diff --git a/lib/guardian.rb b/lib/guardian.rb
index d19d8ec7c48..11b4b562637 100644
--- a/lib/guardian.rb
+++ b/lib/guardian.rb
@@ -404,6 +404,12 @@ class Guardian
     @secure_category_ids ||= @user.secure_category_ids
   end
 
+  # all allowed category ids
+  def allowed_category_ids
+    unrestricted = Category.where(read_restricted: false).pluck(:id)
+    unrestricted.concat(secure_category_ids)
+  end
+
   def topic_create_allowed_category_ids
     @topic_create_allowed_category_ids ||= @user.topic_create_allowed_category_ids
   end
diff --git a/lib/topic_query.rb b/lib/topic_query.rb
index a39e4293c0d..43c60315407 100644
--- a/lib/topic_query.rb
+++ b/lib/topic_query.rb
@@ -255,12 +255,13 @@ class TopicQuery
         result = result.where('topics.id in (?)', options[:topic_ids]).references(:topics)
       end
 
-      unless @user && @user.moderator?
-        category_ids = @user.secure_category_ids if @user
-        if category_ids.present?
-          result = result.where('categories.read_restricted IS NULL OR categories.read_restricted = ? OR categories.id IN (?)', false, category_ids).references(:categories)
+      guardian = Guardian.new(@user)
+      unless guardian.is_staff?
+        allowed_ids = guardian.allowed_category_ids
+        if allowed_ids.length > 0
+          result = result.where('topics.category_id IS NULL or topics.category_id IN (?)', allowed_ids)
         else
-          result = result.where('categories.read_restricted IS NULL OR categories.read_restricted = ?', false).references(:categories)
+          result = result.where('topics.category_id IS NULL')
         end
       end