diff --git a/app/Http/Controllers/Users/BulkUsersController.php b/app/Http/Controllers/Users/BulkUsersController.php
index 36b20973a7b4..fbf08c9820b0 100644
--- a/app/Http/Controllers/Users/BulkUsersController.php
+++ b/app/Http/Controllers/Users/BulkUsersController.php
@@ -36,7 +36,7 @@ class BulkUsersController extends Controller
      */
     public function edit(Request $request)
     {
-        $this->authorize('update', User::class);
+        $this->authorize('view', User::class);
 
         // Make sure there were users selected
         if (($request->filled('ids')) && (count($request->input('ids')) > 0)) {
@@ -48,16 +48,18 @@ public function edit(Request $request)
 
             // bulk edit, display the bulk edit form
             if ($request->input('bulk_actions') == 'edit') {
+                $this->authorize('update', User::class);
                 return view('users/bulk-edit', compact('users'))
                     ->with('groups', Group::pluck('name', 'id'));
 
             // bulk delete, display the bulk delete confirmation form
             } elseif ($request->input('bulk_actions') == 'delete') {
+                $this->authorize('delete', User::class);
                 return view('users/confirm-bulk-delete')->with('users', $users)->with('statuslabel_list', Helper::statusLabelList());
 
             // merge, confirm they have at least 2 users selected and display the merge screen
             } elseif ($request->input('bulk_actions') == 'merge') {
-
+                $this->authorize('delete', User::class);
                 if (($request->filled('ids')) && (count($request->input('ids')) > 1)) {
                     return view('users/confirm-merge')->with('users', $users);
                 // Not enough users selected, send them back
diff --git a/resources/views/partials/users-bulk-actions.blade.php b/resources/views/partials/users-bulk-actions.blade.php
index a1dbd254769b..5f9b09ccca59 100644
--- a/resources/views/partials/users-bulk-actions.blade.php
+++ b/resources/views/partials/users-bulk-actions.blade.php
@@ -1,24 +1,31 @@
-<div id="userBulkEditToolbar">
+@can('view', \App\Models\User::class)
+    <div id="userBulkEditToolbar">
     {{ Form::open([
               'method' => 'POST',
               'route' => ['users/bulkedit'],
               'class' => 'form-inline',
               'id' => 'usersBulkForm']) }}
 
-@if (request('status')!='deleted')
-    @can('delete', \App\Models\User::class)
-        <div id="users-toolbar">
-            <label for="bulk_actions" class="sr-only">{{ trans('general.bulk_actions') }}</label>
-            <select name="bulk_actions" class="form-control select2" style="min-width:300px;" aria-label="bulk_actions">
-                <option value="edit">{{ trans('general.bulk_edit') }}</option>
-                <option value="delete">{!! trans('general.bulk_checkin_delete') !!}</option>
-                <option value="merge">{!! trans('general.merge_users') !!}</option>
-                <option value="bulkpasswordreset">{{ trans('button.send_password_link') }}</option>
-                <option value="print">{{ trans('admin/users/general.print_assigned') }}</option>
-            </select>
-            <button class="btn btn-primary" id="bulkUserEditButton" disabled>{{ trans('button.go') }}</button>
-        </div>
-    @endcan
-@endif
-    {{ Form::close() }}
-</div>
+        @if (request('status')!='deleted')
+            <div id="users-toolbar">
+                <label for="bulk_actions" class="sr-only">{{ trans('general.bulk_actions') }}</label>
+                <select name="bulk_actions" class="form-control select2" style="min-width:300px;" aria-label="bulk_actions">
+
+                    @can('update', \App\Models\User::class)
+                        <option value="edit">{{ trans('general.bulk_edit') }}</option>
+                    @endcan
+
+                    @can('delete', \App\Models\User::class)
+                        <option value="delete">{!! trans('general.bulk_checkin_delete') !!}</option>
+                        <option value="merge">{!! trans('general.merge_users') !!}</option>
+                    @endcan
+
+                    <option value="bulkpasswordreset">{{ trans('button.send_password_link') }}</option>
+                    <option value="print">{{ trans('admin/users/general.print_assigned') }}</option>
+                </select>
+                <button class="btn btn-primary" id="bulkUserEditButton" disabled>{{ trans('button.go') }}</button>
+            </div>
+        @endif
+        {{ Form::close() }}
+    </div>
+@endcan