diff --git a/apps/dashboard/app/lib/account_cache.rb b/apps/dashboard/app/lib/account_cache.rb
index e27fff0ab3..1c268f6bee 100644
--- a/apps/dashboard/app/lib/account_cache.rb
+++ b/apps/dashboard/app/lib/account_cache.rb
@@ -54,6 +54,9 @@ def dynamic_accounts
 
   # To be used with dynamic forms. This method stithes together data
   # about the queue's availablity WRT clusters.
+  # If the user has no account with access to a given queue, it is excluded.
+  # If a user has access to a given queue but only with specific accounts,
+  # data attributes are added to indicate which accounts can *not* be used for that queue.
   #
   # @return [Array] - the dynamic form options
   def queues
@@ -134,13 +137,7 @@ def unique_qos_names
 
   # do you have _any_ account that can submit to this queue?
   def blocked_queue?(queue)
-    allow_accounts = queue.allow_accounts
-
-    if allow_accounts.nil?
-      false
-    else
-      allow_accounts.intersection(account_names).empty?
-    end
+    (accounts.select {|account| account_allowed?(queue, account)}).none?
   end
 
   def queues_per_cluster
@@ -154,18 +151,20 @@ def queues_per_cluster
   end
 
   def queue_account_data(queue)
-    account_names.map do |account|
+    accounts.map do |account|
       ["data-option-for-auto-accounts-#{account}", false] unless account_allowed?(queue, account)
     end.compact.to_h
   end
 
-  def account_allowed?(queue, account_name)
-    return false if queue.deny_accounts.any? { |account| account == account_name }
-
-    if queue.allow_accounts.nil?
-      true
-    else
-      queue.allow_accounts.any? { |account| account == account_name }
-    end
+  # can _this_ account submit to this queue?
+  def account_allowed?(queue, account)
+    # This is the simplest possible implementation, and may not reflect the actual behavior of any
+    # given resource manager. For example, Slurm completely ignores DenyQos when AllowQos exists.
+    # This behavior is replicated in OOD Core by conditionally setting deny_qos to an empty array.
+    return false if queue.allow_accounts && !queue.allow_accounts.include?(account.to_s)
+    return false if queue.deny_accounts.include?(account.to_s)
+    return false if queue.allow_qos && !(queue.allow_qos & account.qos).any?    
+    return false if (queue.deny_qos & account.qos).any?
+    true
   end
 end