diff --git a/src/permissions/report.ts b/src/permissions/report.ts
index 01b54769..5f9da019 100644
--- a/src/permissions/report.ts
+++ b/src/permissions/report.ts
@@ -3,11 +3,11 @@ import type { Auth } from '@/lib/types';
 import { canViewWebsite } from './website';
 
 export async function canViewReport(auth: Auth, report: Report) {
-  if (auth.user.isAdmin) {
+  if (auth.user?.isAdmin) {
     return true;
   }
 
-  if (auth.user.id === report.userId) {
+  if (auth.user?.id === report.userId) {
     return true;
   }
 
@@ -15,6 +15,10 @@ export async function canViewReport(auth: Auth, report: Report) {
 }
 
 export async function canUpdateReport({ user }: Auth, report: Report) {
+  if (!user) {
+    return false;
+  }
+
   if (user.isAdmin) {
     return true;
   }
diff --git a/src/permissions/website.ts b/src/permissions/website.ts
index 4008449d..a68b05cd 100644
--- a/src/permissions/website.ts
+++ b/src/permissions/website.ts
@@ -45,6 +45,10 @@ export async function canCreateWebsite({ user }: Auth) {
 }
 
 export async function canUpdateWebsite({ user }: Auth, websiteId: string) {
+  if (!user) {
+    return false;
+  }
+
   if (user.isAdmin) {
     return true;
   }
@@ -69,6 +73,10 @@ export async function canUpdateWebsite({ user }: Auth, websiteId: string) {
 }
 
 export async function canDeleteWebsite({ user }: Auth, websiteId: string) {
+  if (!user) {
+    return false;
+  }
+
   if (user.isAdmin) {
     return true;
   }