diff --git a/api/models.py b/api/models.py
index 5b590b7..4a65a76 100644
--- a/api/models.py
+++ b/api/models.py
@@ -12,6 +12,7 @@ class User(db.Model):
     def to_dict(self):
         return {"id": self.id, "username": self.username, "email": self.email, "role": self.role}
     
+    @classmethod
     def get_editable_fields():
         return {"username", "email", "role", "password"}
 
@@ -30,5 +31,8 @@ class Task(db.Model):
             "description": self.description,
             "due_date": self.due_date,
             "done": self.done,
-            "user_id": self.user_id
         }
+    
+    @classmethod
+    def get_editable_fields():
+        return {"title", "description", "due_date", "done"}
diff --git a/api/task_views.py b/api/task_views.py
index 37a665d..e57b2be 100644
--- a/api/task_views.py
+++ b/api/task_views.py
@@ -39,39 +39,39 @@ def get_tasks_by_user(user_id):
 @jwt_required()
 def create_task():
     data = request.get_json()
-    user_id = int(data.get('user_id'))
-    validate_access(user_id, 'Provided user_id is not assign to current user')
-    
     due_date = datetime.strptime(data['due_date'], '%d-%m-%Y')
     task = Task(title=data['title'], description=data['description'], due_date=due_date,
-                done=data['done'], user_id=data['user_id'])
+                done=data['done'], user_id=get_jwt_identity())
 
     db.session.add(task)
     db.session.commit()
     return jsonify(task.to_dict())
 
 
-@task_bp.route('/tasks/<int:task_id>', methods=['PUT'])
+@task_bp.route('/tasks/<int:task_id>', methods=['PUT', 'PATCH'])
 @jwt_required()
 def update_task(task_id):
     task = Task.query.get(task_id)
     check_if_task_exists(task)
 
-    request_title = request.json.get('title')
-    request_description = request.json.get('description')
-    request_due_date = datetime.strptime(request.json.get('due_date'), '%d-%m-%Y')
-    request_done = request.json.get('done')
+    request_data = request.get_json()
+    request_fields = set(request_data.keys())
+    editable_fields = Task.get_editable_fields()
 
-    if all((task.title, task.description, task.due_date)) and task.done is not None:
-        task.title = request_title
-        task.description = request_description
-        task.due_date = request_due_date
-        task.done = request_done
+    # PUT requires all values
+    if request.method == 'PUT':
+        if request_fields != editable_fields:
+            return jsonify({'error': 'Invalid request data structure.'}), 400
 
-        db.session.commit()
-        return jsonify(task.to_dict())
-    else:
-        return abort(400, {'error': 'Incomplete task data.'})
+    for field_name in editable_fields:
+        requested_value = request_data.get(field_name)
+        if requested_value is None:
+            continue
+        new_value = datetime.strptime(requested_value, '%d-%m-%Y') \
+            if field_name == 'due_date' else requested_value
+        setattr(task, field_name, new_value)
+    db.session.commit()
+    return jsonify(task.to_dict())
 
 
 @task_bp.route('/tasks/<int:task_id>', methods=['DELETE'])
diff --git a/api/user_views.py b/api/user_views.py
index 8775240..6e31225 100644
--- a/api/user_views.py
+++ b/api/user_views.py
@@ -57,7 +57,7 @@ def edit_user(user_id):
             return jsonify({'error': 'Invalid request data structure.'}), 400
 
     user_to_update = User.query.get_or_404(user_id)
-    for field_name in request_fields:
+    for field_name in editable_fields:
         requested_value = request_data.get(field_name)
         if requested_value is None:
             continue