diff --git a/app/models/spree/ability_decorator.rb b/app/models/spree/ability_decorator.rb
index 5866a50c3f..5953d56ffd 100644
--- a/app/models/spree/ability_decorator.rb
+++ b/app/models/spree/ability_decorator.rb
@@ -8,6 +8,7 @@ class AbilityDecorator
     add_enterprise_management_abilities user if can_manage_enterprises? user
     add_group_management_abilities user if can_manage_groups? user
     add_product_management_abilities user if can_manage_products? user
+    add_order_cycle_management_abilities user if can_manage_order_cycles? user
     add_order_management_abilities user if can_manage_orders? user
     add_relationship_management_abilities user if can_manage_relationships? user
   end
@@ -33,6 +34,13 @@ class AbilityDecorator
     user.enterprises.any? { |e| e.category != :hub_profile && e.producer_profile_only != true }
   end
 
+  # Users can manage order cycles if they manage a sells own/any enterprise
+  # OR if they manage a producer which is included in any order cycles
+  def can_manage_order_cycles?(user)
+    can_manage_orders?(user) ||
+    OrderCycle.accessible_by(user).any?
+  end
+
   # Users can manage orders if they have a sells own/any enterprise.
   def can_manage_orders?(user)
     ( user.enterprises.map(&:sells) & %w(own any) ).any?
@@ -115,6 +123,16 @@ class AbilityDecorator
     can [:admin, :index, :customers, :orders_and_distributors, :group_buys, :bulk_coop, :payments, :orders_and_fulfillment, :products_and_inventory], :report
   end
 
+  def add_order_cycle_management_abilities(user)
+    can [:admin, :index, :read, :edit, :update], OrderCycle do |order_cycle|
+      OrderCycle.accessible_by(user).include? order_cycle
+    end
+    can [:bulk_update, :clone, :destroy], OrderCycle do |order_cycle|
+      user.enterprises.include? order_cycle.coordinator
+    end
+    can [:for_order_cycle], Enterprise
+  end
+
   def add_order_management_abilities(user)
     # Enterprise User can only access orders that they are a distributor for
     can [:index, :create], Spree::Order
@@ -132,10 +150,6 @@ class AbilityDecorator
     can [:admin, :index, :read, :create, :edit, :update, :fire], Spree::ReturnAuthorization
 
     can [:create], OrderCycle
-    can [:admin, :index, :read, :edit, :update, :bulk_update, :clone, :destroy], OrderCycle do |order_cycle|
-      user.enterprises.include? order_cycle.coordinator
-    end
-    can [:for_order_cycle], Enterprise
 
     can [:admin, :index, :read, :create, :edit, :update], ExchangeVariant
     can [:admin, :index, :read, :create, :edit, :update], Exchange
diff --git a/spec/models/spree/ability_spec.rb b/spec/models/spree/ability_spec.rb
index 4023961eef..bb45487894 100644
--- a/spec/models/spree/ability_spec.rb
+++ b/spec/models/spree/ability_spec.rb
@@ -24,6 +24,7 @@ module Spree
         it { subject.can_manage_products?(user).should be_true }
         it { subject.can_manage_enterprises?(user).should be_true }
         it { subject.can_manage_orders?(user).should be_true }
+        it { subject.can_manage_order_cycles?(user).should be_true }
       end
 
       context "as manager of an enterprise who sell 'own'" do
@@ -34,6 +35,7 @@ module Spree
         it { subject.can_manage_products?(user).should be_true }
         it { subject.can_manage_enterprises?(user).should be_true }
         it { subject.can_manage_orders?(user).should be_true }
+        it { subject.can_manage_order_cycles?(user).should be_true }
       end
 
       context "as manager of an enterprise who sells 'none'" do
@@ -44,6 +46,7 @@ module Spree
         it { subject.can_manage_products?(user).should be_false }
         it { subject.can_manage_enterprises?(user).should be_true }
         it { subject.can_manage_orders?(user).should be_false }
+        it { subject.can_manage_order_cycles?(user).should be_false }
       end
 
       context "as manager of a producer enterprise who sells 'any'" do
@@ -54,6 +57,7 @@ module Spree
         it { subject.can_manage_products?(user).should be_true }
         it { subject.can_manage_enterprises?(user).should be_true }
         it { subject.can_manage_orders?(user).should be_true }
+        it { subject.can_manage_order_cycles?(user).should be_true }
       end
 
       context "as manager of a producer enterprise who sell 'own'" do
@@ -64,6 +68,7 @@ module Spree
         it { subject.can_manage_products?(user).should be_true }
         it { subject.can_manage_enterprises?(user).should be_true }
         it { subject.can_manage_orders?(user).should be_true }
+        it { subject.can_manage_order_cycles?(user).should be_true }
       end
 
