diff --git a/lib/open_food_network/reports/authorizer.rb b/lib/open_food_network/reports/authorizer.rb
new file mode 100644
index 0000000000..c8c77c6512
--- /dev/null
+++ b/lib/open_food_network/reports/authorizer.rb
@@ -0,0 +1,14 @@
+module OpenFoodNetwork
+  module Reports
+    class Authorizer
+      class ParameterNotAllowedError < StandardError; end
+
+      attr_accessor :parameters, :permissions
+
+      def initialize(parameters, permissions)
+        @parameters = parameters
+        @permissions = permissions
+      end
+    end
+  end
+end
diff --git a/lib/order_management/reports/enterprise_fee_summary/authorizer.rb b/lib/order_management/reports/enterprise_fee_summary/authorizer.rb
new file mode 100644
index 0000000000..c2b7a36919
--- /dev/null
+++ b/lib/order_management/reports/enterprise_fee_summary/authorizer.rb
@@ -0,0 +1,33 @@
+require "open_food_network/reports/authorizer"
+
+module OrderManagement
+  module Reports
+    module EnterpriseFeeSummary
+      class Authorizer < OpenFoodNetwork::Reports::Authorizer
+        def authorize!
+          authorize_by_distribution!
+          authorize_by_fee!
+        end
+
+        private
+
+        def authorize_by_distribution!
+          require_ids_allowed(parameters.order_cycle_ids, permissions.allowed_order_cycles)
+          require_ids_allowed(parameters.distributor_ids, permissions.allowed_distributors)
+          require_ids_allowed(parameters.producer_ids, permissions.allowed_producers)
+        end
+
+        def authorize_by_fee!
+          require_ids_allowed(parameters.enterprise_fee_ids, permissions.allowed_enterprise_fees)
+          require_ids_allowed(parameters.shipping_method_ids, permissions.allowed_shipping_methods)
+          require_ids_allowed(parameters.payment_method_ids, permissions.allowed_payment_methods)
+        end
+
+        def require_ids_allowed(array, allowed_objects)
+          raise OpenFoodNetwork::Reports::Authorizer::ParameterNotAllowedError \
+            if (array - allowed_objects.map(&:id).map(&:to_s)).any?
+        end
+      end
+    end
+  end
+end
diff --git a/spec/lib/order_management/reports/enterprise_fee_summary/authorizer_spec.rb b/spec/lib/order_management/reports/enterprise_fee_summary/authorizer_spec.rb
new file mode 100644
index 0000000000..334a0b4726
--- /dev/null
+++ b/spec/lib/order_management/reports/enterprise_fee_summary/authorizer_spec.rb
@@ -0,0 +1,177 @@
+require "spec_helper"
+
+require "order_management/reports/enterprise_fee_summary/parameters"
+require "order_management/reports/enterprise_fee_summary/permissions"
+require "order_management/reports/enterprise_fee_summary/authorizer"
+require "open_food_network/reports/authorizer"
+
+describe OrderManagement::Reports::EnterpriseFeeSummary::Authorizer do
+  let(:report_klass) { OrderManagement::Reports::EnterpriseFeeSummary }
+  let(:user) { create(:user) }
+
+  let(:parameters) { report_klass::Parameters.new(params) }
+  let(:permissions) { report_klass::Permissions.new(user) }
+  let(:authorizer) { described_class.new(parameters, permissions) }
+
+  context "for distributors" do
+    before do
+      allow(permissions).to receive(:allowed_distributors) do
+        stub_model_collection(Enterprise, :id, ["1", "2", "3"])
+      end
+    end
+
+    context "when distributors are allowed" do
+      let(:params) { { distributor_ids: ["1", "3"] } }
+
+      it "does not raise error" do
+        expect { authorizer.authorize! }.not_to raise_error
+      end
+    end
+
+    context "when a distributor is not allowed" do
+      let(:params) { { distributor_ids: ["1", "4"] } }
+
+      it "raises ParameterNotAllowedError" do
+        expect { authorizer.authorize! }
+          .to raise_error(OpenFoodNetwork::Reports::Authorizer::ParameterNotAllowedError)
+      end
+    end
+  end
+
+  context "for producers" do
+    before do
+      allow(permissions).to receive(:allowed_producers) do
