diff --git a/alembic/versions/ad30159ef19b_add_view_workspace_members_permission.py b/alembic/versions/ad30159ef19b_add_view_workspace_members_permission.py
index de5546c1..59f7c3dc 100644
--- a/alembic/versions/ad30159ef19b_add_view_workspace_members_permission.py
+++ b/alembic/versions/ad30159ef19b_add_view_workspace_members_permission.py
@@ -22,24 +22,32 @@ def upgrade():
 
     session = Session(bind=op.get_bind())
 
-    owner_role = session.query(Role).filter_by(name="owner").one()
-    owner_role.add_permission(Permissions.VIEW_WORKSPACE_MEMBERS)
+    all_roles_but_default = session.query(Role).filter(Role.name != "default").all()
+    for role in all_roles_but_default:
+        role.add_permission(Permissions.VIEW_WORKSPACE)
+        session.add(role)
 
-    ccpo_role = session.query(Role).filter_by(name="ccpo").one()
-    ccpo_role.add_permission(Permissions.VIEW_WORKSPACE_MEMBERS)
+    owner_and_ccpo = session.query(Role).filter(Role.name.in_(["owner", "ccpo"])).all()
+    for role in owner_and_ccpo:
+        role.add_permission(Permissions.VIEW_WORKSPACE_MEMBERS)
+        session.add(role)
 
-    session.add_all((ccpo_role, owner_role))
+    session.flush()
     session.commit()
 
 
 def downgrade():
     session = Session(bind=op.get_bind())
 
-    owner_role = session.query(Role).filter_by(name="owner").one()
-    owner_role.remove_permission(Permissions.VIEW_WORKSPACE_MEMBERS)
+    all_roles_but_default = session.query(Role).filter(Role.name != "default").all()
+    for role in all_roles_but_default:
+        role.remove_permission(Permissions.VIEW_WORKSPACE)
+        session.add(role)
 
-    ccpo_role = session.query(Role).filter_by(name="ccpo").one()
-    ccpo_role.remove_permission(Permissions.VIEW_WORKSPACE_MEMBERS)
+    owner_and_ccpo = session.query(Role).filter(Role.name.in_(["owner", "ccpo"])).all()
+    for role in owner_and_ccpo:
+        role.remove_permission(Permissions.VIEW_WORKSPACE_MEMBERS)
+        session.add(role)
 
-    session.add_all((ccpo_role, owner_role))
+    session.flush()
     session.commit()
diff --git a/atst/domain/workspaces.py b/atst/domain/workspaces.py
index c1af06ea..50c44695 100644
--- a/atst/domain/workspaces.py
+++ b/atst/domain/workspaces.py
@@ -30,7 +30,7 @@ class Workspaces(object):
         except NoResultFound:
             raise NotFoundError("workspace")
 
-        if not Authorization.is_in_workspace(user, workspace):
+        if not Authorization.has_workspace_permission(user, workspace, Permissions.VIEW_WORKSPACE):
             raise UnauthorizedError(user, "get workspace")
 
         return workspace
diff --git a/atst/models/permissions.py b/atst/models/permissions.py
index 23adcf55..c39d5b71 100644
--- a/atst/models/permissions.py
+++ b/atst/models/permissions.py
@@ -24,6 +24,7 @@ class Permissions(object):
     VIEW_ATAT_PERMISSIONS = "view_atat_permissions"
     TRANSFER_OWNERSHIP_OF_WORKSPACE = "transfer_ownership_of_workspace"
     VIEW_WORKSPACE_MEMBERS = "view_workspace_members"
+    VIEW_WORKSPACE = "view_workspace"
 
     ADD_APPLICATION_IN_WORKSPACE = "add_application_in_workspace"
     DELETE_APPLICATION_IN_WORKSPACE = "delete_application_in_workspace"