diff --git a/app/controllers/bids_controller.rb b/app/controllers/bids_controller.rb
index 36216530b..13ef9be5d 100644
--- a/app/controllers/bids_controller.rb
+++ b/app/controllers/bids_controller.rb
@@ -585,14 +585,18 @@ class BidsController < ApplicationController
   end
   
  def edit
+   @bid = Bid.find(params[:bid_id])
+   if (User.current.admin?||User.current.id==@bid.author_id)&&(@bid.homework_type == 1)
     @project_id = params[:project_id]
-    @bid = Bid.find(params[:bid_id])
     respond_to do |format|
       format.html {
         @project = Project.find(params[:project_id])
         @user= User.find(User.current.id)
         render :layout => 'base_courses'
       }
+       end
+    else
+      render 403
     end
   end