diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index e84220c..9a43381 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -91,6 +91,10 @@ class ApplicationController < ActionController::Base
     return access_denied! unless can?(current_user, :download_code, project) or project.public?
   end
 
+  def authorize_push!
+    return access_denied! unless can?(current_user, :push_code, project)
+  end
+
   def authorize_create_team!
     return access_denied! unless can?(current_user, :create_team, nil)
   end
diff --git a/app/controllers/projects/branches_controller.rb b/app/controllers/projects/branches_controller.rb
index a9d9cfb..cd28d75 100644
--- a/app/controllers/projects/branches_controller.rb
+++ b/app/controllers/projects/branches_controller.rb
@@ -3,7 +3,9 @@ class Projects::BranchesController < Projects::ApplicationController
   before_filter :authorize_read_project!
   before_filter :require_non_empty_project
 
-  before_filter :authorize_admin_project!, only: [:destroy, :create]
+  before_filter :authorize_code_access!
+  before_filter :authorize_push!, only: [:create]
+  before_filter :authorize_admin_project!, only: [:destroy]
 
   def index
     @branches = Kaminari.paginate_array(@repository.branches).page(params[:page]).per(30)
diff --git a/app/controllers/projects/tags_controller.rb b/app/controllers/projects/tags_controller.rb
index 32eb37b..55b2f5b 100644
--- a/app/controllers/projects/tags_controller.rb
+++ b/app/controllers/projects/tags_controller.rb
@@ -1,10 +1,11 @@
 class Projects::TagsController < Projects::ApplicationController
   # Authorize
   before_filter :authorize_read_project!
-  before_filter :authorize_code_access!
   before_filter :require_non_empty_project
 
-  before_filter :authorize_admin_project!, only: [:destroy, :create]
+  before_filter :authorize_code_access!
+  before_filter :authorize_push!, only: [:create]
+  before_filter :authorize_admin_project!, only: [:destroy]
 
   def index
     @tags = Kaminari.paginate_array(@project.repository.tags).page(params[:page]).per(30)
diff --git a/app/views/projects/repositories/_filter.html.haml b/app/views/projects/repositories/_filter.html.haml
index 138fd6d..660d9d2 100644
--- a/app/views/projects/repositories/_filter.html.haml
+++ b/app/views/projects/repositories/_filter.html.haml
@@ -10,6 +10,7 @@
 
 
 %hr
+- if can? current_user, :push_code, @project
   = link_to new_project_branch_path(@project), class: 'btn btn-create' do
     %i.icon-add-sign
     New branch
--
libgit2 0.21.2