diff --git a/lib/NGCP/Panel/Controller/Sound.pm b/lib/NGCP/Panel/Controller/Sound.pm
index af07a7afe2..1340f868fd 100644
--- a/lib/NGCP/Panel/Controller/Sound.pm
+++ b/lib/NGCP/Panel/Controller/Sound.pm
@@ -37,11 +37,14 @@ sub auto :Private {
         my $contract_select_rs = NGCP::Panel::Utils::Contract::get_contract_rs(c => $c);
         $contract_select_rs = $contract_select_rs->search({ 'me.id' => $contract_id });
         my $product_id = $contract_select_rs->first->get_column('product_id');
-        NGCP::Panel::Utils::Message->error(
-            c => $c,
-            error => "No product for customer contract id $contract_id found",
-            desc  => "No product for this customer contract found.",
-        ) unless($product_id);
+        unless($product_id) {
+            NGCP::Panel::Utils::Message->error(
+                c => $c,
+                error => "No product for customer contract id $contract_id found",
+                desc  => "No product for this customer contract found.",
+            );
+            NGCP::Panel::Utils::Navigation::back_or($c, $c->uri_for('/sound'));
+        }
         my $product = $c->model('DB')->resultset('products')->find({ 
             id => $product_id, class => 'pbxaccount' 
         });
@@ -68,6 +71,42 @@ sub sets_list :Chained('/') :PathPart('sound') :CaptureArgs(0) {
     $c->stash(template => 'sound/list.tt');
 }
 
+sub contract_sets_list :Chained('/') :PathPart('sound/contract') :CaptureArgs(1) {
+    my ( $self, $c, $contract_id ) = @_;
+
+    unless($contract_id && $contract_id->is_int) {
+        NGCP::Panel::Utils::Message->error(
+            c => $c,
+            error => "Invalid contract id $contract_id found",
+            desc  => "Invalid contract id found",
+        );
+        NGCP::Panel::Utils::Navigation::back_or($c, $c->uri_for('/sound'));
+    }
+    if($c->user->roles eq "subscriberadmin" && $c->user->account_id != $contract_id) {
+        NGCP::Panel::Utils::Message->error(
+            c => $c,
+            error => "access violatio, subscriberadmin ".$c->user->uuid." with contract id ".$c->user->account_id." tries to access foreign contract id $contract_id",
+            desc  => "Invalid contract id found",
+        );
+        NGCP::Panel::Utils::Navigation::back_or($c, $c->uri_for('/sound'));
+    }
+    my $contract = $c->model('DB')->resultset('contracts')->find($contract_id);
+    unless($contract) {
+        NGCP::Panel::Utils::Message->error(
+            c => $c,
+            error => "Contract id $contract_id not found",
+            desc  => "Invalid contract id detected",
+        );
+        NGCP::Panel::Utils::Navigation::back_or($c, $c->uri_for('/sound'));
+    }
+
+    NGCP::Panel::Utils::Sounds::stash_soundset_list(
+        c => $c, 
+        contract => $contract,
+    );
+    $c->stash(template => 'sound/list.tt');
+}
+
 sub root :Chained('sets_list') :PathPart('') :Args(0) {
     my ($self, $c) = @_;
 }
@@ -80,6 +119,14 @@ sub ajax :Chained('sets_list') :PathPart('ajax') :Args(0) {
     $c->detach( $c->view("JSON") );
 }
 
+sub contract_ajax :Chained('contract_sets_list') :PathPart('ajax') :Args(0) {
+    my ($self, $c) = @_;
+    
+    my $resultset = $c->stash->{sets_rs};
+    NGCP::Panel::Utils::Datatables::process($c, $resultset, $c->stash->{soundset_dt_columns});
+    $c->detach( $c->view("JSON") );
+}
+
 sub base :Chained('sets_list') :PathPart('') :CaptureArgs(1) {
     my ($self, $c, $set_id) = @_;
 
diff --git a/lib/NGCP/Panel/Utils/Sounds.pm b/lib/NGCP/Panel/Utils/Sounds.pm
index 277c5214f8..7062869514 100644
--- a/lib/NGCP/Panel/Utils/Sounds.pm
+++ b/lib/NGCP/Panel/Utils/Sounds.pm
@@ -55,7 +55,8 @@ sub stash_soundset_list {
 
     my $sets_rs = $c->model('DB')->resultset('voip_sound_sets');
     if($contract) {
-        $sets_rs = $sets_rs->search({ contract_id => $contract->id });
+        say ">>>>>>>>>>>>>>> we've a contract, limit rs";
+        $sets_rs = $sets_rs->search({ 'me.contract_id' => $contract->id });
     }
 
     my $dt_fields = [
@@ -74,7 +75,7 @@ sub stash_soundset_list {
             { name => 'contract.contact.email', search => 1, title => 'Customer' };
         $sets_rs = $sets_rs->search({ reseller_id => $c->user->reseller_id });
     } elsif($c->user->roles eq "subscriberadmin" && !$contract) {
-        $sets_rs = $sets_rs->search({ contract_id => $c->user->account_id });
+        $sets_rs = $sets_rs->search({ 'me.contract_id' => $c->user->account_id });
     }
 
     $c->stash->{soundset_dt_columns} = NGCP::Panel::Utils::Datatables::set_columns($c, $dt_fields);
diff --git a/share/templates/customer/details.tt b/share/templates/customer/details.tt
index 4ecd4dce32..5df0c6b92d 100644
--- a/share/templates/customer/details.tt
+++ b/share/templates/customer/details.tt
@@ -310,7 +310,7 @@
 [%
     helper.name = 'Sound Sets';
     helper.dt_columns = soundset_dt_columns;
-    helper.ajax_uri = c.uri_for('/sound/ajax');
+    helper.ajax_uri = c.uri_for_action('/sound/contract_ajax', [ c.req.captures.0 ]);
 
     UNLESS c.user.read_only;
         helper.dt_buttons = [