diff --git a/src/Handler/Course/User.hs b/src/Handler/Course/User.hs
index f3b401c8c..cd40e1ed0 100644
--- a/src/Handler/Course/User.hs
+++ b/src/Handler/Course/User.hs
@@ -186,7 +186,9 @@ courseUserProfileSection (Entity cid Course{..}) (Entity uid User{ userShowSex =
 
       
 courseUserNoteSection :: Entity Course -> Entity User -> MaybeT Handler Widget
-courseUserNoteSection (Entity cid _) (Entity uid _) = do
+courseUserNoteSection (Entity cid Course{..}) (Entity uid _) = do
+  guardM . hasWriteAccessTo $ CourseR courseTerm courseSchool courseShorthand CUsersR
+  
   currentRoute <- MaybeT getCurrentRoute
 
   (thisUniqueNote, noteText, noteEdits) <- lift . runDB $ do
@@ -243,7 +245,9 @@ courseUserNoteSection (Entity cid _) (Entity uid _) = do
 
 
 courseUserSubmissionsSection :: Entity Course -> Entity User -> MaybeT Handler Widget
-courseUserSubmissionsSection (Entity cid _) (Entity uid _) = do
+courseUserSubmissionsSection (Entity cid Course{..}) (Entity uid _) = do
+  guardM . hasWriteAccessTo $ CourseR courseTerm courseSchool courseShorthand CCorrectionsR
+
   let whereClause = (E.&&.) <$> courseIs cid <*> userIs uid
       colonnade = mconcat -- should match getSSubsR for consistent UX
         [ colSelect
@@ -281,6 +285,8 @@ courseUserSubmissionsSection (Entity cid _) (Entity uid _) = do
 
 courseUserExamsSection :: Entity Course -> Entity User -> MaybeT Handler Widget
 courseUserExamsSection (Entity cid Course{..}) (Entity uid _) = do
+  guardM . hasWriteAccessTo $ CourseR courseTerm courseSchool courseShorthand CExamNewR
+
   uCID <- encrypt uid
   
   let