diff --git a/webapp/views.py b/webapp/views.py
index 1b70e31..c04e11f 100644
--- a/webapp/views.py
+++ b/webapp/views.py
@@ -34,6 +34,14 @@ class IsPostOrIsAuthenticated(permissions.BasePermission):
         return request.user and request.user.is_authenticated
 
 
+class IsPostOrReadOnlyOrAuthenticated(permissions.BasePermission):
+    def has_permission(self, request, view):
+        if request.method in ['POST', 'GET']:
+            return True
+
+        return request.user and request.user.is_authenticated
+
+
 # -- REST API -- #
 class RootView(routers.APIRootView):
     permission_classes = [IsAuthenticatedOrReadOnly]
@@ -42,7 +50,7 @@ class RootView(routers.APIRootView):
 class EventViewSet(viewsets.ModelViewSet):
     queryset = Event.objects.all()
     serializer_class = EventSerializer
-    permission_classes = [IsAuthenticatedOrReadOnly]
+    permission_classes = [IsPostOrReadOnlyOrAuthenticated]
     filter_backends = (filters.DjangoFilterBackend, SearchFilter, OrderingFilter)
     filter_fields = '__all__'
     search_fields = '__all__'