diff --git a/conservancy/usethesource/templates/usethesource/candidate.html b/conservancy/usethesource/templates/usethesource/candidate.html
index b31a11f2..18734d14 100644
--- a/conservancy/usethesource/templates/usethesource/candidate.html
+++ b/conservancy/usethesource/templates/usethesource/candidate.html
@@ -15,7 +15,7 @@
       <div>
         <div class="flex items-center">
           <h2 class="f2 lh-title ttu mt0">{{ candidate.name }}</h2>
-          {% if user.is_staff or user.is_superuser %}<a href="{% url 'admin:usethesource_candidate_change' object_id=candidate.id %}" title="Edit candidate" class="f3 white bg-light-silver db ph2 mh2 mb3" style="transform: scaleX(-1); text-decoration: none !important">✎</a>{% endif %}
+          {% if perms.usethesource.change_candidate %}<a href="{% url 'admin:usethesource_candidate_change' object_id=candidate.id %}" title="Edit candidate" class="f3 white bg-light-silver db ph2 mh2 mb3" style="transform: scaleX(-1); text-decoration: none !important">✎</a>{% endif %}
         </div>
 
         <p><strong>Vendor</strong>: {{ candidate.vendor }}</p>
diff --git a/conservancy/usethesource/templates/usethesource/comment_partial.html b/conservancy/usethesource/templates/usethesource/comment_partial.html
index 6e8b7d59..ea135495 100644
--- a/conservancy/usethesource/templates/usethesource/comment_partial.html
+++ b/conservancy/usethesource/templates/usethesource/comment_partial.html
@@ -1,8 +1,10 @@
 <div class="mb4" hx-target="this" hx-swap="outerHTML">
   <div class="mb2">
     <strong>{% if comment.attribute_to %}{{ comment.attribute_to }}{% else %}{{ comment.user }}{% endif %} — {{ comment.time }}</strong>
-    {% if user.is_staff %}
+    {% if request.user == comment.user or perms.usethesource.change_comment %}
       <a href="#" class="f7 white bg-light-silver ph2" hx-get="{% url 'usethesource:edit_comment' comment_id=comment.id %}">edit</a>
+    {% endif %}
+    {% if request.user == comment.user or perms.usethesource.delete_comment %}
       <a href="#" class="f7 white bg-light-red ph2" hx-delete="{% url 'usethesource:delete_comment' comment_id=comment.id show_add='false' %}" hx-confirm="Are you sure you want to delete this comment?">delete</a>
     {% endif %}
   </div>
diff --git a/conservancy/usethesource/views.py b/conservancy/usethesource/views.py
index 4b7a6be9..6d6446ed 100644
--- a/conservancy/usethesource/views.py
+++ b/conservancy/usethesource/views.py
@@ -1,4 +1,5 @@
 from django.contrib.admin.views.decorators import staff_member_required
+from django.core.exceptions import PermissionDenied
 from django.shortcuts import get_object_or_404, redirect, render
 
 from .models import Candidate, Comment
@@ -53,6 +54,8 @@ def create_comment(request, slug):
 @staff_member_required
 def edit_comment(request, comment_id):
     comment = get_object_or_404(Comment, id=comment_id)
+    if request.user != comment.user and not request.user.has_perm('usethesource.change_comment'):
+        raise PermissionDenied
     if request.method == 'GET':
         form = CommentForm(instance=comment)
     else:
@@ -72,8 +75,11 @@ def view_comment(request, comment_id, show_add):
 
 @staff_member_required
 def delete_comment(request, comment_id, show_add):
+    comment = get_object_or_404(Comment, id=comment_id)
+    if request.user != comment.user and not request.user.has_perm('usethesource.delete_comment'):
+        raise PermissionDenied
+    comment.delete()
     show_add = show_add == 'true'
-    Comment.objects.filter(id=comment_id).delete()
     return render(request, 'usethesource/comment_deleted.html', {'comment': None, 'add': show_add})