diff --git a/Controller/TaskController.php b/Controller/TaskController.php
index a54964574..3fc3f1dee 100644
--- a/Controller/TaskController.php
+++ b/Controller/TaskController.php
@@ -84,10 +84,6 @@ class TaskController extends Controller
                             return $t->getName() === $transition;
                         }
                      ))[0];
-
-        // we simply check that the user can see the task. Other ACL checks
-        // should be performed using `guard` events.
-        $this->denyAccessUnlessGranted(TaskVoter::SHOW, $task);
         
         $form = $this->createTransitionForm($task);
         
@@ -118,6 +114,10 @@ class TaskController extends Controller
             if ($event->hasResponse()) {
                 return $event->getResponse();
             } else {
+                // we simply check that the user can see the task. Other ACL checks
+                // should be performed using `guard` events.
+                $this->denyAccessUnlessGranted(TaskVoter::SHOW, $task);
+                
                 return $this->render($defaultTemplate, [
                     'task' => $task,
                     'form' => $form->createView(),