diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index c015c06ad..ed040589e 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -461,6 +461,10 @@ class ApplicationController < ActionController::Base
       raise Discourse::InvalidAccess.new unless current_user && current_user.staff?
     end
 
+    def ensure_admin
+      raise Discourse::InvalidAccess.new unless current_user && current_user.admin?
+    end
+
     def ensure_wizard_enabled
       raise Discourse::InvalidAccess.new unless SiteSetting.wizard_enabled?
     end
diff --git a/app/controllers/steps_controller.rb b/app/controllers/steps_controller.rb
index 6f9df1d65..005d2d7d7 100644
--- a/app/controllers/steps_controller.rb
+++ b/app/controllers/steps_controller.rb
@@ -6,7 +6,7 @@ class StepsController < ApplicationController
 
   before_filter :ensure_wizard_enabled
   before_filter :ensure_logged_in
-  before_filter :ensure_staff
+  before_filter :ensure_admin
 
   def update
     wizard = Wizard::Builder.new(current_user).build
diff --git a/app/controllers/wizard_controller.rb b/app/controllers/wizard_controller.rb
index 951ad1d9e..4b7bc82fa 100644
--- a/app/controllers/wizard_controller.rb
+++ b/app/controllers/wizard_controller.rb
@@ -4,7 +4,7 @@ require_dependency 'wizard/builder'
 class WizardController < ApplicationController
   before_filter :ensure_wizard_enabled, only: [:index]
   before_filter :ensure_logged_in
-  before_filter :ensure_staff
+  before_filter :ensure_admin
 
   skip_before_filter :check_xhr, :preload_json
 
diff --git a/spec/controllers/steps_controller_spec.rb b/spec/controllers/steps_controller_spec.rb
index 950005b20..50bafc95f 100644
--- a/spec/controllers/steps_controller_spec.rb
+++ b/spec/controllers/steps_controller_spec.rb
@@ -13,7 +13,7 @@ describe StepsController do
   end
 
   it "raises an error if you aren't an admin" do
-    log_in
+    log_in(:moderator)
     xhr :put, :update, id: 'made-up-id', fields: { forum_title: "updated title" }
     expect(response).to be_forbidden
   end
diff --git a/spec/controllers/wizard_controller_spec.rb b/spec/controllers/wizard_controller_spec.rb
index ffc1ed64b..6621e3481 100644
--- a/spec/controllers/wizard_controller_spec.rb
+++ b/spec/controllers/wizard_controller_spec.rb
@@ -14,7 +14,7 @@ describe WizardController do
     end
 
     it "raises an error if you aren't an admin" do
-      log_in
+      log_in(:moderator)
       xhr :get, :index
       expect(response).to be_forbidden
     end