diff --git a/app/controllers/api/v1/inventory_cells_controller.rb b/app/controllers/api/v1/inventory_cells_controller.rb
index 27303ec6a..1c8d4935f 100644
--- a/app/controllers/api/v1/inventory_cells_controller.rb
+++ b/app/controllers/api/v1/inventory_cells_controller.rb
@@ -60,9 +60,7 @@ module Api
       end
 
       def check_manage_permissions
-        unless can_manage_repository_rows?(@team)
-          raise PermissionError.new(RepositoryRow, :manage)
-        end
+        raise PermissionError.new(RepositoryRow, :manage) unless can_manage_repository_rows?(@inventory)
       end
 
       def inventory_cell_params
diff --git a/app/controllers/api/v1/inventory_columns_controller.rb b/app/controllers/api/v1/inventory_columns_controller.rb
index 4548129fc..a98316e04 100644
--- a/app/controllers/api/v1/inventory_columns_controller.rb
+++ b/app/controllers/api/v1/inventory_columns_controller.rb
@@ -61,9 +61,7 @@ module Api
       end
 
       def check_create_permissions
-        unless can_create_repository_columns?(@inventory.team)
-          raise PermissionError.new(RepositoryColumn, :create)
-        end
+        raise PermissionError.new(RepositoryColumn, :create) unless can_create_repository_columns?(@inventory)
       end
 
       def inventory_column_params
diff --git a/app/controllers/api/v1/inventory_items_controller.rb b/app/controllers/api/v1/inventory_items_controller.rb
index 131a8f8e1..fa594697e 100644
--- a/app/controllers/api/v1/inventory_items_controller.rb
+++ b/app/controllers/api/v1/inventory_items_controller.rb
@@ -97,9 +97,7 @@ module Api
       private
 
       def check_manage_permissions
-        unless can_manage_repository_rows?(@team)
-          raise PermissionError.new(RepositoryItem, :manage)
-        end
+        raise PermissionError.new(RepositoryItem, :manage) unless can_manage_repository_rows?(@inventory)
       end
 
       def inventory_item_params
diff --git a/app/controllers/assets_controller.rb b/app/controllers/assets_controller.rb
index f18cd027f..3ee323629 100644
--- a/app/controllers/assets_controller.rb
+++ b/app/controllers/assets_controller.rb
@@ -60,7 +60,7 @@ class AssetsController < ApplicationController
                elsif @assoc.class == Result
                  can_manage_module?(@my_module)
                elsif @assoc.class == RepositoryCell
-                 can_manage_repository_rows?(@repository.team)
+                 can_manage_repository_rows?(@repository)
                end
 
     if @asset.is_image?
@@ -309,7 +309,7 @@ class AssetsController < ApplicationController
     elsif @assoc.class == Result
       render_403 and return unless can_manage_module?(@my_module)
     elsif @assoc.class == RepositoryCell
-      render_403 and return unless can_manage_repository_rows?(@repository.team)
+      render_403 and return unless can_manage_repository_rows?(@repository)
     end
   end
 
diff --git a/app/controllers/repository_columns_controller.rb b/app/controllers/repository_columns_controller.rb
index acb411338..3c10cae99 100644
--- a/app/controllers/repository_columns_controller.rb
+++ b/app/controllers/repository_columns_controller.rb
@@ -195,7 +195,7 @@ class RepositoryColumnsController < ApplicationController
   end
 
   def check_create_permissions
-    render_403 unless can_create_repository_columns?(@repository.team)
+    render_403 unless can_create_repository_columns?(@repository)
   end
 
