diff --git a/files/routes/posts.py b/files/routes/posts.py
index a18c6c7c8d..723a065f72 100644
--- a/files/routes/posts.py
+++ b/files/routes/posts.py
@@ -111,6 +111,8 @@ def post_id(pid, anything=None, v=None):
if post.club and not (v and (v.paid_dues or v.id == post.author_id)): abort(403)
+ if post.private and not (v and (v.admin_level > 1 or v.id == post.author.id)): abort(403)
+
if v:
votes = g.db.query(CommentVote).filter_by(user_id=v.id).subquery()
diff --git a/files/templates/authforms.html b/files/templates/authforms.html
index 5993154bf9..b43b1f44d2 100644
--- a/files/templates/authforms.html
+++ b/files/templates/authforms.html
@@ -15,7 +15,7 @@
{% if v %}
-
+
{% if v.agendaposter %}
-
+
{% endif %}
diff --git a/files/templates/default.html b/files/templates/default.html
index c088099124..2d2cfdfd40 100644
--- a/files/templates/default.html
+++ b/files/templates/default.html
@@ -7,7 +7,7 @@
{% if v %}
-
+
{% if v.agendaposter %}
-
+
{% endif %}
diff --git a/files/templates/log.html b/files/templates/log.html
index d339cacec2..6a2888b7c2 100644
--- a/files/templates/log.html
+++ b/files/templates/log.html
@@ -6,7 +6,7 @@
{% block content %}
{% if v %}
-
+
{% if v.agendaposter %}
-
+
{% endif %}
diff --git a/files/templates/login.html b/files/templates/login.html
index 58d662a285..af3c8770a9 100644
--- a/files/templates/login.html
+++ b/files/templates/login.html
@@ -18,7 +18,7 @@
{% endblock %}
-
+
diff --git a/files/templates/login_2fa.html b/files/templates/login_2fa.html
index 031d6e5b11..8163787c28 100644
--- a/files/templates/login_2fa.html
+++ b/files/templates/login_2fa.html
@@ -14,7 +14,7 @@
2-Step Login - {{SITE_NAME}}
-
+
diff --git a/files/templates/settings.html b/files/templates/settings.html
index 793cfc608d..8f6d524e10 100644
--- a/files/templates/settings.html
+++ b/files/templates/settings.html
@@ -34,7 +34,7 @@
-
+
{% if v.agendaposter %}
-
+
{% else %}
-
+
{% endif %}
diff --git a/files/templates/sign_up.html b/files/templates/sign_up.html
index a21f4067c3..f8d8007613 100644
--- a/files/templates/sign_up.html
+++ b/files/templates/sign_up.html
@@ -31,7 +31,7 @@
{% if ref_user %}{{ref_user.username}} invites you to {{SITE_NAME}}{% else %}Sign up - {{SITE_NAME}}{% endif %}
-
+
diff --git a/files/templates/sign_up_failed_ref.html b/files/templates/sign_up_failed_ref.html
index 64cd77180a..d556482a2d 100644
--- a/files/templates/sign_up_failed_ref.html
+++ b/files/templates/sign_up_failed_ref.html
@@ -32,7 +32,7 @@
{% if ref_user %}{{ref_user.username}} invites you to {{SITE_NAME}}{% else %}{{SITE_NAME}}{% endif %}
-
+
diff --git a/files/templates/submit.html b/files/templates/submit.html
index 7b6fc26014..32c98ee59e 100644
--- a/files/templates/submit.html
+++ b/files/templates/submit.html
@@ -26,7 +26,7 @@
{% block stylesheets %}
{% if v %}
-
+
{% if v.agendaposter %}
-
+
{% endif %}
{% endblock %}
diff --git a/files/templates/userpage.html b/files/templates/userpage.html
index 5203a362f9..cdd3765648 100644
--- a/files/templates/userpage.html
+++ b/files/templates/userpage.html
@@ -698,7 +698,7 @@
{{u.username}}
{% endif %}
-
+
{% endblock %}
diff --git a/files/templates/userpage_comments.html b/files/templates/userpage_comments.html
index 41a3d90968..f3d7dc2c17 100644
--- a/files/templates/userpage_comments.html
+++ b/files/templates/userpage_comments.html
@@ -114,5 +114,5 @@
{{u.username}}
{% endif %}
-
+
{% endblock %}
\ No newline at end of file
diff --git a/files/templates/userpage_private.html b/files/templates/userpage_private.html
index 7d690c190e..0a267ca8d1 100644
--- a/files/templates/userpage_private.html
+++ b/files/templates/userpage_private.html
@@ -48,5 +48,5 @@
{{u.username}}
{% endif %}
-
+
{% endblock %}
\ No newline at end of file