diff --git a/server/policies/document.ts b/server/policies/document.ts
index a50c25b9b..2c0f64704 100644
--- a/server/policies/document.ts
+++ b/server/policies/document.ts
@@ -53,8 +53,11 @@ allow(User, "download", Document, (actor, document) =>
 
 allow(User, "comment", Document, (actor, document) =>
   and(
-    //
-    can(actor, "read", document),
+    // TODO: We'll introduce a separate permission for commenting
+    or(
+      and(can(actor, "read", document), !actor.isGuest),
+      and(can(actor, "update", document), actor.isGuest)
+    ),
     isTeamMutable(actor),
     !!document?.isActive,
     !document?.template