diff --git a/rowers/views.py b/rowers/views.py
index efc20124..3e7f3d38 100644
--- a/rowers/views.py
+++ b/rowers/views.py
@@ -5856,7 +5856,9 @@ def workout_workflow_view(request,id):
         row = Workout.objects.get(id=id)
     except Workout.DoesNotExist:
 	raise Http404("Workout doesn't exist")
-
+    if (checkworkoutuser(request.user,row)==False):
+        raise Http404("You are not allowed to edit this workout")
+    
     r = getrower(request.user)
     result = request.user.is_authenticated() and ispromember(request.user)
     if result: