diff --git a/beat/web/reports/permissions.py b/beat/web/reports/permissions.py
index 9bfd0a1da13060cb1fae5729adbd522fcea65dc5..9ed36974dfa271a080f62cc0e7fac0fe55cf0273 100644
--- a/beat/web/reports/permissions.py
+++ b/beat/web/reports/permissions.py
@@ -73,6 +73,20 @@ class IsLocked(permissions.BasePermission):
 #----------------------------------------------------------
 
 
+class IsPublished(permissions.BasePermission):
+    """
+    Object level permission that returns true if the
+    given object status is Report.PUBLISHED
+    """
+    message = 'This report is not published'
+
+    def has_object_permission(self, request, view, obj):
+        return obj.status == Report.PUBLISHED
+
+
+#----------------------------------------------------------
+
+
 class IsAuthorOrPublished(permissions.BasePermission):
     """
     The logged in user should also be the author or