diff --git a/arkindex/project/mixins.py b/arkindex/project/mixins.py
index 2ec9f0a1d4b4f13da7a476177d93fc3c880b1e6d..cda2c95e8759a01b904110db49e0ff8ebeb20a2e 100644
--- a/arkindex/project/mixins.py
+++ b/arkindex/project/mixins.py
@@ -21,9 +21,11 @@ class ACLMixin(object):
     Access control mixin using the generic Right table.
     """
     _user = None
+    mixin_order_by_fields = ()
 
-    def __init__(self, user=None):
+    def __init__(self, user=None, order_by_fields=()):
         self._user = user
+        self.mixin_order_by_fields = order_by_fields
 
     @property
     def user(self):
@@ -72,15 +74,18 @@ class ACLMixin(object):
                     'memberships__group__memberships__level'
                 )
             )
-        # Ensure one of the right has an adequate level
-        queryset = queryset.filter(max_level__gte=level)
+
+        # Order by decreasing max_level to make sure we keep the max among all rights
+        queryset = queryset.filter(max_level__gte=level) \
+            .order_by(*self.mixin_order_by_fields, 'id', '-max_level') \
+            .distinct(*self.mixin_order_by_fields, 'id')
 
         # Use a join to add public instances as this is the more elegant solution
         if include_public:
             queryset = queryset.union(self.get_public_instances(model, Role.Guest.value))
 
         # Return distinct corpus with the max right level among matching rights
-        return queryset.order_by('id', '-max_level').distinct('id')
+        return queryset.order_by(*self.mixin_order_by_fields, 'id')
 
     def has_access(self, instance, level):
         self._check_level(level)