   def check_manage_permissions
diff --git a/app/controllers/repository_list_items_controller.rb b/app/controllers/repository_list_items_controller.rb
index 2eeb20366..30bc851e7 100644
--- a/app/controllers/repository_list_items_controller.rb
+++ b/app/controllers/repository_list_items_controller.rb
@@ -23,6 +23,6 @@ class RepositoryListItemsController < ApplicationController
     unless @repository_column&.data_type == 'RepositoryListValue'
       render_404 and return
     end
-    render_403 unless can_manage_repository_rows?(repository.team)
+    render_403 unless can_manage_repository_rows?(repository)
   end
 end
diff --git a/app/controllers/repository_rows_controller.rb b/app/controllers/repository_rows_controller.rb
index be64f771d..33d8e6a93 100644
--- a/app/controllers/repository_rows_controller.rb
+++ b/app/controllers/repository_rows_controller.rb
@@ -274,11 +274,10 @@ class RepositoryRowsController < ApplicationController
     if selected_params
       selected_params.each do |row_id|
         row = @repository.repository_rows.find_by_id(row_id)
-        if row && can_manage_repository_rows?(@repository.team)
-          log_activity(:delete_item_inventory, row)
+        next unless row && can_manage_repository_rows?(@repository)
 
-          row.destroy && deleted_count += 1
-        end
+        log_activity(:delete_item_inventory, row)
+        row.destroy && deleted_count += 1
       end
       if deleted_count.zero?
         flash = t('repositories.destroy.no_deleted_records_flash',
@@ -365,11 +364,11 @@ class RepositoryRowsController < ApplicationController
   end
 
   def check_create_permissions
-    render_403 unless can_create_repository_rows?(@repository.team)
+    render_403 unless can_create_repository_rows?(@repository)
   end
 
   def check_manage_permissions
-    render_403 unless can_manage_repository_rows?(@repository.team)
+    render_403 unless can_manage_repository_rows?(@repository)
   end
 
   def record_params
diff --git a/app/controllers/wopi_controller.rb b/app/controllers/wopi_controller.rb
index 183403aef..1df8d611c 100644
--- a/app/controllers/wopi_controller.rb
+++ b/app/controllers/wopi_controller.rb
@@ -367,6 +367,6 @@ class WopiController < ActionController::Base
 
   # Overwrriten in electronic signature for locked inventory items
   def can_edit_wopi_file_in_repository_rows?
-    can_manage_repository_rows?(@team)
+    can_manage_repository_rows?(@repository)
   end
 end
diff --git a/app/helpers/repository_datatable_helper.rb b/app/helpers/repository_datatable_helper.rb
index 0859f5338..7f1a421df 100644
--- a/app/helpers/repository_datatable_helper.rb
+++ b/app/helpers/repository_datatable_helper.rb
@@ -62,10 +62,9 @@ module RepositoryDatatableHelper
   end
 
   def can_perform_repository_actions(repository)
-    team = repository.team
     can_manage_repository?(repository) ||
-      can_create_repositories?(team) ||
-      can_manage_repository_rows?(team)
+      can_create_repositories?(repository.team) ||
+      can_manage_repository_rows?(repository)
   end
 
   # The order must be converted from Ruby Hash into a JS array -
diff --git a/app/models/repository.rb b/app/models/repository.rb
index 806edb824..f8f2cf903 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -8,7 +8,7 @@ class Repository < ApplicationRecord
 
