diff --git a/app/controllers/workflows_controller.rb b/app/controllers/workflows_controller.rb
index 64d02d40f9a..85e864f864d 100644
--- a/app/controllers/workflows_controller.rb
+++ b/app/controllers/workflows_controller.rb
@@ -74,11 +74,11 @@ class WorkflowsController < ApplicationController
     @source_role = if params[:source_role_id].blank? || params[:source_role_id] == 'any'
                      nil
                    else
-                     ProjectRole.find(params[:source_role_id])
+                     eligible_roles.find(params[:source_role_id])
                    end
 
     @target_types = params[:target_type_ids].blank? ? nil : ::Type.where(id: params[:target_type_ids])
-    @target_roles = params[:target_role_ids].blank? ? nil : ProjectRole.where(id: params[:target_role_ids])
+    @target_roles = params[:target_role_ids].blank? ? nil : eligible_roles.where(id: params[:target_role_ids])
 
     if request.post?
       if params[:source_type_id].blank? || params[:source_role_id].blank? || (@source_type.nil? && @source_role.nil?)
@@ -148,7 +148,12 @@ class WorkflowsController < ApplicationController
   end
 
   def eligible_roles
-    Role.where(type: ProjectRole.name)
-        .or(Role.where(builtin: Role::BUILTIN_WORK_PACKAGE_EDITOR))
+    roles = Role.where(type: ProjectRole.name)
+
+    if EnterpriseToken.allows_to?(:work_package_sharing)
+      roles.or(Role.where(builtin: Role::BUILTIN_WORK_PACKAGE_EDITOR))
+    else
+      roles
+    end
   end
 end
diff --git a/app/helpers/warning_bar_helper.rb b/app/helpers/warning_bar_helper.rb
index e945572c73c..98a04109b76 100644
--- a/app/helpers/warning_bar_helper.rb
+++ b/app/helpers/warning_bar_helper.rb
@@ -41,6 +41,7 @@ module WarningBarHelper
 
   def render_workflow_missing_warning?
     current_user.admin? &&
+      EnterpriseToken.allows_to?(:work_package_sharing) &&
       no_workflow_for_wp_edit_role?
   end
 
diff --git a/spec/controllers/workflows_controller_spec.rb b/spec/controllers/workflows_controller_spec.rb
index 4399a25a25f..f53de38e40b 100644
--- a/spec/controllers/workflows_controller_spec.rb
+++ b/spec/controllers/workflows_controller_spec.rb
@@ -29,22 +29,32 @@
 require 'spec_helper'
 
 RSpec.describe WorkflowsController do
+  let!(:role_scope) do
+    role_scope = instance_double(ActiveRecord::Relation)
+
+    allow(Role)
+      .to receive(:where)
+            .with(type: ProjectRole.name)
+            .and_return(role_scope)
+
+    allow(role_scope)
+      .to receive_messages(order: role_scope, find_by: nil)
+
+    allow(role_scope)
+      .to receive(:find)
+            .with(role.id.to_s)
+            .and_return(role)
+
+    allow(role_scope)
+      .to receive(:find_by)
+            .with(id: role.id.to_s)
+            .and_return(role)
+
+    role_scope
+  end
+
   let!(:role) do
-    build_stubbed(:project_role) do |r|
-      allow(Role)
-        .to receive(:find)
-              .with(r.id.to_s)
-              .and_return(r)
-
-      allow(Role)
-        .to receive(:find_by)
-              .and_return(nil)
-
-      allow(Role)
-        .to receive(:find_by)
-              .with(id: r.id.to_s)
-              .and_return(r)
-    end
+    build_stubbed(:project_role)
   end
   let!(:type) do
     build_stubbed(:type) do |t|
@@ -105,7 +115,7 @@ RSpec.describe WorkflowsController do
         .to receive(:order)
               .and_return([type])
 
-      allow(Role)
+      allow(role_scope)
         .to receive(:order)
               .and_return([role])
     end
@@ -283,7 +293,7 @@ RSpec.describe WorkflowsController do
     end
 
     before do
-      allow(Role)
+      allow(role_scope)
         .to receive(:where)
               .with(id: [target_role1.id.to_s, target_role2.id.to_s])
               .and_return([target_role1, target_role2])
diff --git a/spec/features/workflows/missing_for_sharing_wp_spec.rb b/spec/features/workflows/missing_for_sharing_wp_spec.rb
index 54269bcfaab..11d0346e9cb 100644
--- a/spec/features/workflows/missing_for_sharing_wp_spec.rb
+++ b/spec/features/workflows/missing_for_sharing_wp_spec.rb
@@ -29,7 +29,8 @@
 require 'spec_helper'
 
 RSpec.describe 'Configuring the workflow for work package sharing',
-               with_config: { show_warning_bars: true } do
+               with_config: { show_warning_bars: true },
+               with_ee: %i[work_package_sharing] do
   let!(:role) { create(:project_role) }
   let!(:work_package_role) { create(:edit_work_package_role) }
   let!(:type) { create(:type) }
diff --git a/spec/services/authorization/enterprise_service_spec.rb b/spec/services/authorization/enterprise_service_spec.rb
index 1b345e14c89..ccdca03b538 100644
--- a/spec/services/authorization/enterprise_service_spec.rb
+++ b/spec/services/authorization/enterprise_service_spec.rb
@@ -89,7 +89,8 @@ RSpec.describe Authorization::EnterpriseService do
          readonly_work_packages
          team_planner_view
          two_factor_authentication
-         work_package_query_relation_columns).each do |guarded_action|
+         work_package_query_relation_columns
+         work_package_sharing).each do |guarded_action|
         context "guarded action #{guarded_action}" do
           let(:action) { guarded_action }