diff --git a/jet/dashboard/views.py b/jet/dashboard/views.py
index 5371f65d..87437da9 100644
--- a/jet/dashboard/views.py
+++ b/jet/dashboard/views.py
@@ -1,4 +1,5 @@
 from django.contrib import messages
+from django.core.exceptions import ValidationError
 from django.core.urlresolvers import reverse
 from django.forms.formsets import formset_factory
 from django.http import HttpResponseRedirect
@@ -211,11 +212,14 @@ def load_dashboard_module_view(request, pk):
     result = {'error': False}
 
     try:
+        if not request.user.is_authenticated() or not request.user.is_staff:
+            raise ValidationError('error')
+
         instance = UserDashboardModule.objects.get(pk=pk, user=request.user.pk)
         module_cls = instance.load_module()
         module = module_cls(model=instance, context={'request': request})
         result['html'] = module.render()
-    except UserDashboardModule.DoesNotExist:
+    except (ValidationError, UserDashboardModule.DoesNotExist):
         result['error'] = True
 
     return JsonResponse(result)