   attribute :discarded_by_id, :integer
 
-  belongs_to :team, optional: true
+  belongs_to :team
   belongs_to :created_by, foreign_key: :created_by_id, class_name: 'User'
   has_many :repository_columns, dependent: :destroy
   has_many :repository_rows, dependent: :destroy
diff --git a/app/permissions/repository.rb b/app/permissions/repository.rb
new file mode 100644
index 000000000..45aad6c55
--- /dev/null
+++ b/app/permissions/repository.rb
@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+Canaid::Permissions.register_for(Repository) do
+  # repository: update, delete
+  can :manage_repository do |user, repository|
+    user.is_admin_of_team?(repository.team)
+  end
+
+  # repository: create/import record
+  can :create_repository_rows do |user, repository|
+    if user.teams.include?(repository.team)
+      user.is_normal_user_or_admin_of_team?(repository.team)
+    elsif (write_team_repos = repository
+                                .team_repositories
+                                .where(team_id: user.teams.pluck(:id))
+                                .where(permission_level: :write)).any?
+      # When has some repository's relations with write permissions for at least one of user's teams.
+
+      user.is_normal_user_or_admin_of_team?(write_team_repos.first.team)
+    else
+      false
+    end
+  end
+
+  # repository: update/delete records
+  can :manage_repository_rows do |user, repository|
+    can_create_repository_rows?(user, repository)
+  end
+
+  # repository: create field
+  can :create_repository_columns do |user, repository|
+    can_create_repository_rows?(user, repository)
+  end
+end
diff --git a/app/permissions/repository_column.rb b/app/permissions/repository_column.rb
new file mode 100644
index 000000000..b1af4ecf3
--- /dev/null
+++ b/app/permissions/repository_column.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+Canaid::Permissions.register_for(RepositoryColumn) do
+  # repository: update/delete field
+  # Tested in scope of RepositoryPermissions spec
+  can :manage_repository_column do |user, repository_column|
+    can_create_repository_columns?(user, repository_column.repository)
+  end
+end
diff --git a/app/permissions/team.rb b/app/permissions/team.rb
index 06753024f..009d42154 100644
--- a/app/permissions/team.rb
+++ b/app/permissions/team.rb
@@ -47,21 +47,6 @@ Canaid::Permissions.register_for(Team) do
       team.repositories.count < Rails.configuration.x.repositories_limit
   end
 
-  # repository: create/import record
-  can :create_repository_rows do |user, team|
-    user.is_normal_user_or_admin_of_team?(team)
-  end
-
-  # repository: update/delete records
-  can :manage_repository_rows do |user, team|
-    user.is_normal_user_or_admin_of_team?(team)
-  end
-
-  # repository: create field
-  can :create_repository_columns do |user, team|
-    user.is_normal_user_or_admin_of_team?(team)
-  end
-
   # this permission is scattered around the application
   # if you want to make changes here keep in mind to check/change the
   # SQL view that lists reports in index page:
@@ -116,17 +101,3 @@ Canaid::Permissions.register_for(CustomField) do
     can_create_sample_columns?(user, custom_field.team)
   end
 end
-
-Canaid::Permissions.register_for(Repository) do
-  # repository: update, delete
-  can :manage_repository do |user, repository|
-    user.is_admin_of_team?(repository.team)
-  end
-end
-
-Canaid::Permissions.register_for(RepositoryColumn) do
-  # repository: update/delete field
-  can :manage_repository_column do |user, repository_column|
-    can_create_repository_columns?(user, repository_column.repository.team)
-  end
-end
diff --git a/app/services/report_actions/save_pdf_to_inventory_item.rb b/app/services/report_actions/save_pdf_to_inventory_item.rb
index 6d7d0bd81..9544d320f 100644
--- a/app/services/report_actions/save_pdf_to_inventory_item.rb
+++ b/app/services/report_actions/save_pdf_to_inventory_item.rb
@@ -33,7 +33,7 @@ module ReportActions
       @repository        = load_repository
       @repository_column = load_repository_column
       @repository_item   = load_repository_item
-      unless can_create_repository_rows?(@user, @repository.team)
+      unless can_create_repository_rows?(@user, @repository)
         raise ReportActions::RepositoryPermissionError,
                 I18n.t('projects.reports.new.no_permissions')
       end
diff --git a/app/views/repositories/show.html.erb b/app/views/repositories/show.html.erb
index 96265eb42..bbf844a62 100644
--- a/app/views/repositories/show.html.erb
+++ b/app/views/repositories/show.html.erb
@@ -12,7 +12,7 @@
 <div class="content-pane">
   <div id="repository-toolbar">
 
