diff --git a/internal/auth/auth.go b/internal/auth/auth.go
index 6c1e629..d4a73ac 100644
--- a/internal/auth/auth.go
+++ b/internal/auth/auth.go
@@ -295,12 +295,11 @@ func (auth *Auth) ResourceAllowed(c *gin.Context, context types.UserContext) (bo
 	// Check if user is allowed
 	if len(labels.Users) != 0 {
 		log.Debug().Msg("Checking users")
-		if len(labels.Users) == 0 {
-			return true, nil
-		}
 		if slices.Contains(labels.Users, context.Username) {
 			return true, nil
 		}
+	} else {
+		return true, nil
 	}
 
 	// Not allowed