diff --git a/models/resources/purchase_resource/purchase_resource.go b/models/resources/purchase_resource/purchase_resource.go
index ab08081..cb18dda 100644
--- a/models/resources/purchase_resource/purchase_resource.go
+++ b/models/resources/purchase_resource/purchase_resource.go
@@ -65,7 +65,3 @@ func (r *PurchaseResource) CanDelete() bool { // ENDBuyingDate is passed
 	}
 	return false // only draft bookings can be deleted
 }
-
-func (dca *PurchaseResource) ShouldVerifyAuth() bool {
-	return false // TEMP : by pass
-}
diff --git a/models/resources/purchase_resource/purchase_resource_accessor.go b/models/resources/purchase_resource/purchase_resource_accessor.go
index f16d015..86a3598 100644
--- a/models/resources/purchase_resource/purchase_resource_accessor.go
+++ b/models/resources/purchase_resource/purchase_resource_accessor.go
@@ -46,3 +46,7 @@ func (a *PurchaseResourceMongoAccessor) GetExec(isDraft bool) func(utils.DBObjec
 		return d
 	}
 }
+
+func (dca *PurchaseResourceMongoAccessor) ShouldVerifyAuth() bool {
+	return false // TEMP : by pass
+}
diff --git a/models/utils/common.go b/models/utils/common.go
index 5b152ab..5658aae 100755
--- a/models/utils/common.go
+++ b/models/utils/common.go
@@ -158,6 +158,9 @@ func GenericUpdateOne(change map[string]interface{}, id string, a Accessor) (DBO
 }
 
 func GenericLoadOne[T DBObject](id string, data T, f func(DBObject) (DBObject, int, error), a Accessor) (DBObject, int, error) {
+	if a.ShouldVerifyAuth() && !data.VerifyAuth("get", a.GetRequest()) {
+		return nil, 403, errors.New("you are not allowed to access :" + a.GetType().String())
+	}
 	res_mongo, code, err := mongo.MONGOService.LoadOne(id, a.GetType().String())
 	if err != nil {
 		return nil, code, err
@@ -166,9 +169,6 @@ func GenericLoadOne[T DBObject](id string, data T, f func(DBObject) (DBObject, i
 		return nil, 400, err
 	}
 
-	if a.ShouldVerifyAuth() && !data.VerifyAuth("get", a.GetRequest()) {
-		return nil, 403, errors.New("you are not allowed to access :" + a.GetType().String())
-	}
 	return f(data)
 }