diff --git a/src/Orchard.Web/Modules/Orchard.ContentPermissions/Drivers/ContentPermissionsPartDriver.cs b/src/Orchard.Web/Modules/Orchard.ContentPermissions/Drivers/ContentPermissionsPartDriver.cs
index 57c44e46e..c6bed1487 100644
--- a/src/Orchard.Web/Modules/Orchard.ContentPermissions/Drivers/ContentPermissionsPartDriver.cs
+++ b/src/Orchard.Web/Modules/Orchard.ContentPermissions/Drivers/ContentPermissionsPartDriver.cs
@@ -120,6 +120,11 @@ namespace Orchard.ContentPermissions.Drivers {
 
         protected override DriverResult Editor(ContentPermissionsPart part, IUpdateModel updater, dynamic shapeHelper) {
 
+            // ensure the current user is allowed to define permissions
+            if (!_authorizer.Authorize(Permissions.GrantPermission)) {
+                return null;
+            }
+
             var allRoles = _roleService.GetRoles().Select(x => x.Name).OrderBy(x => x).ToList();
 
             var model = new ContentPermissionsPartViewModel();