diff --git a/lib/Service/PermissionService.php b/lib/Service/PermissionService.php
index 5fd657c37..32c0ed078 100644
--- a/lib/Service/PermissionService.php
+++ b/lib/Service/PermissionService.php
@@ -160,19 +160,19 @@ class PermissionService {
 			throw new NoPermissionException('Permission denied');
 		}
 
-		$permissions = $this->getPermissions($boardId, $userId);
-		if ($permissions[$permission] === true) {
-			if (!$allowDeletedCard && $mapper instanceof CardMapper) {
-				$card = $mapper->find($id);
-				if ($card->getDeletedAt() > 0) {
-					throw new NoPermissionException('Card is deleted');
+		try {
+			$permissions = $this->getPermissions($boardId, $userId);
+			if ($permissions[$permission] === true) {
+				if (!$allowDeletedCard && $mapper instanceof CardMapper) {
+					$card = $mapper->find($id);
+					if ($card->getDeletedAt() > 0) {
+						throw new NoPermissionException('Card is deleted');
+					}
 				}
+
+				return true;
 			}
 
-			return true;
-		}
-
-		try {
 			$acls = $this->getBoard((int)$boardId)->getAcl() ?? [];
 			$result = $this->userCan($acls, $permission, $userId);
 			if ($result) {
diff --git a/tests/unit/Service/PermissionServiceTest.php b/tests/unit/Service/PermissionServiceTest.php
index 0994a778e..1bf00c5f3 100644
--- a/tests/unit/Service/PermissionServiceTest.php
+++ b/tests/unit/Service/PermissionServiceTest.php
@@ -240,6 +240,8 @@ class PermissionServiceTest extends \Test\TestCase {
 			->method('sharingDisabledForUser')
 			->willReturn(false);
 
+		$this->aclMapper->method('findAll')->willReturn([]);
+
 		if ($result) {
 			$actual = $this->service->checkPermission($mapper, 1234, $permission);
 			$this->assertTrue($actual);
@@ -262,6 +264,8 @@ class PermissionServiceTest extends \Test\TestCase {
 			$this->boardMapper->expects($this->any())->method('find')->willReturn($board);
 		}
 
+		$this->aclMapper->method('findAll')->willReturn([]);
+
 		if ($result) {
 			$actual = $this->service->checkPermission($mapper, 1234, $permission);
 			$this->assertTrue($actual);