diff --git a/app/models/issue.rb b/app/models/issue.rb
index 84907a475..f69d4ef33 100644
--- a/app/models/issue.rb
+++ b/app/models/issue.rb
@@ -125,7 +125,9 @@ class Issue < ActiveRecord::Base

   # Returns a SQL conditions string used to find all issues visible by the specified user
   def self.visible_condition(user, options={})
-    Project.allowed_to_condition(user, :view_issues, options) do |role, user|
+    Project.allowed_to_condition(user,
+                                 :view_issues,
+                                 { pre_condition_project_field: "#{table_name}.project_id" }.merge(options)) do |role, user|
       sql =
         if user.id && user.logged?
           case role.issues_visibility
diff --git a/app/models/project.rb b/app/models/project.rb
index 7ba9b4197..a8b53d747 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -178,6 +178,7 @@ class Project < ActiveRecord::Base
   # * :project => project               limit the condition to project
   # * :with_subprojects => true         limit the condition to project and its subprojects
   # * :member => true                   limit the condition to the user projects
+  # * :pre_condition_project_field      table field for where cause with enabled_modules to project_id
   def self.allowed_to_condition(user, permission, options={})
     perm = Redmine::AccessControl.permission(permission)
     base_statement =
@@ -191,7 +192,9 @@ class Project < ActiveRecord::Base
       base_statement +=
         " AND EXISTS (SELECT 1 AS one FROM #{EnabledModule.table_name} em" \
           " WHERE em.project_id = #{Project.table_name}.id" \
-          " AND em.name='#{perm.project_module}')"
+          " AND em.name='#{perm.project_module}'"
+      base_statement += " AND em.project_id=#{options[:pre_condition_project_field]}" if options[:pre_condition_project_field]
+      base_statement += ')'
     end
     if project = options[:project]
       project_statement = project.project_condition(options[:with_subprojects])
diff --git a/app/models/time_entry.rb b/app/models/time_entry.rb
index 7776db0d8..12268b152 100644
--- a/app/models/time_entry.rb
+++ b/app/models/time_entry.rb
@@ -80,7 +80,9 @@ class TimeEntry < ActiveRecord::Base

   # Returns a SQL conditions string used to find all time entries visible by the specified user
   def self.visible_condition(user, options={})
-    Project.allowed_to_condition(user, :view_time_entries, options) do |role, user|
+    Project.allowed_to_condition(user,
+                                 :view_time_entries,
+                                 { pre_condition_project_field: "#{table_name}.project_id" }.merge(options)) do |role, user|
       if role.time_entries_visibility == 'all'
         nil
       elsif role.time_entries_visibility == 'own' && user.id && user.logged?