diff --git a/apps/ops/api/adhoc.py b/apps/ops/api/adhoc.py
index fdb82d8c1..9db6835cf 100644
--- a/apps/ops/api/adhoc.py
+++ b/apps/ops/api/adhoc.py
@@ -20,6 +20,11 @@ class AdHocViewSet(JMSBulkModelViewSet):
     search_fields = ('name', 'comment')
     filterset_fields = ['scope', 'creator']
 
+    def allow_bulk_destroy(self, qs, filtered):
+        for obj in filtered:
+            self.check_object_permissions(self.request, obj)
+        return True
+
     def check_object_permissions(self, request, obj):
         if request.method != 'GET' and obj.creator != request.user:
             self.permission_denied(
diff --git a/apps/ops/api/playbook.py b/apps/ops/api/playbook.py
index c214269c4..bb2a886d7 100644
--- a/apps/ops/api/playbook.py
+++ b/apps/ops/api/playbook.py
@@ -38,6 +38,11 @@ class PlaybookViewSet(JMSBulkModelViewSet):
     search_fields = ('name', 'comment')
     filterset_fields = ['scope', 'creator']
 
+    def allow_bulk_destroy(self, qs, filtered):
+        for obj in filtered:
+            self.check_object_permissions(self.request, obj)
+        return True
+
     def check_object_permissions(self, request, obj):
         if request.method != 'GET' and obj.creator != request.user:
             self.permission_denied(