diff --git a/app/Http/Controllers/Accessories/AccessoriesFilesController.php b/app/Http/Controllers/Accessories/AccessoriesFilesController.php
index cc6dcfb97f..ef701020d8 100644
--- a/app/Http/Controllers/Accessories/AccessoriesFilesController.php
+++ b/app/Http/Controllers/Accessories/AccessoriesFilesController.php
@@ -27,10 +27,16 @@ class AccessoriesFilesController extends Controller
      */
     public function store(AssetFileRequest $request, $accessoryId = null)
     {
+
+        if (config('app.lock_passwords')) {
+            return redirect()->route('accessories.show', ['accessory'=>$accessoryId])->with('error', trans('general.feature_disabled'));
+        }
+
+
         $accessory = Accessory::find($accessoryId);
 
         if (isset($accessory->id)) {
-            $this->authorize('update', $accessory);
+            $this->authorize('accessories.files', $accessory);
 
             if ($request->hasFile('file')) {
                 if (! Storage::exists('private_uploads/accessories')) {
@@ -129,9 +135,12 @@ class AccessoriesFilesController extends Controller
      */
     public function show($accessoryId = null, $fileId = null, $download = true)
     {
+
         \Log::debug('Private filesystem is: '.config('filesystems.default'));
         $accessory = Accessory::find($accessoryId);
 
+
+
         // the accessory is valid
         if (isset($accessory->id)) {
             $this->authorize('view', $accessory);
diff --git a/app/Http/Controllers/Components/ComponentsFilesController.php b/app/Http/Controllers/Components/ComponentsFilesController.php
index d9f59f1d90..3fc93b74e5 100644
--- a/app/Http/Controllers/Components/ComponentsFilesController.php
+++ b/app/Http/Controllers/Components/ComponentsFilesController.php
@@ -27,6 +27,11 @@ class ComponentsFilesController extends Controller
      */
     public function store(AssetFileRequest $request, $componentId = null)
     {
+
+        if (config('app.lock_passwords')) {
+            return redirect()->route('components.show', ['component'=>$componentId])->with('error', trans('general.feature_disabled'));
+        }
+
         $component = Component::find($componentId);
 
         if (isset($component->id)) {
diff --git a/app/Http/Controllers/Consumables/ConsumablesFilesController.php b/app/Http/Controllers/Consumables/ConsumablesFilesController.php
index 51c0d3bf8c..9b4007a43b 100644
--- a/app/Http/Controllers/Consumables/ConsumablesFilesController.php
+++ b/app/Http/Controllers/Consumables/ConsumablesFilesController.php
@@ -27,6 +27,10 @@ class ConsumablesFilesController extends Controller
      */
     public function store(AssetFileRequest $request, $consumableId = null)
     {
+        if (config('app.lock_passwords')) {
+            return redirect()->route('consumables.show', ['consumable'=>$consumableId])->with('error', trans('general.feature_disabled'));
+        }
+
         $consumable = Consumable::find($consumableId);
 
         if (isset($consumable->id)) {