diff --git a/extensions/tags/src/Access/DiscussionPolicy.php b/extensions/tags/src/Access/DiscussionPolicy.php
index 7b0d79901..4ec17d204 100755
--- a/extensions/tags/src/Access/DiscussionPolicy.php
+++ b/extensions/tags/src/Access/DiscussionPolicy.php
@@ -62,10 +62,8 @@ class DiscussionPolicy extends AbstractPolicy
     {
         // Wrap all discussion permission checks with some logic pertaining to
         // the discussion's tags. If the discussion has a tag that has been
-        // restricted, and the user has this permission for that tag, then they
-        // are allowed. If the discussion only has tags that have been
-        // restricted, then the user *must* have permission for at least one of
-        // them.
+        // restricted, the user must have the permission for that tag. If all of
+        // the discussion's tags are restricted, then ignore global permissions.
         $tags = $discussion->tags;
 
         if (count($tags)) {
@@ -73,8 +71,8 @@ class DiscussionPolicy extends AbstractPolicy
 
             foreach ($tags as $tag) {
                 if ($tag->is_restricted) {
-                    if ($actor->hasPermission('tag'.$tag->id.'.discussion.'.$ability)) {
-                        return true;
+                    if (! $actor->hasPermission('tag'.$tag->id.'.discussion.'.$ability)) {
+                        return false;
                     }
                 } else {
                     $restricted = false;
@@ -82,7 +80,7 @@ class DiscussionPolicy extends AbstractPolicy
             }
 
             if ($restricted) {
-                return false;
+                return true;
             }
         }
     }