diff --git a/spec/ParseUser.spec.js b/spec/ParseUser.spec.js
index c9f25bd8..d339de7b 100644
--- a/spec/ParseUser.spec.js
+++ b/spec/ParseUser.spec.js
@@ -1576,5 +1576,27 @@ describe('Parse.User testing', () => {
     });
   });
 
+  it('ensure logout works', (done) => {
+    var user = null;
+    var sessionToken = null;
+
+    Parse.Promise.as().then(function() {
+      return Parse.User.signUp('log', 'out');
+    }).then((newUser) => {
+      user = newUser;
+      sessionToken = user.getSessionToken();
+      return Parse.User.logOut();
+    }).then(() => {
+      user.set('foo', 'bar');
+      return user.save(null, { sessionToken: sessionToken });
+    }).then(() => {
+      fail('Save should have failed.');
+      done();
+    }, (e) => {
+      expect(e.code).toEqual(Parse.Error.SESSION_MISSING);
+      done();
+    });
+  })
+
 });
 
diff --git a/src/RestWrite.js b/src/RestWrite.js
index 446a2db9..77a971c3 100644
--- a/src/RestWrite.js
+++ b/src/RestWrite.js
@@ -637,7 +637,7 @@ RestWrite.prototype.runDatabaseOperation = function() {
       this.query &&
       !this.auth.couldUpdateUserId(this.query.objectId)) {
     throw new Parse.Error(Parse.Error.SESSION_MISSING,
-                          'cannot modify user ' + this.objectId);
+                          'cannot modify user ' + this.query.objectId);
   }
 
   // TODO: Add better detection for ACL, ensuring a user can't be locked from