diff --git a/app/controllers/templates_controller.rb b/app/controllers/templates_controller.rb
index 253eede8..d2f2c9c1 100644
--- a/app/controllers/templates_controller.rb
+++ b/app/controllers/templates_controller.rb
@@ -116,7 +116,8 @@ class TemplatesController < ApplicationController
   end
 
   def authorized_clone_account_id?(account_id)
-    true_user.account_id.to_s == account_id.to_s || true_user.account.linked_accounts.exists?(id: account_id)
+    true_user.account_id.to_s == account_id.to_s ||
+      true_user.account.linked_accounts.accessible_by(current_ability).exists?(id: account_id)
   end
 
   def maybe_redirect_to_template(template)
diff --git a/app/views/templates/new.html.erb b/app/views/templates/new.html.erb
index c3c51d06..073a62b7 100644
--- a/app/views/templates/new.html.erb
+++ b/app/views/templates/new.html.erb
@@ -3,9 +3,9 @@
     <% if @base_template %>
       <%= hidden_field_tag :base_template_id, @base_template.id %>
     <% end %>
-    <% if @base_template && (can?(:manage, :tenants) || true_user != current_user) && true_user.account.linked_accounts.active.exists? %>
+    <% if @base_template && (can?(:manage, :tenants) || true_user != current_user) && true_user.account.linked_accounts.active.accessible_by(current_ability).exists? %>
       <div class="form-control -mb-2 mt-2">
-        <%= select_tag :account_id, options_for_select([true_user.account, *true_user.account.linked_accounts.active].uniq.map { |e| [e.name, e.id] }, current_account.id), required: true, class: 'base-select' %>
+        <%= select_tag :account_id, options_for_select([true_user.account, *true_user.account.linked_accounts.active.accessible_by(current_ability)].uniq.map { |e| [e.name, e.id] }, current_account.id), required: true, class: 'base-select' %>
       </div>
     <% end %>
     <div class="form-control mt-6">