diff --git a/pkg/internal/server/api/events_api.go b/pkg/internal/server/api/events_api.go
index 7452de9..1d106ab 100644
--- a/pkg/internal/server/api/events_api.go
+++ b/pkg/internal/server/api/events_api.go
@@ -2,6 +2,7 @@ package api
 
 import (
 	"fmt"
+
 	"git.solsynth.dev/hydrogen/messaging/pkg/internal/gap"
 	"git.solsynth.dev/hydrogen/messaging/pkg/internal/models"
 	"git.solsynth.dev/hydrogen/messaging/pkg/internal/server/exts"
@@ -98,6 +99,8 @@ func newRawEvent(c *fiber.Ctx) error {
 		channel, member, err = services.GetAvailableChannelWithAlias(alias, user, val.ID)
 		if err != nil {
 			return fiber.NewError(fiber.StatusNotFound, err.Error())
+		} else if member.PowerLevel < 0 {
+			return fiber.NewError(fiber.StatusForbidden, "you have not enough permission to send message")
 		}
 	} else {
 		channel, member, err = services.GetAvailableChannelWithAlias(alias, user)
diff --git a/pkg/internal/server/api/events_message_api.go b/pkg/internal/server/api/events_message_api.go
index 690c63c..166abba 100644
--- a/pkg/internal/server/api/events_message_api.go
+++ b/pkg/internal/server/api/events_message_api.go
@@ -39,6 +39,8 @@ func newMessageEvent(c *fiber.Ctx) error {
 		channel, member, err = services.GetAvailableChannelWithAlias(alias, user, val.ID)
 		if err != nil {
 			return fiber.NewError(fiber.StatusNotFound, err.Error())
+		} else if member.PowerLevel < 0 {
+			return fiber.NewError(fiber.StatusForbidden, "you have not enough permission to send message")
 		}
 	} else {
 		channel, member, err = services.GetAvailableChannelWithAlias(alias, user)