diff --git a/app/controllers/polls_controller.rb b/app/controllers/polls_controller.rb
index d09e15812..cf114b08d 100644
--- a/app/controllers/polls_controller.rb
+++ b/app/controllers/polls_controller.rb
@@ -23,6 +23,8 @@ class PollsController < ApplicationController
   end
 
   def answer
+    raise CanCan::AccessDenied if @poll.voted_in_booth?(current_user)
+
     @web_vote = Poll::WebVote.new(@poll, current_user)
 
     if @web_vote.update(answer_params)
diff --git a/spec/controllers/polls_controller_spec.rb b/spec/controllers/polls_controller_spec.rb
index 6a0a03c2e..b8b7f8256 100644
--- a/spec/controllers/polls_controller_spec.rb
+++ b/spec/controllers/polls_controller_spec.rb
@@ -28,5 +28,18 @@ describe PollsController do
 
       expect(Poll::Answer.count).to eq 1
     end
+
+    it "denies access when users have already voted in a booth" do
+      poll = create(:poll)
+      user = create(:user, :level_two)
+      create(:poll_voter, :from_booth, poll: poll, user: user)
+
+      sign_in(user)
+
+      post :answer, params: { id: poll.id, web_vote: {}}
+
+      expect(response).to redirect_to "/"
+      expect(flash[:alert]).to eq "You do not have permission to access this page."
+    end
   end
 end