diff --git a/website/server/controllers/api-v3/challenges.js b/website/server/controllers/api-v3/challenges.js
index c5dcb991f2..ccf2eed3b5 100644
--- a/website/server/controllers/api-v3/challenges.js
+++ b/website/server/controllers/api-v3/challenges.js
@@ -267,7 +267,7 @@ api.joinChallenge = {
     const group = await Group.getGroup({
       user, groupId: challenge.group, fields: basicGroupFields, optionalMembership: true,
     });
-    if (!group || group.type === 'party' && group._id !== user.party._id) {
+    if (!group || (group.type === 'party' && group._id !== user.party._id)) {
       throw new NotFound(res.t('challengeNotFound'));
     }
     if (group.type === 'guild' && group._id !== TAVERN_ID && !group.hasActiveGroupPlan()) {
diff --git a/website/server/controllers/api-v3/groups.js b/website/server/controllers/api-v3/groups.js
index d647e91b14..d5d26fccf1 100644
--- a/website/server/controllers/api-v3/groups.js
+++ b/website/server/controllers/api-v3/groups.js
@@ -412,7 +412,7 @@ api.getGroup = {
 
     const { groupId } = req.params;
     const group = await Group.getGroup({ user, groupId, populateLeader: false });
-    if (!group || group.type === 'guild' && group._id !== TAVERN_ID && !group.hasActiveGroupPlan()) {
+    if (!group || (group.type === 'guild' && group._id !== TAVERN_ID && !group.hasActiveGroupPlan())) {
       throw new NotFound(res.t('groupNotFound'));
     }
 
diff --git a/website/server/libs/challenges/index.js b/website/server/libs/challenges/index.js
index 086db00264..282a348ad4 100644
--- a/website/server/libs/challenges/index.js
+++ b/website/server/libs/challenges/index.js
@@ -8,6 +8,7 @@ import {
   TAVERN_ID,
 } from '../../models/group';
 import {
+  BadRequest,
   NotFound,
   NotAuthorized,
 } from '../errors';