diff --git a/app/models/user/with_authentication.rb b/app/models/user/with_authentication.rb
index 6f8b27749a82081f3c9957e3a2783dee4babf775..dafe47ac03888754205fb42dd58353792351dde7 100644
--- a/app/models/user/with_authentication.rb
+++ b/app/models/user/with_authentication.rb
@@ -20,7 +20,6 @@ module User::WithAuthentication
     validates :mobile_phone, format: { with: /\A\+[0-9]+\z/ }, allow_blank: true
 
     before_validation :adjust_mobile_phone, :sanitize_fields
-    before_validation :set_default_role, on: :create
 
     def self.find_for_authentication(warden_conditions)
       where(email: warden_conditions[:email].downcase, university_id: warden_conditions[:university_id]).first
@@ -72,16 +71,6 @@ module User::WithAuthentication
       self.mobile_phone = full_sanitizer.sanitize(self.mobile_phone)&.gsub('=', '')
     end
 
-    def set_default_role
-      if User.all.empty?
-        role = :server_admin
-      elsif university.users.empty?
-        role = :admin
-      else
-        role = :visitor
-      end
-    end
-
     def password_required?
       !persisted? || !password.nil? || !password_confirmation.nil?
     end
diff --git a/app/models/user/with_roles.rb b/app/models/user/with_roles.rb
index 59cfd936ceb12633b3cc9beec77d46a96e37e1c4..8adc16e8fbe02c410c168759eaf644803f751a3f 100644
--- a/app/models/user/with_roles.rb
+++ b/app/models/user/with_roles.rb
@@ -8,6 +8,7 @@ module User::WithRoles
 
     scope :for_role, -> (role) { where(role: role) }
 
+    before_validation :set_default_role, on: :create
     before_validation :check_modifier_role
 
     def managed_roles
@@ -23,5 +24,13 @@ module User::WithRoles
       errors.add(:role, 'cannot be set to this role') if modified_by && !modified_by.managed_roles.include?(self.role)
     end
 
+    def set_default_role
+      if User.all.empty?
+        self.role = :server_admin
+      elsif university.users.not_server_admin.empty?
+        self.role = :admin
+      end
+    end
+
   end
 end