diff --git a/keyosk/database/account_acl.py b/keyosk/database/account_acl.py
index c6220fa..126100c 100644
--- a/keyosk/database/account_acl.py
+++ b/keyosk/database/account_acl.py
@@ -47,3 +47,6 @@ class AccountACLEntry(KeyoskBaseModel):
         yield "permission", self.permission.name
         yield "with_server_secret", self.with_server_secret
         yield "with_client_secret", self.with_client_secret
+
+    def __str__(self):
+        return f"ACL {self.permission.name}@{self.access_list.name} (scope:{'+'.join([item for item in ['server' if self.with_server_secret else '', 'client' if self.with_client_secret else ''] if item])})"
diff --git a/tests/test_database_account_acl.py b/tests/test_database_account_acl.py
new file mode 100644
index 0000000..85b8364
--- /dev/null
+++ b/tests/test_database_account_acl.py
@@ -0,0 +1,12 @@
+import json
+
+import peewee
+from fixtures import demo_database
+
+from keyosk import database
+
+
+def test_formatting(demo_database):
+    for acl in database.AccountACLEntry.select():
+        assert dict(acl) == json.loads(json.dumps(dict(acl)))
+        assert str(acl.uuid) not in str(acl)