diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb
index 2d0f0f5cd..cbe9fc890 100644
--- a/app/controllers/projects_controller.rb
+++ b/app/controllers/projects_controller.rb
@@ -22,7 +22,7 @@ class ProjectsController < ApplicationController
     menu.append(menu_hash_by_name("devops")) if @project.has_menu_permission("devops") && @project.forge?
     menu.append(menu_hash_by_name("versions")) if @project.has_menu_permission("versions")
     menu.append(menu_hash_by_name("wiki")) if @project.has_menu_permission("wiki") && @project.forge?
-    menu.append(menu_hash_by_name("services")) if @project.has_menu_permission("services") && @project.forge?
+    menu.append(menu_hash_by_name("services")) if @project.has_menu_permission("services") && @project.forge? && @project.member(current_user.id)
     menu.append(menu_hash_by_name("resources")) if @project.has_menu_permission("resources") && @project.forge?
     menu.append(menu_hash_by_name("activity"))
     menu.append(menu_hash_by_name("settings")) if user_is_admin && @project.forge?
diff --git a/app/controllers/traces/projects_controller.rb b/app/controllers/traces/projects_controller.rb
index b3c2ef66a..41200e411 100644
--- a/app/controllers/traces/projects_controller.rb
+++ b/app/controllers/traces/projects_controller.rb
@@ -3,7 +3,7 @@ class Traces::ProjectsController < Traces::BaseController
 
   before_action :require_login
   before_action :load_project
-  # before_action :authorizate_user_can_edit_project!
+  before_action :authorizate_user_can_edit_project!, except: [:task_results]
 
   def tasks 
     branch_name = params[:branch_name]