diff --git a/services/web/app/coffee/Features/UserMembership/UserMembershipAuthorization.coffee b/services/web/app/coffee/Features/UserMembership/UserMembershipAuthorization.coffee
index 249eb86bf7..1b0e0ca442 100644
--- a/services/web/app/coffee/Features/UserMembership/UserMembershipAuthorization.coffee
+++ b/services/web/app/coffee/Features/UserMembership/UserMembershipAuthorization.coffee
@@ -6,13 +6,13 @@ Errors = require('../Errors/Errors')
 logger = require("logger-sharelatex")
 
 module.exports =
-	requireEntityAccess: (entityName, entityId = null) ->
+	requireEntityAccess: (entityName, entityIdOverride = null) ->
 		(req, res, next) ->
 			loggedInUser = AuthenticationController.getSessionUser(req)
 			unless loggedInUser
 				return AuthorizationMiddlewear.redirectToRestricted req, res, next
 
-			entityId = req.params.id unless entityId?
+			entityId = entityIdOverride or req.params.id
 			getEntity entityName, entityId, loggedInUser, (error, entity, entityConfig) ->
 				return next(error) if error?
 				unless entity?
diff --git a/services/web/test/unit/coffee/UserMembership/UserMembershipAuthorizationTests.coffee b/services/web/test/unit/coffee/UserMembership/UserMembershipAuthorizationTests.coffee
index eb96166369..4630b1c10d 100644
--- a/services/web/test/unit/coffee/UserMembership/UserMembershipAuthorizationTests.coffee
+++ b/services/web/test/unit/coffee/UserMembership/UserMembershipAuthorizationTests.coffee
@@ -73,3 +73,27 @@ describe "UserMembershipAuthorization", ->
 				sinon.assert.notCalled(@UserMembershipHandler.getEntity)
 				expect(@req.entity).to.not.exist
 				done()
+
+		it 'can override entity id', (done) ->
+			middlewear = @UserMembershipAuthorization.requireEntityAccess 'group', 'entity-id-override'
+			middlewear @req, null, (error) =>
+				expect(error).to.not.extist
+				sinon.assert.calledWithMatch(
+					@UserMembershipHandler.getEntity,
+					'entity-id-override',
+				)
+				done()
+
+		it "doesn't cache entity id between requests", (done) ->
+			middlewear = @UserMembershipAuthorization.requireEntityAccess 'group'
+			middlewear @req, null, (error) =>
+				expect(error).to.not.extist
+				lastCallArs = @UserMembershipHandler.getEntity.lastCall.args
+				expect(lastCallArs[0]).to.equal @req.params.id
+				newEntityId = 'another-mock-id'
+				@req.params.id = newEntityId
+				middlewear @req, null, (error) =>
+					expect(error).to.not.extist
+					lastCallArs = @UserMembershipHandler.getEntity.lastCall.args
+					expect(lastCallArs[0]).to.equal newEntityId
+					done()