diff --git a/api/handlers/containerhandler.py b/api/handlers/containerhandler.py
index f2bea7ef443f63b4f11346d7f1d2d794b99aeda3..7d63aab66c4d1517ed0ff25ad087ea78d1108a23 100644
--- a/api/handlers/containerhandler.py
+++ b/api/handlers/containerhandler.py
@@ -368,7 +368,7 @@ class ContainerHandler(base.RequestHandler):
         self.storage = self.config['storage']
         projection = self.config['list_projection']
         # select which permission filter will be applied to the list of results.
-        if self.superuser_request:
+        if self.superuser_request or self.user_is_admin:
             permchecker = always_ok
         elif self.public_request:
             self.abort(403, 'this request is not allowed')
diff --git a/test/integration_tests/python/test_users.py b/test/integration_tests/python/test_users.py
index 2ccdd958ba9617b66a1151b16b63026cc327e220..ed3bf8872ea2a49f72bb6cab05ac5131963c5295 100644
--- a/test/integration_tests/python/test_users.py
+++ b/test/integration_tests/python/test_users.py
@@ -65,6 +65,14 @@ def test_users(as_root, as_admin, as_user, as_public):
     r = as_user.get('/users/' + new_user_id)
     assert r.ok
 
+    # Try getting another user's projects without admin priveledges
+    r = as_user.get('/users/' + new_user_id + '/projects')
+    assert r.status_code == 403
+
+    # Get another user's projects
+    r = as_admin.get('/users/' + new_user_id + '/projects')
+    assert r.ok
+
     # Try to update non-existent user
     r = as_root.put('/users/nonexistent@user.com', json={'firstname': 'Realname'})
     assert r.status_code == 404