diff --git a/apps/comment/tests.py b/apps/comment/tests.py
index 832b86cb..79bed42f 100644
--- a/apps/comment/tests.py
+++ b/apps/comment/tests.py
@@ -15,9 +15,13 @@ class CommentModeratorPermissionTests(BasePermissionTests):
     def setUp(self):
         super().setUp()
 
+        self.site_ru, created = SiteSettings.objects.get_or_create(
+            subdomain='ru'
+        )
+
         self.role = Role.objects.create(
             role=2,
-            country=self.country_ru
+            site=self.site_ru
         )
         self.role.save()
 
@@ -35,10 +39,6 @@ class CommentModeratorPermissionTests(BasePermissionTests):
 
         self.user_test = get_tokens_for_user()
 
-        self.site_ru, created = SiteSettings.objects.get_or_create(
-            subdomain='ru'
-        )
-
         self.comment = Comment.objects.create(text='Test comment', mark=1,
                                               user=self.user_test["user"],
                                               object_id=self.country_ru.pk,
@@ -89,8 +89,9 @@ class CommentModeratorPermissionTests(BasePermissionTests):
             "text": "test text moderator",
             "mark": 1,
             "user": self.moderator.id,
-            "object_id": self.comment.country_id,
-            "content_type": self.content_type.id
+            "object_id": self.country_ru.id,
+            "content_type": self.content_type.id,
+            'site_id': self.site_ru.id
         }
 
         response = self.client.put(self.url, data=data, format='json')
diff --git a/apps/comment/views/back.py b/apps/comment/views/back.py
index 3b96cbd2..a46b70cb 100644
--- a/apps/comment/views/back.py
+++ b/apps/comment/views/back.py
@@ -8,13 +8,13 @@ class CommentLstView(generics.ListCreateAPIView):
     """Comment list create view."""
     serializer_class = serializers.CommentBaseSerializer
     queryset = models.Comment.objects.all()
-    permission_classes = [permissions.IsAuthenticatedOrReadOnly| IsCommentModerator|IsCountryAdmin]
+    # permission_classes = [permissions.IsAuthenticatedOrReadOnly| IsCommentModerator|IsCountryAdmin]
 
 
 class CommentRUDView(generics.RetrieveUpdateDestroyAPIView):
     """Comment RUD view."""
     serializer_class = serializers.CommentBaseSerializer
     queryset = models.Comment.objects.all()
-
-    permission_classes = [IsCountryAdmin | IsCommentModerator]
+    permission_classes = [IsCommentModerator]
+    # permission_classes = [IsCountryAdmin | IsCommentModerator]
     lookup_field = 'id'
diff --git a/apps/utils/permissions.py b/apps/utils/permissions.py
index a32e302c..321d72d3 100644
--- a/apps/utils/permissions.py
+++ b/apps/utils/permissions.py
@@ -100,7 +100,10 @@ class IsStandardUser(IsGuest):
 
         if hasattr(obj, 'user'):
             rules = [
-                obj.user == request.user and obj.user.email_confirmed,
+                obj.user == request.user
+                and obj.user.email_confirmed
+                and request.user.is_authenticated,
+
                 super().has_object_permission(request, view, obj)
             ]
 
@@ -244,13 +247,12 @@ class IsCommentModerator(IsStandardUser):
             super().has_permission(request, view)
         ]
 
-        # and request.user.email_confirmed,
-        if hasattr(request.data, 'user') and hasattr(request.data, 'country_id'):
+        if any(rules) and hasattr(request.data, 'site_id'):
             # Read permissions are allowed to any request.
 
             role = Role.objects.filter(role=Role.COMMENTS_MODERATOR,
-                                       country_id=request.data.country_id) \
-                .first()  # 'Comments moderator'
+                                       site_id=request.data.site_id) \
+                .first()
 
             rules = [
                 UserRole.objects.filter(user=request.user, role=role).exists(),
@@ -260,16 +262,22 @@ class IsCommentModerator(IsStandardUser):
         return any(rules)
 
     def has_object_permission(self, request, view, obj):
-        # Read permissions are allowed to any request.
-        role = Role.objects.filter(role=Role.COMMENTS_MODERATOR,
-                                   country_id=obj.country_id) \
-            .first()  # 'Comments moderator'
 
         rules = [
-            UserRole.objects.filter(user=request.user, role=role).exists() and
-            obj.user != request.user,
             super().has_object_permission(request, view, obj)
         ]
+
+        if request.user.is_authenticated:
+
+            role = Role.objects.filter(role=Role.COMMENTS_MODERATOR,
+                                       site_id=obj.site_id) \
+                .first()  # 'Comments moderator'
+
+            rules = [
+                UserRole.objects.filter(user=request.user, role=role).exists() and
+                obj.user != request.user,
+                super().has_object_permission(request, view, obj)
+            ]
         return any(rules)
 
 
@@ -335,7 +343,7 @@ class IsReviewerManager(IsStandardUser):
 
     def has_object_permission(self, request, view, obj):
         role = Role.objects.filter(role=Role.REVIEWER_MANGER,
-                                   country_id=obj.site_id) \
+                                   country_id=obj.country_id) \
             .first()
 
         rules = [