diff --git a/app/controllers/plans_controller.rb b/app/controllers/plans_controller.rb
index 5a0be71..a5e245b 100644
--- a/app/controllers/plans_controller.rb
+++ b/app/controllers/plans_controller.rb
@@ -2,7 +2,7 @@
   require 'pp'
   helper SettingsTemplateHelper
 
-  after_action :verify_authorized, except: ['public_index', 'public_export']
+  after_action :verify_authorized, except: ['public_index']
 
   def index
     authorize Plan
@@ -292,6 +292,7 @@
   # -------------------------------------------------------------
   def public_export
     @plan = Plan.find(params[:id])
+    authorize @plan
     # If the plan has multiple phases we should export each
     @exported_plan = ExportedPlan.new.tap do |ep|
       ep.plan = @plan
diff --git a/app/policies/plan_policy.rb b/app/policies/plan_policy.rb
index 99d9865..22fd1f9 100644
--- a/app/policies/plan_policy.rb
+++ b/app/policies/plan_policy.rb
@@ -3,7 +3,7 @@
   attr_reader :plan
 
   def initialize(user, plan)
-    raise Pundit::NotAuthorizedError, "must be logged in" unless user
+    raise Pundit::NotAuthorizedError, "must be logged in" unless user || plan.publicly_visible?
     @user = user
     @plan = plan
   end
@@ -52,33 +52,10 @@
     @plan.administerable_by?(@user.id)&& Role.find_by(user_id: @user.id, plan_id: @plan.id).active
   end
 
-# TODO: These routes are no lonmger used
-=begin
-  def section_answers?
-    @plan.readable_by?(@user.id)
+  def public_export?
+    @plan.publicly_visible?
   end
 
-  def locked?
-    @plan.readable_by?(@user.id)
-  end
-
-  def delete_recent_locks?
-    @plan.editable_by?(@user.id)
-  end
-
-  def unlock_all_sections?
-    @plan.editable_by?(@user.id)
-  end
-
-  def lock_section?
-    @plan.editable_by?(@user.id)
-  end
-
-  def unlock_section?
-    @plan.editable_by?(@user.id)
-  end
-=end
-
   def answer?
     @plan.readable_by?(@user.id) && Role.find_by(user_id: @user.id, plan_id: @plan.id).active
   end