diff --git a/app/blueprints/admin/audit.py b/app/blueprints/admin/audit.py
index b40f1401..c8d58603 100644
--- a/app/blueprints/admin/audit.py
+++ b/app/blueprints/admin/audit.py
@@ -15,7 +15,9 @@
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 
 from flask import render_template, request, abort
-from app.models import db, AuditLogEntry, UserRank, User
+from flask_login import current_user, login_required
+
+from app.models import db, AuditLogEntry, UserRank, User, Permission
 from app.utils import rank_required, get_int_or_abort
 
 from . import bp
@@ -40,7 +42,10 @@ def audit():
 
 
 @bp.route("/admin/audit/<int:id_>/")
-@rank_required(UserRank.MODERATOR)
+@login_required
 def audit_view(id_):
-	entry = AuditLogEntry.query.get(id_)
+	entry: AuditLogEntry = AuditLogEntry.query.get_or_404(id_)
+	if not entry.checkPerm(current_user, Permission.VIEW_AUDIT_DESCRIPTION):
+		abort(403)
+
 	return render_template("admin/audit_view.html", entry=entry)
diff --git a/app/models/__init__.py b/app/models/__init__.py
index c5e58dbf..eac8d297 100644
--- a/app/models/__init__.py
+++ b/app/models/__init__.py
@@ -106,6 +106,20 @@ class AuditLogEntry(db.Model):
 		self.package  = package
 		self.description = description
 
+	def checkPerm(self, user, perm):
+		if not user.is_authenticated:
+			return False
+
+		if type(perm) == str:
+			perm = Permission[perm]
+		elif type(perm) != Permission:
+			raise Exception("Unknown permission given to AuditLogEntry.checkPerm()")
+
+		if perm == Permission.VIEW_AUDIT_DESCRIPTION:
+			return user.rank.atLeast(UserRank.APPROVER if self.package is not None else UserRank.MODERATOR)
+		else:
+			raise Exception("Permission {} is not related to audit log entries".format(perm.name))
+
 
 REPO_BLACKLIST = [".zip", "mediafire.com", "dropbox.com", "weebly.com",
 	"minetest.net", "dropboxusercontent.com", "4shared.com",
diff --git a/app/models/users.py b/app/models/users.py
index a251eb8f..b0858ea8 100644
--- a/app/models/users.py
+++ b/app/models/users.py
@@ -90,6 +90,7 @@ class Permission(enum.Enum):
 	DELETE_REVIEW      = "DELETE_REVIEW"
 	CHANGE_PROFILE_URLS = "CHANGE_PROFILE_URLS"
 	CHANGE_DISPLAY_NAME = "CHANGE_DISPLAY_NAME"
+	VIEW_AUDIT_DESCRIPTION = "VIEW_AUDIT_DESCRIPTION"
 
 	# Only return true if the permission is valid for *all* contexts
 	# See Package.checkPerm for package-specific contexts
diff --git a/app/templates/macros/audit_log.html b/app/templates/macros/audit_log.html
index 671fe091..4d1b9f8a 100644
--- a/app/templates/macros/audit_log.html
+++ b/app/templates/macros/audit_log.html
@@ -2,7 +2,7 @@
 	<div class="list-group mt-3">
 		{% for entry in log %}
 			<a class="list-group-item list-group-item-action"
-				{% if entry.description and current_user.rank.atLeast(current_user.rank.MODERATOR) %}
+				{% if entry.description and entry.checkPerm(current_user, 'VIEW_AUDIT_DESCRIPTION') %}
 					href="{{ url_for('admin.audit_view', id_=entry.id) }}">
 				{% else %}
 					href="{{ entry.url }}">