diff --git a/app/controllers/courses_controller.rb b/app/controllers/courses_controller.rb
index a0a61786c..5eb21af6a 100644
--- a/app/controllers/courses_controller.rb
+++ b/app/controllers/courses_controller.rb
@@ -605,7 +605,7 @@ class CoursesController < ApplicationController
 
   def toggleCourse
     @course_prefs = Course.find_by_extra(@course.extra)
-    unless (@course_prefs.teacher == User.current || User.current.admin?)
+    unless (@course_prefs.student != User.current || User.current.admin?)
       render_403
     end
   end