diff --git a/atst/domain/authz.py b/atst/domain/authz.py
index 08f7ac21..506970b8 100644
--- a/atst/domain/authz.py
+++ b/atst/domain/authz.py
@@ -6,3 +6,7 @@ class Authorization(object):
     def has_workspace_permission(cls, user, workspace, permission):
         workspace_user = WorkspaceUsers.get(workspace.id, user.id)
         return permission in workspace_user.permissions()
+
+    @classmethod
+    def is_in_workspace(cls, user, workspace):
+        return user in workspace.users
diff --git a/atst/domain/workspaces.py b/atst/domain/workspaces.py
index ebede1f1..83f729f6 100644
--- a/atst/domain/workspaces.py
+++ b/atst/domain/workspaces.py
@@ -39,7 +39,7 @@ class Workspaces(object):
         except NoResultFound:
             raise NotFoundError("workspace")
 
-        if user not in workspace.users:
+        if not Authorization.is_in_workspace(user, workspace):
             raise UnauthorizedError(user, "get workspace")
 
         return workspace