diff --git a/website/snippets/views.py b/website/snippets/views.py
index 856c057..d27c23a 100644
--- a/website/snippets/views.py
+++ b/website/snippets/views.py
@@ -2,11 +2,12 @@ from django.contrib.auth.models import User
 
 from .models import Snippet
 from .serializers import SnippetSerializer, UserSerializer
-from rest_framework import generics
+from rest_framework import generics, permissions
 
 class SnippetList(generics.ListCreateAPIView):
     queryset = Snippet.objects.all()
     serializer_class = SnippetSerializer
+    permission_classes = [permissions.IsAuthenticatedOrReadOnly]
 
     def perform_create(self, serializer):
         serializer.save(owner=self.request.user)
@@ -15,6 +16,7 @@ class SnippetList(generics.ListCreateAPIView):
 class SnippetDetail(generics.RetrieveUpdateDestroyAPIView):
     queryset = Snippet.objects.all()
     serializer_class = SnippetSerializer
+    permission_classes = [permissions.IsAuthenticatedOrReadOnly]
 
 class UserList(generics.ListAPIView):
     queryset = User.objects.all()