diff --git a/pkg/models/task_collection.go b/pkg/models/task_collection.go
index bfa6bf960..31f05132e 100644
--- a/pkg/models/task_collection.go
+++ b/pkg/models/task_collection.go
@@ -233,6 +233,14 @@ func (tf *TaskCollection) ReadAll(s *xorm.Session, a web.Auth, search string, pa
 			return nil, 0, 0, err
 		}
 
+		canRead, _, err := sf.CanRead(s, a)
+		if err != nil {
+			return nil, 0, 0, err
+		}
+		if !canRead {
+			return nil, 0, 0, ErrGenericForbidden{}
+		}
+
 		// By prepending sort options before the saved ones from the filter, we make sure the supplied sort
 		// options via query take precedence over the rest.