diff --git a/lib/Service/StackService.php b/lib/Service/StackService.php
index 232dc6fc7..79f659eba 100644
--- a/lib/Service/StackService.php
+++ b/lib/Service/StackService.php
@@ -290,10 +290,13 @@ class StackService {
 			throw new BadRequestException('order must be a number');
 		}
 
-		$this->permissionService->checkPermission($this->stackMapper, $boardId, Acl::PERMISSION_MANAGE);
-		if ($this->boardService->isArchived($this->stackMapper, $boardId)) {
+		$this->permissionService->checkPermission($this->stackMapper, $id, Acl::PERMISSION_MANAGE);
+		$this->permissionService->checkPermission($this->boardMapper, $boardId, Acl::PERMISSION_MANAGE);
+
+		if ($this->boardService->isArchived($this->stackMapper, $id)) {
 			throw new StatusException('Operation not allowed. This board is archived.');
 		}
+
 		$stack = $this->stackMapper->find($id);
 		$changes = new ChangeSet($stack);
 		$stack->setTitle($title);
diff --git a/tests/unit/Service/StackServiceTest.php b/tests/unit/Service/StackServiceTest.php
index 79e04eca3..913a74f69 100644
--- a/tests/unit/Service/StackServiceTest.php
+++ b/tests/unit/Service/StackServiceTest.php
@@ -195,7 +195,7 @@ class StackServiceTest extends TestCase {
 	}
 
 	public function testUpdate() {
-		$this->permissionService->expects($this->once())->method('checkPermission');
+		$this->permissionService->expects($this->exactly(2))->method('checkPermission');
 		$stack = new Stack();
 		$this->stackMapper->expects($this->once())->method('find')->willReturn($stack);
 		$this->stackMapper->expects($this->once())->method('update')->willReturn($stack);