diff --git a/services/web/app/src/Features/Authorization/AuthorizationManager.js b/services/web/app/src/Features/Authorization/AuthorizationManager.js
index 49e3af707e..ef5654ae5f 100644
--- a/services/web/app/src/Features/Authorization/AuthorizationManager.js
+++ b/services/web/app/src/Features/Authorization/AuthorizationManager.js
@@ -11,16 +11,19 @@ const TokenAccessHandler = require('../TokenAccess/TokenAccessHandler')
 
 module.exports = AuthorizationManager = {
   isRestrictedUser(userId, privilegeLevel, isTokenMember) {
+    if (privilegeLevel === PrivilegeLevels.NONE) {
+      return true
+    }
     return (
       privilegeLevel === PrivilegeLevels.READ_ONLY && (isTokenMember || !userId)
     )
   },
 
-  isRestrictedUserForProject(userId, projectId, callback) {
+  isRestrictedUserForProject(userId, projectId, token, callback) {
     this.getPrivilegeLevelForProject(
       userId,
       projectId,
-      null,
+      token,
       (err, privilegeLevel) => {
         if (err) {
           return callback(err)
diff --git a/services/web/test/unit/src/Authorization/AuthorizationManagerTests.js b/services/web/test/unit/src/Authorization/AuthorizationManagerTests.js
index 42e84f0c2c..a83db87a34 100644
--- a/services/web/test/unit/src/Authorization/AuthorizationManagerTests.js
+++ b/services/web/test/unit/src/Authorization/AuthorizationManagerTests.js
@@ -55,7 +55,11 @@ describe('AuthorizationManager', function() {
       ]
       const restrictedScenarios = [
         [null, 'readOnly', false],
-        ['id', 'readOnly', true]
+        ['id', 'readOnly', true],
+        [null, false, true],
+        [null, false, false],
+        ['id', false, true],
+        ['id', false, false]
       ]
       for (var notRestrictedArgs of notRestrictedScenarios) {
         expect(