diff --git a/src/common/security/authcontext/authcontext.go b/src/common/security/authcontext/authcontext.go
index 24f7496c4..370ae73fe 100644
--- a/src/common/security/authcontext/authcontext.go
+++ b/src/common/security/authcontext/authcontext.go
@@ -28,9 +28,9 @@ const (
 	// AuthTokenHeader is the key of auth token header
 	AuthTokenHeader  = "x-xenon-auth-token"
 	sysAdminRole     = "CLOUD_ADMIN"
-	projectAdminRole = "DEVOPS_ADMIN"
-	developerRole    = "DEVELOPER"
-	guestRole        = "GUEST"
+	projectAdminRole = "PROJECT_ADMIN"
+	developerRole    = "PROJECT_MEMBER"
+	guestRole        = "PROJECT_VIEWER"
 )
 
 type project struct {
diff --git a/src/ui/api/repository.go b/src/ui/api/repository.go
index 3a23f3c9a..9f2283348 100644
--- a/src/ui/api/repository.go
+++ b/src/ui/api/repository.go
@@ -604,14 +604,14 @@ func (ra *RepositoryAPI) GetTopRepos() {
 	projectIDs := []int64{}
 	projects, err := ra.ProjectMgr.GetPublic()
 	if err != nil {
-		log.Errorf("failed to get the public projects: %v", err)
+		ra.HandleInternalServerError(fmt.Sprintf("failed to get public projects: %v", err))
 		return
 	}
 	if ra.SecurityCtx.IsAuthenticated() {
 		list, err := ra.ProjectMgr.GetByMember(ra.SecurityCtx.GetUsername())
 		if err != nil {
-			log.Errorf("failed to get projects which the user %s is a member of: %v",
-				ra.SecurityCtx.GetUsername(), err)
+			ra.HandleInternalServerError(fmt.Sprintf("failed to get projects which the user %s is a member of: %v",
+				ra.SecurityCtx.GetUsername(), err))
 			return
 		}
 		projects = append(projects, list...)
diff --git a/src/ui/config/config.go b/src/ui/config/config.go
index 449ab7b72..2c0287dbc 100644
--- a/src/ui/config/config.go
+++ b/src/ui/config/config.go
@@ -120,9 +120,15 @@ func initProjectManager() {
 			},
 		},
 	}
+
+	path := os.Getenv("SERVICE_TOKEN_FILE_PATH")
+	if len(path) == 0 {
+		path = defaultTokenFilePath
+	}
+	log.Infof("service token file path: %s", path)
 	GlobalProjectMgr = pms.NewProjectManager(AdmiralClient,
 		AdmiralEndpoint(), &pms.FileTokenReader{
-			Path: defaultTokenFilePath,
+			Path: path,
 		})
 }
 
diff --git a/src/ui/filter/security.go b/src/ui/filter/security.go
index acb8cdb43..a66812004 100644
--- a/src/ui/filter/security.go
+++ b/src/ui/filter/security.go
@@ -145,7 +145,7 @@ func (b *basicAuthReqCtxModifier) Modify(ctx *beegoctx.Context) bool {
 			return false
 		}
 
-		log.Debug("using glocal project manager...")
+		log.Debug("using global project manager...")
 		pm := config.GlobalProjectMgr
 		log.Debug("creating admiral security context...")
 		securCtx := admiral.NewSecurityContext(authCtx, pm)
diff --git a/src/ui/service/notification.go b/src/ui/service/notification.go
index 6aef9938f..8a08b51e6 100644
--- a/src/ui/service/notification.go
+++ b/src/ui/service/notification.go
@@ -65,7 +65,7 @@ func (n *NotificationHandler) Post() {
 			user = "anonymous"
 		}
 
-		pro, err := n.ProjectMgr.Get(project)
+		pro, err := config.GlobalProjectMgr.Get(project)
 		if err != nil {
 			log.Errorf("failed to get project by name %s: %v", project, err)
 			return