diff --git a/app/policies/story_policy.rb b/app/policies/story_policy.rb
index 960f6d4e2..8344eebfd 100644
--- a/app/policies/story_policy.rb
+++ b/app/policies/story_policy.rb
@@ -5,10 +5,18 @@ def index?
     true
   end
 
+  def share_portal?
+    true
+  end
+
   def show?
     admin? || record.publicly_visible? || (authenticated? && record.published?)
   end
 
+  def show_share_portal?
+    show?
+  end
+
   # Scoping
   # See https://actionpolicy.evilmartians.io/#/scoping
   #
diff --git a/spec/requests/stories_spec.rb b/spec/requests/stories_spec.rb
index b2d2b5fd3..e80aa0640 100644
--- a/spec/requests/stories_spec.rb
+++ b/spec/requests/stories_spec.rb
@@ -61,6 +61,13 @@
       end
     end
 
+    describe "GET /show_share_portal" do
+      it "can view any story in share portal" do
+        get show_share_portal_story_url(private_story)
+        expect(response).to have_http_status(:ok)
+      end
+    end
+
     describe "POST /create" do
       it "creates a story" do
         expect {
@@ -100,6 +107,23 @@
       end
     end
 
+    describe "GET /show_share_portal" do
+      it "can view published story in share portal" do
+        get show_share_portal_story_url(published_story)
+        expect(response).to have_http_status(:ok)
+      end
+
+      it "can view publicly visible story in share portal" do
+        get show_share_portal_story_url(public_story)
+        expect(response).to have_http_status(:ok)
+      end
+
+      it "cannot view private story in share portal" do
+        get show_share_portal_story_url(private_story)
+        expect(response).to redirect_to(root_path)
+      end
+    end
+
     describe "POST /create" do
       it "is unauthorized" do
         post stories_url, params: { story: base_attributes }
@@ -134,6 +158,23 @@
       end
     end
 
+    describe "GET /show_share_portal" do
+      it "can view publicly visible story in share portal" do
+        get show_share_portal_story_url(public_story)
+        expect(response).to have_http_status(:ok)
+      end
+
+      it "cannot view published-only story in share portal" do
+        get show_share_portal_story_url(published_story)
+        expect(response).to redirect_to(root_path)
+      end
+
+      it "cannot view private story in share portal" do
+        get show_share_portal_story_url(private_story)
+        expect(response).to redirect_to(root_path)
+      end
+    end
+
     describe "POST /create" do
       it "redirects to root" do
         post stories_url, params: { story: base_attributes }