diff --git a/app/controllers/teams/application_controller.rb b/app/controllers/teams/application_controller.rb
index f1ecb5b..ff73f6b 100644
--- a/app/controllers/teams/application_controller.rb
+++ b/app/controllers/teams/application_controller.rb
@@ -1,8 +1,15 @@
 class Teams::ApplicationController < ApplicationController
+
+  before_filter :authorize_manage_user_team!
+
   protected
 
   def user_team
     @user_team ||= UserTeam.find_by_path(params[:team_id])
   end
 
+  def authorize_manage_user_team!
+    return access_denied! unless can?(current_user, :manage_user_team, user_team)
+  end
+
 end
diff --git a/app/controllers/teams/members_controller.rb b/app/controllers/teams/members_controller.rb
index ab1c287..111ad5c 100644
--- a/app/controllers/teams/members_controller.rb
+++ b/app/controllers/teams/members_controller.rb
@@ -1,6 +1,6 @@
 class Teams::MembersController < Teams::ApplicationController
   # Authorize
-  before_filter :authorize_manage_user_team!, only: [:new, :edit]
+  skip_before_filter :authorize_manage_user_team!, only: [:index]
 
   def index
     @members = @user_team.members
diff --git a/app/controllers/teams/projects_controller.rb b/app/controllers/teams/projects_controller.rb
index 1e65c0c..6255853 100644
--- a/app/controllers/teams/projects_controller.rb
+++ b/app/controllers/teams/projects_controller.rb
@@ -1,4 +1,7 @@
 class Teams::ProjectsController < Teams::ApplicationController
+
+  skip_before_filter :authorize_manage_user_team!, only: [:index]
+
   def index
     @projects = user_team.projects
     @avaliable_projects = current_user.admin? ? Project.without_team(user_team) : (Project.personal(current_user) + current_user.projects).uniq
--
libgit2 0.21.2