diff --git a/models/utils/abstracts.go b/models/utils/abstracts.go
index bf43a4d..3ec405c 100644
--- a/models/utils/abstracts.go
+++ b/models/utils/abstracts.go
@@ -128,6 +128,9 @@ func GenericStoreOne(data DBObject, a Accessor) (DBObject, int, error) {
 			}},
 		},
 	}
+	if !data.VerifyAuth(a.GetPeerID(), a.GetGroups()) {
+		return nil, 403, errors.New("You are not allowed to access this collaborative area")
+	}
 	if cursor, _, _ := a.Search(&f, ""); len(cursor) > 0 {
 		return nil, 409, errors.New(a.GetType().String() + " with name " + data.GetName() + " already exists")
 	}
@@ -150,6 +153,9 @@ func GenericDeleteOne(id string, a Accessor) (DBObject, int, error) {
 		a.GetLogger().Error().Msg("Could not retrieve " + id + " to db. Error: " + err.Error())
 		return nil, code, err
 	}
+	if !res.VerifyAuth(a.GetPeerID(), a.GetGroups()) {
+		return nil, 403, errors.New("You are not allowed to access this collaborative area")
+	}
 	_, code, err = mongo.MONGOService.DeleteOne(id, a.GetType().String())
 	if err != nil {
 		a.GetLogger().Error().Msg("Could not delete " + id + " to db. Error: " + err.Error())
@@ -165,6 +171,9 @@ func GenericUpdateOne(set DBObject, id string, a Accessor, new DBObject) (DBObje
 	if err != nil {
 		return nil, c, err
 	}
+	if !r.VerifyAuth(a.GetPeerID(), a.GetGroups()) {
+		return nil, 403, errors.New("You are not allowed to access this collaborative area")
+	}
 	change := set.Serialize(set) // get the changes
 	loaded := r.Serialize(r)     // get the loaded object
 
@@ -182,14 +191,14 @@ func GenericUpdateOne(set DBObject, id string, a Accessor, new DBObject) (DBObje
 func GenericLoadOne[T DBObject](id string, f func(DBObject) (DBObject, int, error), a Accessor) (DBObject, int, error) {
 	var data T
 	res_mongo, code, err := mongo.MONGOService.LoadOne(id, a.GetType().String())
-	if !data.VerifyAuth(a.GetPeerID(), a.GetGroups()) {
-		return nil, 403, errors.New("You are not allowed to access this collaborative area")
-	}
 	if err != nil {
 		a.GetLogger().Error().Msg("Could not retrieve " + id + " from db. Error: " + err.Error())
 		return nil, code, err
 	}
 	res_mongo.Decode(&data)
+	if !data.VerifyAuth(a.GetPeerID(), a.GetGroups()) {
+		return nil, 403, errors.New("You are not allowed to access this collaborative area")
+	}
 	return f(data)
 }