diff --git a/src/Bundle/ChillPersonBundle/Controller/ReassignAccompanyingPeriodController.php b/src/Bundle/ChillPersonBundle/Controller/ReassignAccompanyingPeriodController.php
index bafc4b1cb..fde9746d3 100644
--- a/src/Bundle/ChillPersonBundle/Controller/ReassignAccompanyingPeriodController.php
+++ b/src/Bundle/ChillPersonBundle/Controller/ReassignAccompanyingPeriodController.php
@@ -20,6 +20,7 @@ use Chill\MainBundle\Repository\UserRepository;
 use Chill\MainBundle\Templating\Entity\UserRender;
 use Chill\PersonBundle\Repository\AccompanyingPeriodACLAwareRepositoryInterface;
 use Chill\PersonBundle\Repository\AccompanyingPeriodRepository;
+use Chill\PersonBundle\Security\Authorization\AccompanyingPeriodVoter;
 use Doctrine\ORM\EntityManagerInterface;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\Form\CallbackTransformer;
@@ -30,6 +31,7 @@ use Symfony\Component\Form\FormFactoryInterface;
 use Symfony\Component\Form\FormInterface;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
 use Symfony\Component\Routing\Annotation\Route;
 use Symfony\Component\Security\Core\Exception\AccessDeniedException;
 use Symfony\Component\Security\Core\Security;
@@ -85,8 +87,8 @@ class ReassignAccompanyingPeriodController extends AbstractController
      */
     public function listAction(Request $request): Response
     {
-        if (!$this->security->isGranted('ROLE_USER') || !$this->security->getUser() instanceof User) {
-            throw new AccessDeniedException();
+        if (!$this->security->isGranted(AccompanyingPeriodVoter::REASSIGN_BULK)) {
+            throw new AccessDeniedHttpException('no right to reassign bulk');
         }
 
         $form = $this->buildFilterForm();
diff --git a/src/Bundle/ChillPersonBundle/DependencyInjection/ChillPersonExtension.php b/src/Bundle/ChillPersonBundle/DependencyInjection/ChillPersonExtension.php
index 576e563bd..6fd434635 100644
--- a/src/Bundle/ChillPersonBundle/DependencyInjection/ChillPersonExtension.php
+++ b/src/Bundle/ChillPersonBundle/DependencyInjection/ChillPersonExtension.php
@@ -984,11 +984,11 @@ class ChillPersonExtension extends Extension implements PrependExtensionInterfac
                     AccompanyingPeriodVoter::DELETE,
                 ],
                 AccompanyingPeriodVoter::REASSIGN_BULK => [
-                    AccompanyingPeriodVoter::CONFIDENTIAL_CRUD,
-                    AccompanyingPeriodVoter::SEE_CONFIDENTIAL,
+                    AccompanyingPeriodVoter::SEE_CONFIDENTIAL_ALL,
+                    AccompanyingPeriodVoter::TOGGLE_CONFIDENTIAL_ALL,
                 ],
-                AccompanyingPeriodVoter::TOGGLE_CONFIDENTIAL => [
-                    AccompanyingPeriodVoter::CONFIDENTIAL_CRUD,
+                AccompanyingPeriodVoter::TOGGLE_CONFIDENTIAL_ALL => [
+                    AccompanyingPeriodVoter::SEE_CONFIDENTIAL_ALL,
                 ],
             ],
         ]);
diff --git a/src/Bundle/ChillPersonBundle/Security/Authorization/AccompanyingPeriodVoter.php b/src/Bundle/ChillPersonBundle/Security/Authorization/AccompanyingPeriodVoter.php
index 436f51792..3dd991501 100644
--- a/src/Bundle/ChillPersonBundle/Security/Authorization/AccompanyingPeriodVoter.php
+++ b/src/Bundle/ChillPersonBundle/Security/Authorization/AccompanyingPeriodVoter.php
@@ -42,11 +42,6 @@ class AccompanyingPeriodVoter extends AbstractChillVoter implements ProvideRoleH
         self::RE_OPEN_COURSE,
     ];
 
-    /**
-     * Give the ability to see all confidential courses.
-     */
-    public const CONFIDENTIAL_CRUD = 'CHILL_PERSON_ACCOMPANYING_PERIOD_CRUD_CONFIDENTIAL';
-
     public const CREATE = 'CHILL_PERSON_ACCOMPANYING_PERIOD_CREATE';
 
     /**
@@ -110,7 +105,7 @@ class AccompanyingPeriodVoter extends AbstractChillVoter implements ProvideRoleH
     /**
      * Right to see confidential period even if not referrer
      */
-    public const SEE_CONFIDENTIAL = 'CHILL_PERSON_ACCOMPANYING_PERIOD_SEE_CONFIDENTIAL';
+    public const SEE_CONFIDENTIAL_ALL = 'CHILL_PERSON_ACCOMPANYING_PERIOD_SEE_CONFIDENTIAL';
 
     private Security $security;
 
@@ -136,7 +131,6 @@ class AccompanyingPeriodVoter extends AbstractChillVoter implements ProvideRoleH
         return [
             self::SEE,
             self::SEE_DETAILS,
-            self::CONFIDENTIAL_CRUD,
             self::CREATE,
             self::EDIT,
             self::DELETE,
@@ -154,7 +148,7 @@ class AccompanyingPeriodVoter extends AbstractChillVoter implements ProvideRoleH
 
     public function getRolesWithoutScope(): array
     {
-        return [self::REASSIGN_BULK];
+        return [];
     }
 
     protected function supports($attribute, $subject)
@@ -221,14 +215,10 @@ class AccompanyingPeriodVoter extends AbstractChillVoter implements ProvideRoleH
 
             // if confidential, only the referent can see it
             if ($subject->isConfidential()) {
-                if ($this->voterHelper->voteOnAttribute(self::CONFIDENTIAL_CRUD, $subject, $token)) {
+                if ($this->voterHelper->voteOnAttribute(self::SEE_CONFIDENTIAL_ALL, $subject, $token)) {
                     return true;
                 }
 
-/*                if ($this->voterHelper->voteOnAttribute(self::REASSIGN_BULK, null, $token)) {
-                    return true;
-                }*/
-
                 return $token->getUser() === $subject->getUser();
             }
         }