When trying to retrieve dataset which doesn't exist with the user who is not authorized to make this request, the clinet would receive 404 instead of 403 (fordidden). With this modifications when dataset doesn't exist we recheck if user even had a permission to make this type of request and return 403 instead of 404 if it didn't.