diff --git a/scnserver/api/handler/apiPreview.go b/scnserver/api/handler/apiPreview.go
index 3461ab9..b9ae61f 100644
--- a/scnserver/api/handler/apiPreview.go
+++ b/scnserver/api/handler/apiPreview.go
@@ -37,6 +37,10 @@ func (h APIHandler) GetUserPreview(g *gin.Context) ginresp.HTTPResponse {
 	}
 	defer ctx.Cancel()
 
+	if permResp := ctx.CheckPermissionAny(); permResp != nil {
+		return *permResp
+	}
+
 	user, err := h.database.GetUser(ctx, u.UserID)
 	if errors.Is(err, sql.ErrNoRows) {
 		return ginresp.APIError(g, 404, apierr.USER_NOT_FOUND, "User not found", err)
@@ -76,6 +80,10 @@ func (h APIHandler) GetChannelPreview(g *gin.Context) ginresp.HTTPResponse {
 	}
 	defer ctx.Cancel()
 
+	if permResp := ctx.CheckPermissionAny(); permResp != nil {
+		return *permResp
+	}
+
 	channel, err := h.database.GetChannelByID(ctx, u.ChannelID)
 	if errors.Is(err, sql.ErrNoRows) {
 		return ginresp.APIError(g, 404, apierr.CHANNEL_NOT_FOUND, "Channel not found", err)
@@ -115,6 +123,10 @@ func (h APIHandler) GetUserKeyPreview(g *gin.Context) ginresp.HTTPResponse {
 	}
 	defer ctx.Cancel()
 
+	if permResp := ctx.CheckPermissionAny(); permResp != nil {
+		return *permResp
+	}
+
 	keytoken, err := h.database.GetKeyToken(ctx, u.UserID, u.KeyID)
 	if errors.Is(err, sql.ErrNoRows) {
 		return ginresp.APIError(g, 404, apierr.KEY_NOT_FOUND, "Key not found", err)