {
@@ -243,30 +242,14 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTest {
             // when
             final var result = jpaAttempt.transacted(() -> {
                 context("alex@hostsharing.net");
-                partnerRepo.deleteByUuid(givenPartner.getUuid());
+                return partnerRepo.deleteByUuid(givenPartner.getUuid());
             });
 
             // then
             result.assertSuccessful();
-            jpaAttempt.transacted(() -> {
-                final var remainingPartner = em.createNativeQuery("select p.uuid from hs_office_partner p where p.uuid=?1")
-                        .setParameter(1, givenPartner.getUuid()).getResultList();
-                assertThat(remainingPartner).isEmpty();
-                final var remainingObject = em.createNativeQuery("select o.uuid from RbacObject o where o.uuid=?1")
-                        .setParameter(1, givenPartner.getUuid())
-                        .getResultList();
-                assertThat(remainingObject).isEmpty();
-
-                assertThat(roleNamesOf(rawRoleRepo.findAll())).containsExactlyInAnyOrder(initialRoleNames);
-
-                context("customer-admin@forthcontact.example.com");
-                assertThat(grantDisplaysOf(rawGrantRepo.findAll())).doesNotContain(
-                        "{ grant assumed role hs_office_contact#forthcontact.owner to user customer-admin@forthcontact.example.com by role global#global.admin }");
-
-                context("person-ErbenBesslerMelBessler@example.com");
-                assertThat(grantDisplaysOf(rawGrantRepo.findAll())).doesNotContain(
-                        "{ grant assumed role hs_office_person#ErbenBesslerMelBessler.owner to user person-ErbenBesslerMelBessl@example.com by role global#global.admin }");
-            }).assertSuccessful();
+            assertThat(result.returnedValue()).isEqualTo(1);
+            assertThat(roleNamesOf(rawRoleRepo.findAll())).containsExactlyInAnyOrder(initialRoleNames);
+            assertThat(grantDisplaysOf(rawGrantRepo.findAll())).containsExactlyInAnyOrder(initialGrantNames);
         }
     }