       context "as manager of a producer enterprise who sells 'none'" do
@@ -81,6 +86,7 @@ module Spree
           it { subject.can_manage_products?(user).should be_true }
           it { subject.can_manage_enterprises?(user).should be_true }
           it { subject.can_manage_orders?(user).should be_false }
+          it { subject.can_manage_order_cycles?(user).should be_false }
         end
 
         context "as a profile" do
@@ -93,6 +99,7 @@ module Spree
           it { subject.can_manage_products?(user).should be_false }
           it { subject.can_manage_enterprises?(user).should be_true }
           it { subject.can_manage_orders?(user).should be_false }
+          it { subject.can_manage_order_cycles?(user).should be_false }
         end
       end
 
@@ -100,6 +107,7 @@ module Spree
         it { subject.can_manage_products?(user).should be_false }
         it { subject.can_manage_enterprises?(user).should be_false }
         it { subject.can_manage_orders?(user).should be_false }
+        it { subject.can_manage_order_cycles?(user).should be_false }
 
         it "can create enterprises straight off the bat" do
           subject.is_new_user?(user).should be_true
@@ -212,6 +220,40 @@ module Spree
           should_not have_ability([:sales_total, :group_buys, :payments, :orders_and_distributors, :users_and_enterprises], for: :report)
         end
 
+        describe "order_cycles abilities" do
+          context "where the enterprise is not in an order_cycle" do
+            let!(:order_cycle) { create(:simple_order_cycle) }
+
+            it "should not be able to access read/update order_cycle actions" do
+              should_not have_ability([:admin, :index, :read, :edit, :update], for: order_cycle)
+            end
+
+            it "should not be able to access bulk_update, clone order cycle actions" do
+              should_not have_ability([:bulk_update, :clone], for: order_cycle)
+            end
+
+            it "cannot request permitted enterprises for an order cycle" do
+              should_not have_ability([:for_order_cycle], for: Enterprise)
+            end
+          end
+
+          context "where the enterprise is in an order_cycle" do
+            let!(:order_cycle) { create(:simple_order_cycle) }
+            let!(:exchange){ create(:exchange, incoming: true, order_cycle: order_cycle, receiver: order_cycle.coordinator, sender: s1) }
+
+            it "should be able to access read/update order cycle actions" do
+              should have_ability([:admin, :index, :read, :edit, :update], for: order_cycle)
+            end
+
+            it "should not be able to access bulk/update, clone order cycle actions" do
+              should_not have_ability([:bulk_update, :clone], for: order_cycle)
+            end
+
+            it "can request permitted enterprises for an order cycle" do
+              should have_ability([:for_order_cycle], for: Enterprise)
+            end
+          end
+        end
       end
 
       context "when is a distributor enterprise user" do
@@ -357,6 +399,22 @@ module Spree
           should_not have_ability([:sales_total, :users_and_enterprises], for: :report)
         end
 
+        context "for a given order_cycle" do
+          let!(:order_cycle) { create(:simple_order_cycle) }
+          let!(:exchange){ create(:exchange, incoming: false, order_cycle: order_cycle, receiver: d1, sender: order_cycle.coordinator) }
+
+          it "should be able to access read and update order cycle actions" do
+            should have_ability([:admin, :index, :read, :edit, :update], for: order_cycle)
+          end
+
+          it "should not be able to access bulk_update, clone order cycle actions" do
+            should_not have_ability([:bulk_update, :clone], for: order_cycle)
+          end
+        end
+
+        it "can request permitted enterprises for an order cycle" do
+          should have_ability([:for_order_cycle], for: Enterprise)
+        end
       end
 
       context 'Order Cycle co-ordinator, distributor enterprise manager' do
@@ -371,11 +429,11 @@ module Spree
         let(:oc2) { create(:simple_order_cycle) }
 
         it "should be able to read/write OrderCycles they are the co-ordinator of" do
-          should have_ability([:admin, :index, :read, :edit, :update, :clone, :destroy], for: oc1)
+          should have_ability([:admin, :index, :read, :edit, :update, :bulk_update, :clone, :destroy], for: oc1)
         end
 
         it "should not be able to read/write OrderCycles they are not the co-ordinator of" do
-          should_not have_ability([:admin, :index, :read, :create, :edit, :update, :clone, :destroy], for: oc2)
+          should_not have_ability([:admin, :index, :read, :create, :edit, :update, :bulk_update, :clone, :destroy], for: oc2)
         end
 
         it "should be able to create OrderCycles" do