diff --git a/beat/web/common/permissions.py b/beat/web/common/permissions.py
index 6c15d5840dcaafd8b36971698c349357adb80376..9ca392fe28632acf8bd6c7ee2f9ed9af662e125c 100644
--- a/beat/web/common/permissions.py
+++ b/beat/web/common/permissions.py
@@ -50,3 +50,41 @@ class IsAuthor(permissions.IsAuthenticated):
             author_name = kwargs.get("author_name")
             allowed = request.user.username == author_name
         return allowed
+
+
+class IsAuthorOrReadOnly(IsAuthor):
+    """
+    Either allow access if using a read method or
+    check that the user is also the author.
+    """
+
+    def has_permission(self, request, view):
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        else:
+            return super().has_permission(request, view)
+
+
+class IsAdminOrReadOnly(permissions.IsAdminUser):
+    """
+    Either allow access if using a read method or
+    check that the user is an admin.
+    """
+
+    def has_permission(self, request, view):
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        else:
+            return super().has_permission(request, view)
+
+
+class IsModifiableOrRead(permissions.BasePermission):
+    """
+    Check for modifiable flag if there's a modification that is tried
+    """
+
+    def has_object_permission(self, request, view, obj):
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        else:
+            return obj.modifiable()