diff --git a/roles/phabricator/files/RepositoryAuthorPolicyRule.php b/roles/phabricator/files/RepositoryAuthorPolicyRule.php
new file mode 100644
index 0000000..0f0579e
--- /dev/null
+++ b/roles/phabricator/files/RepositoryAuthorPolicyRule.php
@@ -0,0 +1,71 @@
+<?php
+
+final class RepositoryAuthorPolicyRule
+  extends PhabricatorPolicyRule {
+
+  public function getObjectPolicyKey() {
+    return 'repository.author';
+  }
+
+  public function getObjectPolicyName() {
+    return pht('Repository Author');
+  }
+
+  public function getPolicyExplanation() {
+    return pht('The author of this repository can take this action.');
+  }
+
+  public function getRuleDescription() {
+    return pht('repository author');
+  }
+
+  public function canApplyToObject(PhabricatorPolicyInterface $object) {
+    return ($object instanceof PhabricatorRepository);
+  }
+
+  public function applyRule(
+    PhabricatorUser $viewer,
+    $value,
+    PhabricatorPolicyInterface $object) {
+
+    $viewer_phid = $viewer->getPHID();
+    if (!$viewer_phid) {
+      return false;
+    }
+
+    // Check if the repository exists, if it doesn't we authorize. The user always
+    // needs at least the read policy to be able to edit/push so it's not problematic
+    $repo = id(new PhabricatorRepositoryQuery())
+      ->setViewer($viewer)
+      ->withPHIDs(array($object->getPHID()))
+      ->withStatus(PhabricatorRepositoryQuery::STATUS_OPEN)
+      ->execute();
+
+    if(!$repo) {
+      return true;
+    }
+
+    // Get all repositories the user has created
+    $repo_transaction = id(new PhabricatorRepositoryTransactionQuery())
+      ->setViewer($viewer)
+      ->withAuthorPHIDs(array($viewer_phid))
+      ->withTransactionTypes(array(PhabricatorTransactions::TYPE_CREATE))
+      ->execute();
+
+    // Check if the current repository has been created by the user
+    if(!empty($repo_transaction)) {
+      $repo_phids = mpull($repo_transaction, 'getObjectPHID');
+      if(in_array($object->getPHID(), $repo_phids, true) == true){
+        return true;
+      }
+    }
+
+    return false;
+  }
+
+  public function getValueControlType() {
+    return self::CONTROL_TYPE_NONE;
+  }
+
+}
+
diff --git a/roles/phabricator/tasks/customize.yml b/roles/phabricator/tasks/customize.yml
index b111697..202c09b 100644
--- a/roles/phabricator/tasks/customize.yml
+++ b/roles/phabricator/tasks/customize.yml
@@ -1,40 +1,41 @@
 ---
 - name: Custom classes from Phutil
   copy:
     src: "{{ item }}"
     dest: "{{ phabricator_path }}libphutil/src/extensions/{{ item }}"
   notify: reload apache
   with_items:
     - PhutilAuthAdapterShibboleth.php
 
 - name: Custom classes for Phabricator
   copy:
     src: "{{ item }}"
     dest: "{{ phabricator_path }}phabricator/src/extensions/{{ item }}"
   notify: reload apache
   with_items:
     - PhabricatorC4scienceApplication.php
     - PhabricatorHomeMainController.php
     - PhabricatorCustomRobotsController.php
     - PhabricatorSitemapsController.php
     - PhabricatorProjectProfileController.php
     - PhabricatorProjectWikiCreate.php
     - PhabricatorProjectWikiView.php
     - PhabricatorAuthProviderShibboleth.php
     - PhabricatorProjectWikiProfilePanel.php
     - PhabricatorProjectProfilePanelEngineCustom.php
     - PhabricatorPeopleProfileViewController.php
     - PhabricatorRepositoryAuthor.php
     - PhabricatorPasswordAuthProvider.php
+    - RepositoryAuthorPolicyRule.php
 
 - name: Patch PhabricatorUser
   patch:
     src: PhabricatorUserOmnipotent.patch
     dest: "{{ phabricator_path }}phabricator/src/applications/people/storage/PhabricatorUser.php"
   notify: reload apache
 
 - name: Update repo script
   template:
     src: phab_update_repo.sh
     dest: /root/scripts/phab_update_repo.sh
     mode: 0750