diff --git a/app/Http/Controllers/Repuve/AppController.php b/app/Http/Controllers/Repuve/AppController.php
index 8c4b496..b8e46c2 100644
--- a/app/Http/Controllers/Repuve/AppController.php
+++ b/app/Http/Controllers/Repuve/AppController.php
@@ -20,6 +20,7 @@ public static function middleware(): array
     {
         return [
             self::can('apk.index', ['index']),
+            self::can('apk.create', ['store']),
             self::can('apk.edit', ['update']),
             self::can('apk.destroy', ['destroy']),
             self::can('apk.download', ['download']),
diff --git a/app/Http/Requests/Repuve/ApkStorageRequest.php b/app/Http/Requests/Repuve/ApkStorageRequest.php
index c7fa63d..85c8269 100644
--- a/app/Http/Requests/Repuve/ApkStorageRequest.php
+++ b/app/Http/Requests/Repuve/ApkStorageRequest.php
@@ -8,7 +8,7 @@ class ApkStorageRequest extends FormRequest
 {
     public function authorize()
     {
-        return true;
+        return auth()->user()->can('apk.create');
     }
 
     public function rules()
diff --git a/database/seeders/RoleSeeder.php b/database/seeders/RoleSeeder.php
index 3a0609f..dfbd575 100644
--- a/database/seeders/RoleSeeder.php
+++ b/database/seeders/RoleSeeder.php
@@ -55,6 +55,7 @@ public function run(): void
         $apk = PermissionType::updateOrCreate(['name' => 'App Móvil']);
 
         $apkIndex = $this->onPermission('apk.index', 'Historial de registros apk', $apk, 'api');
+        $apkCreate = $this->onPermission('apk.create', 'Subir nueva versión del apk', $apk, 'api');
         $apkEdit = $this->onPermission('apk.edit', 'Actualizar registro de apk', $apk, 'api');
         $apkDestroy = $this->onPermission('apk.destroy', 'Eliminar registro de apk', $apk, 'api');
         $apkDownload = $this->onPermission('apk.download', 'Descargar APK de la aplicación móvil', $apk, 'api');