diff --git a/app/controllers/static_pages_controller.rb b/app/controllers/static_pages_controller.rb
index ac01361..d46e6f3 100644
--- a/app/controllers/static_pages_controller.rb
+++ b/app/controllers/static_pages_controller.rb
@@ -123,7 +123,10 @@ class StaticPagesController < ApplicationController
 	private
 	def check_access
 	  if params[:tournament]
-	     @tournament = params[:tournament]	
+	     @tournament = Tournament.find(params[:tournament])
+	     if current_user != @tournament.user
+		redirect_to '/static_pages/not_allowed'
+	     end	
 	  end
 	end
 end
diff --git a/test/controllers/static_pages_controller_test.rb b/test/controllers/static_pages_controller_test.rb
index 1bdaff2..f3e28ab 100644
--- a/test/controllers/static_pages_controller_test.rb
+++ b/test/controllers/static_pages_controller_test.rb
@@ -1,7 +1,68 @@
 require 'test_helper'
 
 class StaticPagesControllerTest < ActionController::TestCase
-  test "the truth" do
-     assert true
-   end
+  include Devise::TestHelpers
+
+  setup do
+     @tournament = Tournament.find(1)
+     @tournament.generateMatchups
+     @school = @tournament.schools.first
+  end
+ 
+  def new
+    get :new, tournament: @tournament.id
+  end
+
+  def sign_in_owner
+    sign_in users(:one)
+  end
+
+  def sign_in_non_owner
+    sign_in users(:two)
+  end
+
+  def success
+    assert_response :success
+  end
+
+  def redirect
+    assert_redirected_to '/static_pages/not_allowed'
+  end
+
+  test "logged in tournament owner can generate matches" do
+    sign_in_owner
+    get :generate_matches, tournament: 1
+    success
+  end
+
+  test "logged in non tournament owner cannot generate matches" do
+    sign_in_non_owner
+    get :generate_matches, tournament: 1
+    redirect
+  end
+
+  test "logged in tournament owner can access weigh_ins" do
+    sign_in_owner
+    get :weigh_in, tournament: 1
+    success
+  end
+
+  test "logged in non tournament owner cannot access weigh_ins" do
+    sign_in_non_owner
+    get :weigh_in, tournament: 1
+    redirect    
+  end
+
+  test "logged in tournament owner can create custom weights" do
+    sign_in_owner
+    get :createCustomWeights, tournament: 1, customValue: 'hs' 
+    assert_redirected_to '/tournaments/1'
+  end
+
+  test "logged in non tournament owner cannot create custom weights" do
+    sign_in_non_owner
+    get :createCustomWeights, tournament: 1, customValue: 'hs' 
+    redirect
+  end
+
 end