diff --git a/test/functional/profile_members_controller_test.rb b/test/functional/profile_members_controller_test.rb
index f25e961..de92d1f 100644
--- a/test/functional/profile_members_controller_test.rb
+++ b/test/functional/profile_members_controller_test.rb
@@ -97,4 +97,19 @@ class ProfileMembersControllerTest < Test::Unit::TestCase
     assert_not_includes com.members, member
   end
 
+  should 'not list roles from other environments' do
+    env2 = Environment.create!(:name => 'new env')
+    role = Role.create!(:name => 'some role', :environment => env2, :permissions => ['manage_memberships'])
+
+    com = Community.create!(:name => 'test community')
+    p = create_user_with_permission('test_user', 'manage_memberships', com)
+    assert_includes com.members.map(&:name), p.name
+
+    login_as :test_user
+    get :change_role, :id => p.id, :profile => com.identifier
+
+    assert_response :success
+    assert_not_includes assigns(:roles), role
+  end
+
 end
diff --git a/vendor/plugins/access_control/lib/acts_as_accessible.rb b/vendor/plugins/access_control/lib/acts_as_accessible.rb
index bffd303..8ba8d67 100644
--- a/vendor/plugins/access_control/lib/acts_as_accessible.rb
+++ b/vendor/plugins/access_control/lib/acts_as_accessible.rb
@@ -32,7 +32,7 @@ class ActiveRecord::Base
     end
 
     def roles
-      Role.find(:all).select do |r| 
+      Role.find_all_by_environment_id(environment.id).select do |r| 
         r.permissions.any?{ |p| PERMISSIONS[self.class.base_class.name].include?(p) }
       end
     end
--
libgit2 0.21.2