+        stub_model_collection(Enterprise, :id, ["1", "2", "3"])
+      end
+    end
+
+    context "when producers are allowed" do
+      let(:params) { { producer_ids: ["1", "3"] } }
+
+      it "does not raise error" do
+        expect { authorizer.authorize! }.not_to raise_error
+      end
+    end
+
+    context "when a producer is not allowed" do
+      let(:params) { { producer_ids: ["1", "4"] } }
+
+      it "raises ParameterNotAllowedError" do
+        expect { authorizer.authorize! }
+          .to raise_error(OpenFoodNetwork::Reports::Authorizer::ParameterNotAllowedError)
+      end
+    end
+  end
+
+  context "for order cycles" do
+    before do
+      allow(permissions).to receive(:allowed_order_cycles) do
+        stub_model_collection(OrderCycle, :id, ["1", "2", "3"])
+      end
+    end
+
+    context "when order cycles are allowed" do
+      let(:params) { { order_cycle_ids: ["1", "3"] } }
+
+      it "does not raise error" do
+        expect { authorizer.authorize! }.not_to raise_error
+      end
+    end
+
+    context "when an order cycle is not allowed" do
+      let(:params) { { order_cycle_ids: ["1", "4"] } }
+
+      it "raises ParameterNotAllowedError" do
+        expect { authorizer.authorize! }
+          .to raise_error(OpenFoodNetwork::Reports::Authorizer::ParameterNotAllowedError)
+      end
+    end
+  end
+
+  context "for enterprise fees" do
+    before do
+      allow(permissions).to receive(:allowed_enterprise_fees) do
+        stub_model_collection(EnterpriseFee, :id, ["1", "2", "3"])
+      end
+    end
+
+    context "when enterprise fees are allowed" do
+      let(:params) { { enterprise_fee_ids: ["1", "3"] } }
+
+      it "does not raise error" do
+        expect { authorizer.authorize! }.not_to raise_error
+      end
+    end
+
+    context "when an enterprise fee is not allowed" do
+      let(:params) { { enterprise_fee_ids: ["1", "4"] } }
+
+      it "raises ParameterNotAllowedError" do
+        expect { authorizer.authorize! }
+          .to raise_error(OpenFoodNetwork::Reports::Authorizer::ParameterNotAllowedError)
+      end
+    end
+  end
+
+  context "for shipping methods" do
+    before do
+      allow(permissions).to receive(:allowed_shipping_methods) do
+        stub_model_collection(Spree::ShippingMethod, :id, ["1", "2", "3"])
+      end
+    end
+
+    context "when shipping methods are allowed" do
+      let(:params) { { shipping_method_ids: ["1", "3"] } }
+
+      it "does not raise error" do
+        expect { authorizer.authorize! }.not_to raise_error
+      end
+    end
+
+    context "when a shipping method is not allowed" do
+      let(:params) { { shipping_method_ids: ["1", "4"] } }
+
+      it "raises ParameterNotAllowedError" do
+        expect { authorizer.authorize! }
+          .to raise_error(OpenFoodNetwork::Reports::Authorizer::ParameterNotAllowedError)
+      end
+    end
+  end
+
+  context "for payment methods" do
+    before do
+      allow(permissions).to receive(:allowed_payment_methods) do
+        stub_model_collection(Spree::PaymentMethod, :id, ["1", "2", "3"])
+      end
+    end
+
+    context "when payment methods are allowed" do
+      let(:params) { { payment_method_ids: ["1", "3"] } }
+
+      it "does not raise error" do
+        expect { authorizer.authorize! }.not_to raise_error
+      end
+    end
+
+    context "when a payment method is not allowed" do
+      let(:params) { { payment_method_ids: ["1", "4"] } }
+
+      it "raises ParameterNotAllowedError" do
+        expect { authorizer.authorize! }
+          .to raise_error(OpenFoodNetwork::Reports::Authorizer::ParameterNotAllowedError)
+      end
+    end
+  end
+
+  def stub_model_collection(model, attribute_name, attribute_list)
+    attribute_list.map do |attribute_value|
+      stub_model(model, attribute_name => attribute_value)
+    end
+  end
+
+  def stub_model(model, params)
+    model.new.tap do |instance|
+      instance.stub(params)
+    end
+  end
+end