diff --git a/apps/course/views.py b/apps/course/views.py
index 4b60508f..caa3bd5f 100644
--- a/apps/course/views.py
+++ b/apps/course/views.py
@@ -164,6 +164,8 @@ class CourseEditView(TemplateView):
             self.object = drafts.last()
         else:
             self.object = Course.objects.create()
+        if request.user != self.object.author and request.user.role not in [User.ADMIN_ROLE, User.AUTHOR_ROLE]:
+            raise Http404
         return super().get(request)
 
     def get_context_data(self):