diff --git a/src/Api.php b/src/Api.php
index 64099943..64dc2879 100644
--- a/src/Api.php
+++ b/src/Api.php
@@ -7,12 +7,21 @@ class Api
 
 		return \Chibi\Database::transaction(function() use ($job, $jobArgs)
 		{
+			$job->prepare($jobArgs);
+
 			if ($job->requiresAuthentication())
 				Access::assertAuthentication();
 
 			if ($job->requiresConfirmedEmail())
 				Access::assertEmailConfirmation();
 
+			$p = $job->requiresPrivilege();
+			list ($privilege, $subPrivilege) = is_array($p)
+				? $p
+				: [$p, null];
+			if ($privilege !== null)
+				Access::assert($privilege, $subPrivilege);
+
 			return $job->execute($jobArgs);
 		});
 	}
diff --git a/src/Jobs/AbstractJob.php b/src/Jobs/AbstractJob.php
index a12400e4..d168fcc4 100644
--- a/src/Jobs/AbstractJob.php
+++ b/src/Jobs/AbstractJob.php
@@ -1,6 +1,10 @@
 <?php
 abstract class AbstractJob
 {
+	public function prepare($arguments)
+	{
+	}
+
 	public abstract function execute($arguments);
 
 	public abstract function requiresAuthentication();
diff --git a/src/Jobs/AddCommentJob.php b/src/Jobs/AddCommentJob.php
index 1186eb3a..427f57ac 100644
--- a/src/Jobs/AddCommentJob.php
+++ b/src/Jobs/AddCommentJob.php
@@ -3,8 +3,8 @@ class AddCommentJob extends AbstractJob
 {
 	public function execute($arguments)
 	{
-		$post = PostModel::findById($arguments['post-id']);
 		$user = Auth::getCurrentUser();
+		$post = PostModel::findById($arguments['post-id']);
 		$text = CommentModel::validateText($arguments['text']);
 
 		$comment = CommentModel::spawn();
@@ -15,7 +15,7 @@ class AddCommentJob extends AbstractJob
 
 		CommentModel::save($comment);
 		LogHelper::log('{user} commented on {post}', [
-			'user' => TextHelper::reprUser(Auth::getCurrentUser()),
+			'user' => TextHelper::reprUser($user),
 			'post' => TextHelper::reprPost($comment->getPost()->id)]);
 
 		return $comment;
diff --git a/src/Jobs/EditCommentJob.php b/src/Jobs/EditCommentJob.php
index 1c7d6589..8419b844 100644
--- a/src/Jobs/EditCommentJob.php
+++ b/src/Jobs/EditCommentJob.php
@@ -1,18 +1,24 @@
 <?php
 class EditCommentJob extends AbstractJob
 {
+	protected $comment;
+
+	public function prepare($arguments)
+	{
+		$this->comment = CommentModel::findById($arguments['comment-id']);
+	}
+
 	public function execute($arguments)
 	{
 		$user = Auth::getCurrentUser();
-		$comment = CommentModel::findById($arguments['comment-id']);
-		$text = CommentModel::validateText($arguments['text']);
+		$comment = $this->comment;
 
 		$comment->commentDate = time();
-		$comment->text = $text;
+		$comment->text = CommentModel::validateText($arguments['text']);
 
 		CommentModel::save($comment);
 		LogHelper::log('{user} edited comment in {post}', [
-			'user' => TextHelper::reprUser(Auth::getCurrentUser()),
+			'user' => TextHelper::reprUser($user),
 			'post' => TextHelper::reprPost($comment->getPost())]);
 
 		return $comment;
@@ -20,7 +26,11 @@ class EditCommentJob extends AbstractJob
 
 	public function requiresPrivilege()
 	{
-		return Privilege::EditComment;
+		return
+		[
+			Privilege::EditComment,
+			Access::getIdentity($this->comment->getCommenter())
+		];
 	}
 
 	public function requiresAuthentication()
diff --git a/src/Jobs/PreviewCommentJob.php b/src/Jobs/PreviewCommentJob.php
index b3f3c35f..232258b5 100644
--- a/src/Jobs/PreviewCommentJob.php
+++ b/src/Jobs/PreviewCommentJob.php
@@ -10,7 +10,6 @@ class PreviewCommentJob extends AbstractJob
 		$comment->setCommenter($user);
 		$comment->commentDate = time();
 		$comment->text = $text;
-
 		return $comment;
 	}