diff --git a/account/middleware.py b/account/middleware.py
index 409a55a..f510fd2 100644
--- a/account/middleware.py
+++ b/account/middleware.py
@@ -7,12 +7,10 @@ from django.utils.translation import ugettext as _
 
 from utils.api import JSONResponse
 
-from .models import AdminType
-
 
 class SessionSecurityMiddleware(object):
     def process_request(self, request):
-        if request.user.is_authenticated() and request.user.admin_type in [AdminType.ADMIN, AdminType.SUPER_ADMIN]:
+        if request.user.is_authenticated() and request.user.is_admin_role():
             if "last_activity" in request.session:
                 # 24 hours passed since last visit
                 if time.time() - request.session["last_activity"] >= 24 * 60 * 60:
diff --git a/contest/urls/oj.py b/contest/urls/oj.py
index a9290a2..e2e48ca 100644
--- a/contest/urls/oj.py
+++ b/contest/urls/oj.py
@@ -3,5 +3,5 @@ from django.conf.urls import url
 from ..views.oj import ContestAnnouncementListAPI
 
 urlpatterns = [
-    url(r"^contest", ContestAnnouncementListAPI.as_view(), name="contest_list_api"),
+    url(r"^contest$", ContestAnnouncementListAPI.as_view(), name="contest_list_api"),
 ]
diff --git a/contest/views/admin.py b/contest/views/admin.py
index 0b8e750..15007ad 100644
--- a/contest/views/admin.py
+++ b/contest/views/admin.py
@@ -28,8 +28,8 @@ class ContestAPI(APIView):
         data = request.data
         try:
             contest = Contest.objects.get(id=data.pop("id"))
-            if request.user.is_admin():
-                contest = contest.get(created_by=request.user)
+            if request.user.is_admin() and contest.created_by != request.user:
+                return self.error("Contest does not exist")
         except Contest.DoesNotExist:
             return self.error("Contest does not exist")
         data["start_time"] = dateutil.parser.parse(data["start_time"])
@@ -48,8 +48,8 @@ class ContestAPI(APIView):
         if contest_id:
             try:
                 contest = Contest.objects.get(id=contest_id)
-                if request.user.is_admin():
-                    contest = contest.get(created_by=request.user)
+                if request.user.is_admin() and contest.created_by != request.user:
+                    return self.error("Contest does not exist")
                 return self.success(ContestSerializer(contest).data)
             except Contest.DoesNotExist:
                 return self.error("Contest does not exist")
@@ -68,11 +68,14 @@ class ContestAPI(APIView):
 class ContestAnnouncementAPI(APIView):
     @validate_serializer(CreateContestAnnouncementSerializer)
     def post(self, request):
+        """
+        Create one contest_announcement.
+        """
         data = request.data
         try:
             contest = Contest.objects.get(id=data.pop("contest_id"))
-            if request.user.is_admin():
-                contest = contest.get(created_by=request.user)
+            if request.user.is_admin() and contest.created_by != request.user:
+                return self.error("Contest does not exist")
             data["contest"] = contest
             data["created_by"] = request.user
         except Contest.DoesNotExist:
@@ -81,10 +84,35 @@ class ContestAnnouncementAPI(APIView):
         return self.success(ContestAnnouncementSerializer(announcement).data)
 
     def delete(self, request):
-        announcement_id = request.GET.get("id")
-        if announcement_id:
+        """
+        Delete one contest_announcement.
+        """
+        contest_announcement_id = request.GET.get("id")
+        if contest_announcement_id:
             if request.user.is_admin():
-                ContestAnnouncement.objects.filter(id=announcement_id, contest__created_by=request.user).delete()
+                ContestAnnouncement.objects.filter(id=contest_announcement_id, contest__created_by=request.user).delete()
             else:
-                ContestAnnouncement.objects.filter(id=announcement_id).delete()
+                ContestAnnouncement.objects.filter(id=contest_announcement_id).delete()
         return self.success()
+
+    def get(self, request):
+        """
+        Get one contest_announcement or contest_announcement list.
+        """
+        contest_announcement_id = request.GET.get("id")
+        if contest_announcement_id:
+            try:
+                contest_announcement = ContestAnnouncement.objects.get(id=contest_announcement_id)
+                if request.user.is_admin() and contest_announcement.created_by != request.user:
+                    return self.error("Contest announcement does not exist")
+                return self.success(ContestAnnouncementSerializer(contest_announcement).data)
+            except ContestAnnouncement.DoesNotExist:
+                return self.error("Contest announcement does not exist")
+
+        contest_announcements = ContestAnnouncement.objects.all().order_by("-create_time")
+        if request.user.is_admin():
+            contest_announcements = contest_announcements.filter(created_by=request.user)
+        keyword = request.GET.get("keyword")
+        if keyword:
+            contest_announcements = contest_announcements.filter(title__contains=keyword)
+        return self.success(self.paginate_data(request, contest_announcements, ContestAnnouncementSerializer))