diff --git a/app/controllers/projects/git_http_controller.rb b/app/controllers/projects/git_http_controller.rb
index 3d0055c9be341fc01f617cca1a1ffc2a88e2df99..40a8b7940d9eb1a1e7d1b1c80cb1b26a50918886 100644
--- a/app/controllers/projects/git_http_controller.rb
+++ b/app/controllers/projects/git_http_controller.rb
@@ -174,14 +174,20 @@ class Projects::GitHttpController < Projects::ApplicationController
     end
   end
 
+  def access
+    return @access if defined?(@access)
+
+    @access = Gitlab::GitAccess.new(user, project, 'http')
+  end
+
   def download_access
     return @download_access if defined?(@download_access)
 
-    @download_access = Gitlab::GitAccess.new(user, project, 'http').check('git-upload-pack')
+    @download_access = access.check('git-upload-pack')
   end
 
   def http_blocked?
-    download_access.protocol_allowed?
+    !access.protocol_allowed?
   end
 
   def receive_pack_allowed?
diff --git a/lib/gitlab/git_access.rb b/lib/gitlab/git_access.rb
index beec56fcc620387228f5dd4d92df9e03c201d289..7dd9594ce6807831ca6f65ed9b7604427d1f2409 100644
--- a/lib/gitlab/git_access.rb
+++ b/lib/gitlab/git_access.rb
@@ -169,6 +169,10 @@ module Gitlab
       Gitlab::ForcePushCheck.force_push?(project, oldrev, newrev)
     end
 
+    def protocol_allowed?
+      Gitlab::ProtocolAccess.allowed?(protocol)
+    end
+
     private
 
     def protected_branch_action(oldrev, newrev, branch_name)
@@ -193,10 +197,6 @@ module Gitlab
       Gitlab::UserAccess.allowed?(user)
     end
 
-    def protocol_allowed?
-      Gitlab::ProtocolAccess.allowed?(protocol)
-    end
-
     def branch_name(ref)
       ref = ref.to_s
       if Gitlab::Git.branch_ref?(ref)