diff --git a/app/controllers/task.js b/app/controllers/task.js
index a3e0860..51dcb6a 100644
--- a/app/controllers/task.js
+++ b/app/controllers/task.js
@@ -44,7 +44,9 @@ export default class TaskController extends SiteController {
     });
 
     async function checkTaskOwnership (req, res, next) {
-      res.locals.manager = res.locals.task.project.managers.find((manager) => manager._id.equals(req.user._id));
+      if (Array.isArray(res.locals.task.project.managers) && (res.locals.task.project.managers.length > 0)) {
+        res.locals.manager = res.locals.task.project.managers.find((manager) => manager._id.equals(req.user._id));
+      }
       if (!res.locals.manager && !res.locals.task.user._id.equals(req.user._id)) {
         return next(new SiteError(401, 'This is not your task'));
       }
@@ -52,7 +54,9 @@ export default class TaskController extends SiteController {
     }
 
     async function checkSessionOwnership (req, res, next) {
-      res.locals.manager = res.locals.task.project.managers.find((manager) => manager._id.equals(req.user._id));
+      if (Array.isArray(res.locals.task.project.managers) && (res.locals.task.project.managers.length > 0)) {
+        res.locals.manager = res.locals.task.project.managers.find((manager) => manager._id.equals(req.user._id));
+      }
       if (!res.locals.manager && !res.locals.session.user._id.equals(req.user._id)) {
         throw new SiteError(401, 'This is not your session');
       }