diff --git a/app/controllers/settings/mutes_controller.rb b/app/controllers/settings/mutes_controller.rb
index 38675db3..28f9d094 100644
--- a/app/controllers/settings/mutes_controller.rb
+++ b/app/controllers/settings/mutes_controller.rb
@@ -21,6 +21,9 @@ class Settings::MutesController < ApplicationController
 
   def destroy
     rule = MuteRule.find(params[:id])
+
+    authorize rule
+
     rule.destroy!
 
     respond_to do |format|
diff --git a/app/policies/mute_rule_policy.rb b/app/policies/mute_rule_policy.rb
new file mode 100644
index 00000000..8e0c9576
--- /dev/null
+++ b/app/policies/mute_rule_policy.rb
@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+class MuteRulePolicy
+  attr_reader :user, :mute_rule
+
+  def initialize(user, mute_rule)
+    @user = user
+    @mute_rule = mute_rule
+  end
+
+  def destroy?
+    user == mute_rule.user || user.admin?
+  end
+end