diff --git a/app/controllers/comment_votes_controller.rb b/app/controllers/comment_votes_controller.rb
index 22c490224..52ad7bc15 100644
--- a/app/controllers/comment_votes_controller.rb
+++ b/app/controllers/comment_votes_controller.rb
@@ -1,23 +1,22 @@
 class CommentVotesController < ApplicationController
-  before_action :member_only, except: [:index]
   skip_before_action :api_check
   respond_to :js, :json, :xml, :html
   rescue_with CommentVote::Error, ActiveRecord::RecordInvalid, status: 422
 
   def index
-    @comment_votes = CommentVote.visible(CurrentUser.user).paginated_search(params, count_pages: true)
+    @comment_votes = authorize CommentVote.visible(CurrentUser.user).paginated_search(params, count_pages: true)
     @comment_votes = @comment_votes.includes(:user, comment: [:creator, post: [:uploader]]) if request.format.html?
     respond_with(@comment_votes)
   end
 
   def create
-    @comment = Comment.find(params[:comment_id])
+    @comment = authorize Comment.find(params[:comment_id])
     @comment_vote = @comment.vote!(params[:score])
     respond_with(@comment)
   end
 
   def destroy
-    @comment = Comment.find(params[:comment_id])
+    @comment = authorize Comment.find(params[:comment_id])
     @comment.unvote!
     respond_with(@comment)
   end
diff --git a/app/policies/comment_vote_policy.rb b/app/policies/comment_vote_policy.rb
new file mode 100644
index 000000000..0ce20459d
--- /dev/null
+++ b/app/policies/comment_vote_policy.rb
@@ -0,0 +1,2 @@
+class CommentVotePolicy < ApplicationPolicy
+end