diff --git a/aleksis/apps/resint/forms.py b/aleksis/apps/resint/forms.py
index 5a0ae9822616b4aa78fb6e4851311ea82432940b..147991e23557a5177e64382595e96b5cc7c1f6e9 100644
--- a/aleksis/apps/resint/forms.py
+++ b/aleksis/apps/resint/forms.py
@@ -1,5 +1,7 @@
 from django import forms
+from django.http import HttpRequest
 
+from guardian.shortcuts import get_objects_for_user
 from material import Layout, Row
 
 from .models import Poster, PosterGroup
@@ -35,3 +37,10 @@ class PosterUploadForm(forms.ModelForm):
     class Meta:
         model = Poster
         fields = ["group", "week", "year", "pdf"]
+
+    def __init__(self, request: HttpRequest, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        qs = PosterGroup.objects.all()
+        if not request.user.has_perm("resint.view_postergroup"):
+            qs = get_objects_for_user(request.user, "resint.add_poster_to_group", qs)
+        self.fields["group"].queryset = qs
diff --git a/aleksis/apps/resint/rules.py b/aleksis/apps/resint/rules.py
index 2560ef97aab50242fdadb7f637998c671fc3e9e3..ea359029b6dd6d757522cea4a527aafe7067a0d2 100644
--- a/aleksis/apps/resint/rules.py
+++ b/aleksis/apps/resint/rules.py
@@ -75,7 +75,7 @@ add_perm("resint.view_posters_rule", view_posters_predicate)
 # Upload poster
 upload_poster_predicate = view_posters_predicate & (
     has_global_perm("resint.add_poster") | has_any_object("resint.add_poster_to_group", PosterGroup)
-)  # FIXME FIlter on form
+)
 add_perm("resint.upload_poster_rule", upload_poster_predicate)
 
 # Edit poster