diff --git a/app/controllers/oer/endpoints.php b/app/controllers/oer/endpoints.php
index 8eb286fad1cd2e7df9a6930c3a360d4aa58b6575..70b8e5cd916212757276d615fb7cdf25d3e87006 100644
--- a/app/controllers/oer/endpoints.php
+++ b/app/controllers/oer/endpoints.php
@@ -5,6 +5,20 @@ class Oer_EndpointsController extends StudipController
 
     protected $with_session = true;  //we do need to have a session for this controller
 
+    public function before_filter(&$action, &$args)
+    {
+        parent::before_filter($action, $args);
+        if (
+            !Config::get()->OERCAMPUS_ENABLED
+            || (
+                Config::get()->OER_PUBLIC_STATUS !== 'nobody'
+                && !$GLOBALS['perm']->have_perm(Config::get()->OER_PUBLIC_STATUS)
+            )
+        ) {
+            throw new AccessDeniedException();
+        }
+    }
+
     public function index_action()
     {
         $this->controllerreflection = new ReflectionClass($this);