diff --git a/app/services/ci/create_pipeline_service.rb b/app/services/ci/create_pipeline_service.rb
index 6f1f3c4d2e8..d20de9b16a4 100644
--- a/app/services/ci/create_pipeline_service.rb
+++ b/app/services/ci/create_pipeline_service.rb
@@ -96,16 +96,16 @@ module Ci
     end
 
     def allowed_to_create?
-      access = Gitlab::UserAccess.new(current_user, project: project)
+      return unless can?(current_user, :create_pipeline, project)
 
-      can?(current_user, :create_pipeline, project) &&
-        if branch?
-          access.can_update_branch?(ref)
-        elsif tag?
-          access.can_create_tag?(ref)
-        else
-          true # Allow it for now and we'll reject when we check ref existence
-        end
+      access = Gitlab::UserAccess.new(current_user, project: project)
+      if branch?
+        access.can_update_branch?(ref)
+      elsif tag?
+        access.can_create_tag?(ref)
+      else
+        true # Allow it for now and we'll reject when we check ref existence
+      end
     end
 
     def update_merge_requests_head_pipeline