diff --git a/lib/classes/JsonApi/Routes/Courseware/Authority.php b/lib/classes/JsonApi/Routes/Courseware/Authority.php
index 36488a406341f950bdea15b14809dc2cecc3b6b9..0f837dee3dabb22ed75126f2f15402554b85a5b4 100644
--- a/lib/classes/JsonApi/Routes/Courseware/Authority.php
+++ b/lib/classes/JsonApi/Routes/Courseware/Authority.php
@@ -529,9 +529,15 @@ class Authority
         return $GLOBALS['perm']->have_perm('root', $user->id);
     }
 
-    public static function canCreateClipboard(User $user): bool
+    public static function canCreateClipboard(User $user, $resource): bool
     {
-        return true;
+        if ($resource instanceof StructuralElement) {
+            $structural_element = $resource;
+        } else {
+            $structural_element = $resource->getStructuralElement();
+        }
+        
+        return $structural_element->canEdit($user);
     }
 
     public static function canUpdateClipboard(User $user, Clipboard $resource): bool
diff --git a/lib/classes/JsonApi/Routes/Courseware/ClipboardsCreate.php b/lib/classes/JsonApi/Routes/Courseware/ClipboardsCreate.php
index 48aa78a464ffec6ad08410de180ffb12ec667bdd..73861f161c5b6a1d794213b94ece624439c67afb 100644
--- a/lib/classes/JsonApi/Routes/Courseware/ClipboardsCreate.php
+++ b/lib/classes/JsonApi/Routes/Courseware/ClipboardsCreate.php
@@ -29,13 +29,14 @@ class ClipboardsCreate extends JsonApiController
     {
         $json = $this->validate($request);
         $user = $this->getUser($request);
-        if (!Authority::canCreateClipboard($user)) {
-            throw new AuthorizationFailedException();
-        }
         $object = $this->getObject($json);
         if (!$object) {
             throw new RecordNotFoundException();
         }
+        if (!Authority::canCreateClipboard($user, $object)) {
+            throw new AuthorizationFailedException();
+        }
+
         $clipboard = $this->createClipboard($user, $json, $object);
 
         return $this->getCreatedResponse($clipboard);