diff --git a/backend/src/entities/table-actions/table-action-rules-module/action-rules.controller.ts b/backend/src/entities/table-actions/table-action-rules-module/action-rules.controller.ts
index f4e5917c3..c64ec09ac 100644
--- a/backend/src/entities/table-actions/table-action-rules-module/action-rules.controller.ts
+++ b/backend/src/entities/table-actions/table-action-rules-module/action-rules.controller.ts
@@ -237,7 +237,7 @@ export class ActionRulesController {
     isArray: true,
   })
   @ApiBody({ type: Object })
-  @UseGuards(ConnectionReadGuard)
+  // @UseGuards(ConnectionReadGuard)
   @Post('/event/actions/activate/:eventId/:connectionId')
   async activateTableActionsInRule(
     @SlugUuid('connectionId') connectionId: string,
diff --git a/backend/src/entities/table-actions/table-action-rules-module/use-cases/activate-actions-in-rule.use.case.ts b/backend/src/entities/table-actions/table-action-rules-module/use-cases/activate-actions-in-rule.use.case.ts
index 83419e940..1c41424ab 100644
--- a/backend/src/entities/table-actions/table-action-rules-module/use-cases/activate-actions-in-rule.use.case.ts
+++ b/backend/src/entities/table-actions/table-action-rules-module/use-cases/activate-actions-in-rule.use.case.ts
@@ -1,4 +1,4 @@
-import { HttpException, HttpStatus, Inject, Injectable } from '@nestjs/common';
+import { ForbiddenException, HttpException, HttpStatus, Inject, Injectable } from '@nestjs/common';
 import AbstractUseCase from '../../../../common/abstract-use.case.js';
 import { IActivateTableActionsInRule } from './action-rules-use-cases.interface.js';
 import { ActivatedTableActionsDTO } from '../application/dto/activated-table-actions.dto.js';
@@ -44,6 +44,11 @@ export class ActivateActionsInEventUseCase
       );
     }
     const tableName = foundActionsWithCustomEvents[0].action_rule.table_name;
+    const canUserReadTable = await this._dbContext.userAccessRepository.checkTableRead(userId, connectionId, tableName, masterPwd);
+    if (!canUserReadTable) {
+      throw new ForbiddenException(Messages.DONT_HAVE_PERMISSIONS);
+    }
+
     const foundConnection = await this._dbContext.connectionRepository.findAndDecryptConnection(
       connectionId,
       masterPwd,