Somehow the journals could still be created with an invalid user. now it is ensured with safer nested route and such.
