diff --git a/app/models/ability.rb b/app/models/ability.rb
index 495fa8725..a297d5934 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -15,7 +15,6 @@ class Ability
     # Shared rights between guests and registered users
     can [:show, :archive], Project, :visibility => 'open'
     can :get_id,  Project, :visibility => 'open' # api
-    can :archive, Project, :visibility => 'open'
     can(:refs_list, Project) {|project| can? :show, project}
     can :read, Issue, :project => {:visibility => 'open'}
     can [:read, :commits, :files], PullRequest, :to_project => {:visibility => 'open'}
diff --git a/spec/controllers/projects/git/git_trees_controller_spec.rb b/spec/controllers/projects/git/git_trees_controller_spec.rb
index ee39e53b9..f2eb72079 100644
--- a/spec/controllers/projects/git/git_trees_controller_spec.rb
+++ b/spec/controllers/projects/git/git_trees_controller_spec.rb
@@ -7,7 +7,6 @@ describe Projects::Git::TreesController do
     stub_symlink_methods
 
     @project = FactoryGirl.create(:project)
-    @another_user = FactoryGirl.create(:user)
     @params = { :owner_name => @project.owner.uname,
                 :project_name => @project.name,
                 :treeish => "#{@project.name}-master"}
@@ -37,6 +36,17 @@ describe Projects::Git::TreesController do
       get :archive, @params.merge(:format => 'tar.gz')
       response.code.should == '401'
     end
+
+    it 'should not be able to perform destroy action' do
+      delete :destroy, @params.merge(:treeish => 'master')
+      response.should_not be_success
+    end
+
+    it 'should not be able to perform restore_branch action' do
+      put :restore_branch, @params.merge(:treeish => 'master')
+      response.should_not be_success
+    end
+
   end
 
   context 'for other user' do
@@ -60,6 +70,16 @@ describe Projects::Git::TreesController do
       response.should be_success
     end
 
+    it 'should not be able to perform destroy action' do
+      delete :destroy, @params.merge(:treeish => 'master')
+      response.should_not be_success
+    end
+
+    it 'should not be able to perform restore_branch action' do
+      put :restore_branch, @params.merge(:treeish => 'master')
+      response.should_not be_success
+    end
+
     [:tags, :branches].each do |action|
       it "should be able to perform #{action} action" do
         get action, @params.merge(:treeish => 'master')
@@ -68,5 +88,28 @@ describe Projects::Git::TreesController do
     end
   end
 
+  context 'for writer user' do
+    before(:each) do
+      user = FactoryGirl.create(:user)
+      @project.relations.create!(:actor_type => 'User', :actor_id => user.id, :role => 'writer')
+      set_session_for user
+    end
+
+    it 'should be able to perform destroy action' do
+      delete :destroy, @params.merge(:treeish => 'conflicts')
+      response.should be_success
+    end
+
+    it 'should not be able to perform destroy action for master branch' do
+      delete :destroy, @params.merge(:treeish => 'master')
+      response.should_not be_success
+    end
+
+    it 'should be able to perform restore_branch action' do
+      put :restore_branch, @params.merge(:treeish => 'conflicts')
+      response.should be_success
+    end
+  end
+
   after(:all) {clean_projects_dir}
 end