-    <% if can_create_repository_rows?(@repository.team) %>
+    <% if can_create_repository_rows?(@repository) %>
       <button type="button" class="btn btn-primary editAdd help_tooltips"
               id="addRepositoryRecord" onclick="onClickAddRecord()"
               data-tooltiplink="<%= I18n.t('tooltips.link.inventory.new') %>"
@@ -40,13 +40,13 @@
             <li class="dropdown-header">
               <%= t("repositories.index.options_dropdown.header") %>
             </li>
-            <% if can_create_repository_columns?(@repository.team) %>
+            <% if can_create_repository_columns?(@repository) %>
               <li>
                 <%= link_to t('repositories.index.options_dropdown.manage_columns'),
                             repository_repository_columns_path(@repository) %>
               </li>
             <% end %>
-            <% if can_create_repository_rows?(@repository.team) %>
+            <% if can_create_repository_rows?(@repository) %>
             <li>
               <a href="#" id="importRecordsButton" data-turbolinks="false">
                 <%= t('repositories.index.options_dropdown.import_items') %>
@@ -119,7 +119,7 @@
 
   <!-- These buttons are appended to table in javascript, after table initialization -->
   <div class="toolbarButtons" style="display:none">
-    <% if can_manage_repository_rows?(@repository.team) %>
+    <% if can_manage_repository_rows?(@repository) %>
       <button type="button" class="btn btn-default editAdd" id="editRepositoryRecord" onclick="onClickEdit()" disabled>
         <span class="fas fa-pencil-alt"></span>
         <span class="hidden-xs-custom"><%= t("repositories.edit_record") %></span>
diff --git a/spec/permissions/repositroy_permissions_spec.rb b/spec/permissions/repositroy_permissions_spec.rb
new file mode 100644
index 000000000..225e1c6ff
--- /dev/null
+++ b/spec/permissions/repositroy_permissions_spec.rb
@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe 'RepositoryPermissions' do
+  include Canaid::Helpers::PermissionsHelper
+
+  let(:user) { create :user }
+  let(:repository) { build :repository, team: team }
+  let(:team) { create :team }
+
+  describe 'create_repository_rows, manage_repository_rows, create_repository_columns' do
+    context 'when team\'s repositroy' do
+      it 'should be true for admin' do
+        create :user_team, :admin, user: user, team: team
+
+        expect(can_create_repository_rows?(user, repository)).to be_truthy
+      end
+
+      it 'should be true for normal_user' do
+        create :user_team, :normal_user, user: user, team: team
+
+        expect(can_create_repository_rows?(user, repository)).to be_truthy
+      end
+
+      it 'should be false for guest' do
+        create :user_team, :guest, user: user, team: team
+
+        expect(can_create_repository_rows?(user, repository)).to be_falsey
+      end
+    end
+
+    context 'when shared repository' do
+      let(:new_team) { create :team }
+      let(:new_repository) { create :repository, team: new_team }
+
+      it 'should be true when have sharred repo with write' do
+        create :user_team, :normal_user, user: user, team: team
+        create :team_repository, :write, team: team, repository: new_repository
+
+        expect(can_create_repository_rows?(user, new_repository)).to be_truthy
+      end
+
+      it 'should be false when have sharred repo with read' do
+        create :user_team, :normal_user, user: user, team: team
+        create :team_repository, :read, team: team, repository: new_repository
+
+        expect(can_create_repository_rows?(user, new_repository)).to be_falsey
+      end
+
+      it 'should be false when do not have sharred repo' do
+        create :user_team, :normal_user, user: user, team: team
+        create :team_repository, :read, team: team
+
+        expect(can_create_repository_rows?(user, new_repository)).to be_falsey
+      end
+
+      it 'should be false when have sharred repo with write but user is guest' do
+        create :user_team, :guest, user: user, team: team
+        create :team_repository, :write, team: team, repository: new_repository
+
+        expect(can_create_repository_rows?(user, new_repository)).to be_falsey
+      end
+    end
+  end
+end