diff --git a/permissions/migrations/0004_auto_20140830_2318.py b/permissions/migrations/0004_auto_20140830_2318.py
new file mode 100644
index 0000000..a29e03e
--- /dev/null
+++ b/permissions/migrations/0004_auto_20140830_2318.py
@@ -0,0 +1,30 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+
+from django.db import models, migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('permissions', '0003_auto_20140830_2304'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='globalpermission',
+            name='access_project',
+            field=models.BooleanField(default=False),
+            preserve_default=True,
+        ),
+        migrations.AlterField(
+            model_name='globalpermission',
+            name='create_comment',
+            field=models.BooleanField(default=False),
+        ),
+        migrations.AlterField(
+            model_name='globalpermission',
+            name='create_issue',
+            field=models.BooleanField(default=False),
+        ),
+    ]
diff --git a/permissions/models.py b/permissions/models.py
index c9f841a..84edee0 100644
--- a/permissions/models.py
+++ b/permissions/models.py
@@ -96,12 +96,14 @@ class GlobalPermission(PermissionModel):
 
     # Project permissions, given on ALL projects
 
-    create_issue = models.BooleanField(default=True)
+    access_project = models.BooleanField(default=False)
+
+    create_issue = models.BooleanField(default=False)
     modify_issue = models.BooleanField(default=False)
     manage_issue = models.BooleanField(default=False)
     delete_issue = models.BooleanField(default=False)
 
-    create_comment = models.BooleanField(default=True)
+    create_comment = models.BooleanField(default=False)
     modify_comment = models.BooleanField(default=False)
     delete_comment = models.BooleanField(default=False)
 
diff --git a/templates/permissions/global_perm_list.html b/templates/permissions/global_perm_list.html
index b3af301..b1c2278 100644
--- a/templates/permissions/global_perm_list.html
+++ b/templates/permissions/global_perm_list.html
@@ -66,6 +66,10 @@
         </div>
         <div class="tab-pane" id="project{{ perm.id }}">
           <ul class="list-group">
+            <li class="list-group-item">
+              Access
+              <a href="javascript:void(0);" class="pull-right perm-toggle" data-href="{% url 'toggle-global-permission' perm.id 'access-project' %}">{{ perm.access_project|boolean }}</a>
+            </li>
             <li class="list-group-item">
               Create issue
               <a href="javascript:void(0);" class="pull-right perm-toggle" data-href="{% url 'toggle-global-permission' perm.id 'create-issue' %}">{{ perm.create_issue|boolean }}</a>
diff --git a/tracker/middleware.py b/tracker/middleware.py
index a230889..f8ee53c 100644
--- a/tracker/middleware.py
+++ b/tracker/middleware.py
@@ -5,6 +5,7 @@ from django.contrib.auth.decorators import login_required
 from django.db.models import Q
 
 from tracker.models import Project
+from permissions.models import GlobalPermission
 from permissions.models import PermissionModel as PermModel
 
 
@@ -30,25 +31,45 @@ class ProjectMiddleware:
                 " 'django.contrib.auth.middleware.AuthenticationMiddleware'"
                 " before the ProjectMiddleware class.")
 
-        # projects
+        # projectS
         if request.user.is_authenticated() and request.user.is_staff:
             projects = Project.objects.all()
-        else:
-            query = Q(access=Project.ACCESS_PUBLIC)
-            if request.user.is_authenticated():
+        elif request.user.is_authenticated():
+            teams = request.user.teams.values_list('id')
+            groups = request.user.groups.values_list('id')
+            # check for a global permission allowing access
+            if GlobalPermission.objects.filter(access_project=True) \
+                    .filter(
+                        # directly
+                        Q(grantee_type=PermModel.GRANTEE_USER,
+                            grantee_id=request.user.id)
+                        # through a group
+                        | Q(grantee_type=PermModel.GRANTEE_GROUP,
+                            grantee_id__in=groups)
+                        # through a team
+                        | Q(grantee_type=PermModel.GRANTEE_TEAM,
+                            grantee_id__in=teams)
+                    ).exists():
+                projects = Project.objects.all()
+            # searching project reachable throught project permission
+            else:
+                # public project
+                query = Q(access=Project.ACCESS_PUBLIC)
+                # project reserved to logged users
                 query |= Q(access=Project.ACCESS_REGISTERED)
                 # access granted through a team
-                teams = request.user.teams.values_list('id')
                 query |= Q(permissions__grantee_type=PermModel.GRANTEE_TEAM,
-                           permissions__grantee_id__in=teams)
+                        permissions__grantee_id__in=teams)
                 # access granted through a group
-                groups = request.user.groups.values_list('id')
                 query |= Q(permissions__grantee_type=PermModel.GRANTEE_GROUP,
-                           permissions__grantee_id__in=groups)
+                        permissions__grantee_id__in=groups)
                 # access granted by specific permission
                 query |= Q(permissions__grantee_type=PermModel.GRANTEE_USER,
-                           permissions__grantee_id=request.user.id)
-            projects = Project.objects.filter(query).distinct()
+                        permissions__grantee_id=request.user.id)
+                projects = Project.objects.filter(query).distinct()
+        else:
+            # only public projects
+            projects = Project.objects.filter(access=Project.ACCESS_PUBLIC)
         request.projects = projects
 
         # project