diff --git a/group/templates/group/group_info.html b/group/templates/group/group_info.html
index 27397ee0bb..d392f132d2 100644
--- a/group/templates/group/group_info.html
+++ b/group/templates/group/group_info.html
@@ -149,7 +149,9 @@
                 </p>
                 <button class="reply op" data="{% url 'msg_reply' msg.id %}"><span class="reply-cnt">{% if msg.reply_cnt != 0 %}{{ msg.reply_cnt }} {% endif %}</span>回复</button>
                 <button class="replyclose op hide">收起回复</button>
+                {% if is_staff or msg.from_email == request.user.username %}
                 <button class="msg-delete op" href="#" data="{% url 'group_message_remove' group.id msg.id %}">删除</button>
+                {% endif %}
                 <div class="reply-bd"></div>
             </div>
         </div>
@@ -203,6 +205,14 @@ $('.download').click(function() {
     {% include 'snippets/repo_create_js.html' %}
 {% endwith %}
 
+$('.msg-delete').hover(
+    function() {
+        $(this).css('color', '#f93');
+    },
+    function() {
+        $(this).css('color', '#080');
+    }
+);
 addConfirmTo($('.msg-delete'));
 
 </script>
diff --git a/group/views.py b/group/views.py
index 6a98545e68..1e2ca21f2b 100644
--- a/group/views.py
+++ b/group/views.py
@@ -374,10 +374,16 @@ def group_message_remove(request, group_id, msg_id):
     try:
         gm = GroupMessage.objects.get(id=msg_id)
     except GroupMessage.DoesNotExist:
-        messages.success(request, u'删除失败')
+        messages.error(request, u'删除失败')
     else:
-        gm.delete()
-        messages.success(request, u'删除成功')
+        # Test whether user is group admin or message owner.
+        if check_group_staff(group_id, request.user) or \
+                gm.from_email == request.user.username:
+            gm.delete()
+            messages.success(request, u'删除成功')
+        else:
+            messages.error(request, u'删除失败：权限不足')
+            
     return HttpResponseRedirect(reverse('group_info', args=[group_id]))
 
 @login_required