diff --git a/app/Http/Controllers/Api/AssetMaintenancesController.php b/app/Http/Controllers/Api/AssetMaintenancesController.php
index 50c96946071e..4a07ab86adff 100644
--- a/app/Http/Controllers/Api/AssetMaintenancesController.php
+++ b/app/Http/Controllers/Api/AssetMaintenancesController.php
@@ -33,6 +33,7 @@ class AssetMaintenancesController extends Controller
      */
     public function index(Request $request)
     {
+        $this->authorize('view', Asset::class);
         $maintenances = AssetMaintenance::with('asset', 'asset.model','asset.location', 'supplier', 'asset.company', 'admin');
 
         if ($request->filled('search')) {
@@ -101,6 +102,7 @@ public function index(Request $request)
      */
     public function store(Request $request)
     {
+        $this->authorize('edit', Asset::class);
         // create a new model instance
         $assetMaintenance = new AssetMaintenance();
         $assetMaintenance->supplier_id = $request->input('supplier_id');
@@ -153,6 +155,7 @@ public function store(Request $request)
      */
     public function update(Request $request, $assetMaintenanceId = null)
     {
+        $this->authorize('edit', Asset::class);
         // Check if the asset maintenance exists
         $assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);
 
@@ -216,6 +219,7 @@ public function update(Request $request, $assetMaintenanceId = null)
      */
     public function destroy($assetMaintenanceId)
     {
+        $this->authorize('edit', Asset::class);
         // Check if the asset maintenance exists
         $assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);
 
@@ -241,6 +245,7 @@ public function destroy($assetMaintenanceId)
      */
     public function show($assetMaintenanceId)
     {
+        $this->authorize('view', Asset::class);
         $assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);
         if (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
             return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot view a maintenance for that asset'));
diff --git a/app/Http/Controllers/AssetMaintenancesController.php b/app/Http/Controllers/AssetMaintenancesController.php
index 5700b5affb5d..a833cddd3461 100644
--- a/app/Http/Controllers/AssetMaintenancesController.php
+++ b/app/Http/Controllers/AssetMaintenancesController.php
@@ -50,6 +50,7 @@ private static function getInsufficientPermissionsRedirect()
     */
     public function index()
     {
+        $this->authorize('view', Asset::class);
         return view('asset_maintenances/index');
     }
 
@@ -66,6 +67,7 @@ public function index()
      */
     public function create()
     {
+        $this->authorize('edit', Asset::class);
         $asset = null;
 
         if ($asset = Asset::find(request('asset_id'))) {
@@ -96,6 +98,7 @@ public function create()
     */
     public function store(Request $request)
     {
+        $this->authorize('edit', Asset::class);
         // create a new model instance
         $assetMaintenance = new AssetMaintenance();
         $assetMaintenance->supplier_id = $request->input('supplier_id');
@@ -148,6 +151,7 @@ public function store(Request $request)
     */
     public function edit($assetMaintenanceId = null)
     {
+        $this->authorize('edit', Asset::class);
         // Check if the asset maintenance exists
         if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
             // Redirect to the improvement management page
@@ -200,6 +204,7 @@ public function edit($assetMaintenanceId = null)
      */
     public function update(Request $request, $assetMaintenanceId = null)
     {
+        $this->authorize('edit', Asset::class);
         // Check if the asset maintenance exists
         if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
             // Redirect to the asset maintenance management page
@@ -266,6 +271,7 @@ public function update(Request $request, $assetMaintenanceId = null)
     */
     public function destroy($assetMaintenanceId)
     {
+        $this->authorize('edit', Asset::class);
         // Check if the asset maintenance exists
         if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
             // Redirect to the asset maintenance management page
@@ -294,6 +300,8 @@ public function destroy($assetMaintenanceId)
     */
     public function show($assetMaintenanceId)
     {
+        $this->authorize('view', Asset::class);
+
         // Check if the asset maintenance exists
         if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
             // Redirect to the asset maintenance management page