2 files changed, 4 insertions, 4 deletions

diff --git a/app/controllers/clusters/base_controller.rb b/app/controllers/clusters/base_controller.rb
index b1ffdf00b87..f88d381b3bf 100644
--- a/app/controllers/clusters/base_controller.rb
+++ b/app/controllers/clusters/base_controller.rb
@@ -4,7 +4,7 @@ class Clusters::BaseController < ApplicationController
   include RoutableActions
 
   skip_before_action :authenticate_user!
-  before_action :authorize_read_cluster!
+  before_action :authorize_admin_cluster!, except: [:show, :index, :new, :authorize_aws_role, :update]
 
   helper_method :clusterable
 
@@ -18,11 +18,11 @@ class Clusters::BaseController < ApplicationController
   end
 
   def authorize_update_cluster!
-    access_denied! unless can?(current_user, :update_cluster, cluster)
+    access_denied! unless can?(current_user, :update_cluster, clusterable)
   end
 
   def authorize_admin_cluster!
-    access_denied! unless can?(current_user, :admin_cluster, cluster)
+    access_denied! unless can?(current_user, :admin_cluster, clusterable)
   end
 
   def authorize_read_cluster!
diff --git a/app/controllers/clusters/clusters_controller.rb b/app/controllers/clusters/clusters_controller.rb
index 15a261f572a..c12ceca9c3b 100644
--- a/app/controllers/clusters/clusters_controller.rb
+++ b/app/controllers/clusters/clusters_controller.rb
@@ -10,9 +10,9 @@ class Clusters::ClustersController < Clusters::BaseController
   before_action :validate_gcp_token, only: [:new]
   before_action :gcp_cluster, only: [:new]
   before_action :user_cluster, only: [:new]
+  before_action :authorize_read_cluster!, only: [:show, :index]
   before_action :authorize_create_cluster!, only: [:new, :authorize_aws_role]
   before_action :authorize_update_cluster!, only: [:update]
-  before_action :authorize_admin_cluster!, only: [:destroy, :clear_cache]
   before_action :update_applications_status, only: [:cluster_status]
 
   helper_method :token_in_session