diff --git a/lib/Service/ApprovalService.php b/lib/Service/ApprovalService.php
index 87669e69..3da891c3 100644
--- a/lib/Service/ApprovalService.php
+++ b/lib/Service/ApprovalService.php
@@ -78,6 +78,10 @@ public function getBasicUserRules(string $userId, string $role): array {
 	 * @return array
 	 */
 	public function getUserRules(string $userId, string $role = 'requesters', ?int $fileId = null): array {
+		if ($fileId !== null && !$this->utilsService->userHasAccessTo($fileId, $userId)) {
+			throw new \InvalidArgumentException('File not found');
+		}
+
 		$userRules = [];
 		$rules = $this->ruleService->getRules();