diff --git a/routes/singleClass.js b/routes/singleClass.js
index 2b1f106..3f4c0f5 100644
--- a/routes/singleClass.js
+++ b/routes/singleClass.js
@@ -58,6 +58,9 @@ router.get('/:id', async (req, res) => {
 });
 
 router.post('/:id/delete', async (req, res) => {
+	if (req.session.userType !== 'account')
+		return res.redirect('/admin/classes');
+
 	const c = req.class;
 	await c.delete();
 
@@ -94,6 +97,9 @@ router.get('/:id/:memberType(members|teachers)', (req, res) => {
 });
 
 router.get('/:id/:userType(members|teachers)/add', (req, res) => {
+	if (req.session.userType !== 'account')
+		return res.redirect('/admin/classes');
+
 	const c = req.class;
 	const userType =
 		req.params.userType === 'teachers' ?
@@ -133,6 +139,9 @@ router.get('/:id/:userType(members|teachers)/add', (req, res) => {
 });
 
 router.post('/:id/:userType(members|teachers)/add', async (req, res) => {
+	if (req.session.userType !== 'account')
+		return res.redirect('/admin/classes');
+
 	const c = req.class;
 	const userType = req.params.userType;
 	const rejectURL = `/admin/class/${c.id}/${userType}/add`;
@@ -178,6 +187,9 @@ router.post('/:id/:userType(members|teachers)/add', async (req, res) => {
 });
 
 router.post('/:id/members/add2', async (req, res) => {
+	if (req.session.userType !== 'account')
+		return res.redirect('/admin/classes');
+
 	const c = req.class;
 	const rejectURL = `/admin/class/${c.id}/students/add`;
 
@@ -216,6 +228,9 @@ router.post('/:id/members/add2', async (req, res) => {
 
 router.get('/:id/:userType(members|teachers)/:userId/remove',
 	async (req, res) => {
+		if (req.session.userType !== 'account')
+			return res.redirect('/admin/classes');
+
 		const c = req.class;
 		const u = await new User(req.db, req.params.userId);
 
@@ -241,6 +256,9 @@ router.get('/:id/:userType(members|teachers)/:userId/remove',
 
 router.post('/:id/:userType(members|teachers)/:userId/remove',
 	async (req, res) => {
+		if (req.session.userType !== 'account')
+			return res.redirect('/admin/classes');
+
 		const c = req.class;
 		const u = await new User(req.db, req.params.userId);
 		const userType = req.params.userType;
diff --git a/routes/singleTest.js b/routes/singleTest.js
index 5bd0205..4078b83 100644
--- a/routes/singleTest.js
+++ b/routes/singleTest.js
@@ -57,6 +57,9 @@ router.get('/:id', async (req, res) => {
 });
 
 router.post('/:id/delete', async (req, res) => {
+	if (req.session.userType !== 'account')
+		return res.redirect('/admin/tests');
+
 	const t = req.test;
 	await t.delete();
 
@@ -65,6 +68,9 @@ router.post('/:id/delete', async (req, res) => {
 
 
 router.get('/:id/results', async (req, res) => {
+	if (req.session.userType !== 'account')
+		return res.redirect('/admin/tests');
+
 	const t = req.test;
 	const linkRoot = `/admin/test/${t.id}/results`;
 
@@ -85,6 +91,9 @@ router.get('/:id/results', async (req, res) => {
 });
 
 router.post('/:id/results/:resultId/edit', async (req, res) => {
+	if (req.session.userType !== 'account')
+		return res.redirect('/admin/tests');
+
 	const t = req.test;
 	const tr = await new TestResult(req.db, req.params.resultId);
 
@@ -108,6 +117,9 @@ router.post('/:id/results/:resultId/edit', async (req, res) => {
 });
 
 router.post('/:id/results/:resultId/delete', async (req, res) => {
+	if (req.session.userType !== 'account')
+		return res.redirect('/admin/tests');
+
 	const t = req.test;
 	const tr = await new TestResult(req.db, req.params.resultId);
 	const returnURL = `/admin/test/${t.id}/results`;
@@ -118,6 +130,9 @@ router.post('/:id/results/:resultId/delete', async (req, res) => {
 });
 
 router.get('/:id/results/add', async (req, res) => {
+	if (req.session.userType !== 'account')
+		return res.redirect('/admin/tests');
+
 	const t = req.test;
 	const linkRoot = `/admin/test/${t.id}/results`;
 
@@ -139,6 +154,9 @@ router.get('/:id/results/add', async (req, res) => {
 });
 
 router.post('/:id/results/add', async (req, res) => {
+	if (req.session.userType !== 'account')
+		return res.redirect('/admin/tests');
+
 	const t = req.test;
 	const returnURL = `/admin/test/${t.id}/results`;
 
diff --git a/routes/singleTestTemplate.js b/routes/singleTestTemplate.js
index 07b83b4..aad34f2 100644
--- a/routes/singleTestTemplate.js
+++ b/routes/singleTestTemplate.js
@@ -6,6 +6,9 @@ const router = express.Router();
 const validator = require('../lib/validator');
 
 router.get('/:id', async (req, res) => {
+	if (req.session.userType !== 'account')
+		return res.redirect('/admin/test-templates');
+
 	const tt = req.tt;
 	const linkRoot = `/admin/test-template/${tt.id}`;
 
@@ -23,6 +26,9 @@ router.get('/:id', async (req, res) => {
 });
 
 router.post('/:id/edit', async (req, res) => {
+	if (req.session.userType !== 'account')
+		return res.redirect('/admin/test-templates');
+
 	const tt = req.tt;
 	const returnURL = `/admin/test-template/${tt.id}`;
 
@@ -48,6 +54,9 @@ router.post('/:id/edit', async (req, res) => {
 });
 
 router.post('/:id/delete', async (req, res) => {
+	if (req.session.userType !== 'account')
+		return res.redirect('/admin/test-templates');
+
 	const tt = req.tt;
 	await tt.delete();
 
diff --git a/views/test.hbs b/views/test.hbs
index fa008ad..56e3552 100644
--- a/views/test.hbs
+++ b/views/test.hbs
@@ -69,9 +69,11 @@
 	</div>
 </section>
 
+{{#eq userType 'account'}}
 <script>
 	document.querySelector('.deleteForm').addEventListener('submit', (e) => {
 		if (!confirm('Delete test?'))
 			e.preventDefault();
 	});
 </script>
+{{/eq}}