diff --git a/lib/assigner.rb b/lib/assigner.rb
index 58a8d20..baf4a1e 100644
--- a/lib/assigner.rb
+++ b/lib/assigner.rb
@@ -160,7 +160,12 @@ class ::Assigner
     @post_target ||= @target.is_a?(Post)
   end
 
+  def private_message_allowed_user_ids
+    @private_message_allowed_user_ids ||= topic.all_allowed_users.pluck(:id)
+  end
+
   def can_assignee_see_target?(assignee)
+    return false if (topic_target? || post_target?) && topic.private_message? && !private_message_allowed_user_ids.include?(assignee.id)
     return Guardian.new(assignee).can_see_topic?(@target) if topic_target?
     return Guardian.new(assignee).can_see_post?(@target) if post_target?
 
diff --git a/spec/lib/assigner_spec.rb b/spec/lib/assigner_spec.rb
index b352622..c7489dc 100644
--- a/spec/lib/assigner_spec.rb
+++ b/spec/lib/assigner_spec.rb
@@ -16,6 +16,7 @@ RSpec.describe Assigner do
     let(:secure_topic) { Fabricate(:post).topic.tap { |t| t.update(category: secure_category) } }
     let(:moderator) { Fabricate(:moderator, groups: [assign_allowed_group]) }
     let(:moderator_2) { Fabricate(:moderator, groups: [assign_allowed_group]) }
+    let(:admin) { Fabricate(:admin) }
     let(:assigner) { described_class.new(topic, moderator_2) }
     let(:assigner_self) { described_class.new(topic, moderator) }
 
@@ -231,11 +232,24 @@ RSpec.describe Assigner do
         expect(assign[:reason]).to eq(:forbidden_assignee_not_pm_participant)
       end
 
+      it 'fails to assign when the assigned admin cannot view the pm' do
+        assign = described_class.new(pm, moderator_2).assign(admin)
+
+        expect(assign[:success]).to eq(false)
+        expect(assign[:reason]).to eq(:forbidden_assignee_not_pm_participant)
+      end
+
       it 'fails to assign when not all group members has access to pm' do
         assign = described_class.new(pm, moderator_2).assign(moderator.groups.first)
 
         expect(assign[:success]).to eq(false)
         expect(assign[:reason]).to eq(:forbidden_group_assignee_not_pm_participant)
+
+        # even when admin
+        assign = described_class.new(pm, moderator_2).assign(admin.groups.first)
+
+        expect(assign[:success]).to eq(false)
+        expect(assign[:reason]).to eq(:forbidden_group_assignee_not_pm_participant)
       end
 
       it 'fails to assign when the assigned user cannot view the topic' do
diff --git a/spec/lib/topic_query_spec.rb b/spec/lib/topic_query_spec.rb
index 69c5c77..377c401 100644
--- a/spec/lib/topic_query_spec.rb
+++ b/spec/lib/topic_query_spec.rb
@@ -24,6 +24,7 @@ describe TopicQuery do
       [user_pm, admin_pm, other_admin_pm].each do |topic|
         Fabricate(:post, topic: topic)
       end
+      Fabricate(:topic_allowed_user, user: admin, topic: user_pm)
 
       Assigner.new(user_pm, Discourse.system_user).assign(admin)
       Assigner.new(admin_pm, Discourse.system_user).assign(admin)