diff --git a/frappe/core/doctype/user/user.py b/frappe/core/doctype/user/user.py
index 6f816c8f67..ca5138da78 100644
--- a/frappe/core/doctype/user/user.py
+++ b/frappe/core/doctype/user/user.py
@@ -510,9 +510,6 @@ def has_permission(doc, user):
 		# dont allow non Administrator user to view / edit Administrator user
 		return False
 
-	else:
-		return True
-
 def notifify_admin_access_to_system_manager(login_manager=None):
 	if (login_manager
 		and login_manager.user == "Administrator"
diff --git a/frappe/permissions.py b/frappe/permissions.py
index d6a1cdf686..3f3727f955 100644
--- a/frappe/permissions.py
+++ b/frappe/permissions.py
@@ -294,10 +294,12 @@ def has_controller_permissions(doc, ptype, user=None):
 		return None
 
 	for method in methods:
-		if not frappe.call(frappe.get_attr(method), doc=doc, ptype=ptype, user=user):
-			return False
+		controller_permission = frappe.call(frappe.get_attr(method), doc=doc, ptype=ptype, user=user)
+		if controller_permission is not None:
+			return controller_permission
 
-	return True
+	# controller permissions could not decide on True or False
+	return None
 
 def can_set_user_permissions(doctype, docname=None):
 	# System Manager can always set user permissions