diff --git a/src/viralhostrange/viralhostrangedb/views.py b/src/viralhostrange/viralhostrangedb/views.py
index 125773ae1b9253d5bb6b8d9bf5ae8cefb4c8a5a6..2190541a28dec48de2f31eed5172fabb9ea06c99 100644
--- a/src/viralhostrange/viralhostrangedb/views.py
+++ b/src/viralhostrange/viralhostrangedb/views.py
@@ -421,7 +421,8 @@ def data_source_history_list(request, pk):
     )
 
 
-def get_log_entry_with_permission_check_or_404(request, pk, log_pk):
+@login_required
+def get_log_entry_with_permission_check_or_404(request, pk, log_pk, allow_curator=False, user_id=None):
     if request.user.is_superuser and not models.DataSource.objects.filter(pk=pk).exists():
         # Allows superuser to access to back up of deleted data source after they have been deleted
         data_source = None
@@ -430,15 +431,27 @@ def get_log_entry_with_permission_check_or_404(request, pk, log_pk):
             self=None,
             request=request,
             queryset=models.DataSource.objects,
+            allow_curator=allow_curator,
         ), pk=pk)
+    log_entries = LogEntry.objects.filter(object_id=pk,
+                                          content_type=ContentType.objects.get_for_model(models.DataSource))
+    if user_id:
+        log_entries = log_entries.filter(user_id=user_id)
     return data_source, get_object_or_404(
-        LogEntry.objects.filter(object_id=pk, content_type=ContentType.objects.get_for_model(models.DataSource)),
+        log_entries,
         pk=log_pk,
     )
 
 
+@login_required
 def data_source_history_download(request, pk, log_pk):
-    data_source, le = get_log_entry_with_permission_check_or_404(request, pk, log_pk)
+    data_source, le = get_log_entry_with_permission_check_or_404(
+        request,
+        pk,
+        log_pk,
+        allow_curator=True,
+        user_id=request.user.id,
+    )
     file_path = business_process.get_backup_file_path(le, test_if_exists=True)
 
     if file_path is None: