diff --git a/app/controllers/boards_controller.rb b/app/controllers/boards_controller.rb
index 56ed69c49..383da0bbe 100644
--- a/app/controllers/boards_controller.rb
+++ b/app/controllers/boards_controller.rb
@@ -39,13 +39,18 @@ class BoardsController < ApplicationController
       end
       render :layout => false if request.xhr?
     elsif @course
-      @boards = @course.boards.includes(:last_message => :author).all
-      @boards = [] << @boards[0] if @boards.any?
-      if @boards.size == 1
-        @board = @boards.first
-        show and return
+      if (User.current.admin? || @course.is_public == 1 || (@course.is_public == 0 && User.current.member_of_course?(@course)))
+        @boards = @course.boards.includes(:last_message => :author).all
+        @boards = [] << @boards[0] if @boards.any?
+        if @boards.size == 1
+          @board = @boards.first
+          show and return
+        end
+        render :layout => 'base_courses'
+      else
+        render_403
       end
-      render :layout => 'base_courses'
+
     end
 
   end
diff --git a/app/controllers/courses_controller.rb b/app/controllers/courses_controller.rb
index 62ed12122..08ab010da 100644
--- a/app/controllers/courses_controller.rb
+++ b/app/controllers/courses_controller.rb
@@ -669,24 +669,29 @@ class CoursesController < ApplicationController
   end
 
   def feedback
-    page = params[:page]
-    # Find the page of the requested reply
-    @jours = @course.journals_for_messages.where('m_parent_id IS NULL').order('created_on DESC')
-    @limit =  10
-    if params[:r] && page.nil?
-      offset = @jours.count(:conditions => ["#{JournalsForMessage.table_name}.id > ?", params[:r].to_i])
-      page = 1 + offset / @limit
+    if (User.current.admin? || @course.is_public == 1 || (@course.is_public == 0 && User.current.member_of_course?(@course)))
+      page = params[:page]
+      # Find the page of the requested reply
+      @jours = @course.journals_for_messages.where('m_parent_id IS NULL').order('created_on DESC')
+      @limit =  10
+      if params[:r] && page.nil?
+        offset = @jours.count(:conditions => ["#{JournalsForMessage.table_name}.id > ?", params[:r].to_i])
+        page = 1 + offset / @limit
+      end
+
+      #@feedback_count = @jours.count
+      #@feedback_pages = Paginator.new @feedback_count, @limit, page
+      #@offset ||= @feedback_pages.offset
+      @jour = paginateHelper @jours,10
+      @state = false
+      respond_to do |format|
+        format.html{render :layout => 'base_courses'}
+        format.api
+      end
+    else
+      render_403
     end
 
-    #@feedback_count = @jours.count
-    #@feedback_pages = Paginator.new @feedback_count, @limit, page
-    #@offset ||= @feedback_pages.offset
-    @jour = paginateHelper @jours,10
-    @state = false
-    respond_to do |format|
-      format.html{render :layout => 'base_courses'}
-      format.api
-    end
   end