diff --git a/src/applications/base/controller/PhabricatorController.php b/src/applications/base/controller/PhabricatorController.php
index 245cb3d8a9..19131f4e31 100644
--- a/src/applications/base/controller/PhabricatorController.php
+++ b/src/applications/base/controller/PhabricatorController.php
@@ -122,6 +122,17 @@ abstract class PhabricatorController extends AphrontController {
       return new Aphront403Response();
     }
 
+    // If the user doesn't have access to the application, don't let them use
+    // any of its controllers. We query the application in order to generate
+    // a policy exception if the viewer doesn't have permission.
+    $application = $this->getCurrentApplication();
+    if ($application) {
+      id(new PhabricatorApplicationQuery())
+        ->setViewer($user)
+        ->withPHIDs(array($application->getPHID()))
+        ->executeOne();
+    }
+
   }
 
   public function buildStandardPageView() {
diff --git a/src/applications/directory/controller/PhabricatorDirectoryController.php b/src/applications/directory/controller/PhabricatorDirectoryController.php
index bdf85b43db..07df8c8589 100644
--- a/src/applications/directory/controller/PhabricatorDirectoryController.php
+++ b/src/applications/directory/controller/PhabricatorDirectoryController.php
@@ -21,7 +21,10 @@ abstract class PhabricatorDirectoryController extends PhabricatorController {
     $nav = new AphrontSideNavFilterView();
     $nav->setBaseURI(new PhutilURI('/'));
 
-    $applications = PhabricatorApplication::getAllInstalledApplications();
+    $applications = id(new PhabricatorApplicationQuery())
+      ->setViewer($user)
+      ->withInstalled(true)
+      ->execute();
 
     foreach ($applications as $key => $application) {
       if (!$application->shouldAppearInLaunchView()) {