diff --git a/app/controllers/teams_controller.rb b/app/controllers/teams_controller.rb
index 67364efb4..2c51b9382 100644
--- a/app/controllers/teams_controller.rb
+++ b/app/controllers/teams_controller.rb
@@ -314,7 +314,7 @@ class TeamsController < ApplicationController
     if export_projects_params[:project_ids]
       projects = Project.where(id: export_projects_params[:project_ids])
       projects.each do |project|
-        render_403 unless can_read_project?(current_user, project)
+        render_403 unless can_export_project?(current_user, project)
       end
     end
   end
diff --git a/app/permissions/project.rb b/app/permissions/project.rb
index 74ec68e18..3747d438c 100644
--- a/app/permissions/project.rb
+++ b/app/permissions/project.rb
@@ -12,13 +12,27 @@ Canaid::Permissions.register_for(Project) do
     end
   end
 
+  %i(read_project
+     export_project)
+    .each do |perm|
+    can perm do |user, project|
+      user.is_member_of_project?(project) ||
+        user.is_admin_of_team?(project.team) ||
+        (project.visible? && user.is_member_of_team?(project.team))
+    end
+  end
   # project: read, read activities, read comments, read users, read archive,
   #          read notifications
   # reports: read
-  can :read_project do |user, project|
-    user.is_member_of_project?(project) ||
-      user.is_admin_of_team?(project.team) ||
-      (project.visible? && user.is_member_of_team?(project.team))
+  can :read_project do |_, _|
+    # Already checked by the wrapper
+    true
+  end
+
+  # team: export projects
+  can :export_project do |_, _|
+    # Already checked by the wrapper
+    true
   end
 
   # project: update/delete, assign/reassign/unassign users