diff --git a/app/controllers/public/comment_controller.rb b/app/controllers/public/comment_controller.rb
index 2760dbb..76787bb 100644
--- a/app/controllers/public/comment_controller.rb
+++ b/app/controllers/public/comment_controller.rb
@@ -96,9 +96,7 @@ class CommentController < ApplicationController
 
   def mark_as_spam
     comment = profile.comments_received.find(params[:id])
-    could_mark_as_spam = (user == comment.profile || user.has_permission?(:moderate_comments, comment.profile))
-
-    if logged_in? && could_mark_as_spam
+    if comment.can_be_marked_as_spam_by?(user)
       comment.spam!
       render :text => {'ok' => true}.to_json, :content_type => 'application/json'
     else
diff --git a/app/models/comment.rb b/app/models/comment.rb
index 387f413..22c9d1f 100644
--- a/app/models/comment.rb
+++ b/app/models/comment.rb
@@ -264,4 +264,9 @@ class Comment < ActiveRecord::Base
     user == author || user == profile || user.has_permission?(:moderate_comments, profile)
   end
 
+  def can_be_marked_as_spam_by?(user)
+    return if user.nil?
+    user == profile || user.has_permission?(:moderate_comments, profile)
+  end
+
 end
diff --git a/test/unit/comment_test.rb b/test/unit/comment_test.rb
index ded8093..4c3cbf1 100644
--- a/test/unit/comment_test.rb
+++ b/test/unit/comment_test.rb
@@ -635,6 +635,41 @@ class CommentTest < ActiveSupport::TestCase
     assert comment.can_be_destroyed_by?(user)
   end
 
+  should 'not be able to mark comment as spam without user' do
+    comment = Comment.new
+
+    assert !comment.can_be_marked_as_spam_by?(nil)
+  end
+
+  should 'not be able to mark comment as spam' do
+    user = Person.new
+    profile = Profile.new
+    article = Article.new(:profile => profile)
+    comment = Comment.new(:article => article)
+    user.expects(:has_permission?).with(:moderate_comments, profile).returns(false)
+
+    assert !comment.can_be_marked_as_spam_by?(user)
+  end
+
+  should 'be able to mark comment as spam if is the profile' do
+    user = Person.new
+    article = Article.new(:profile => user)
+    comment = Comment.new(:article => article)
+
+    assert comment.can_be_marked_as_spam_by?(user)
+  end
+
+  should 'be able to mark comment as spam if can moderate_comments on the profile' do
+    user = Person.new
+    profile = Profile.new
+    article = Article.new(:profile => profile)
+    comment = Comment.new(:article => article)
+
+    user.expects(:has_permission?).with(:moderate_comments, profile).returns(true)
+
+    assert comment.can_be_marked_as_spam_by?(user)
+  end
+
   private
 
   def create_comment(args = {})
--
libgit2 0.21.2