diff --git a/app/imports/api/library/LibraryNodes.js b/app/imports/api/library/LibraryNodes.js
index bfc26fd0..5ec6b2d0 100644
--- a/app/imports/api/library/LibraryNodes.js
+++ b/app/imports/api/library/LibraryNodes.js
@@ -1,6 +1,9 @@
 import schema from '/imports/api/schema.js';
 import ChildSchema from '/imports/api/creature/parenting/ChildSchema.js';
 import librarySchemas from '/imports/api/library/librarySchemas.js';
+import Libraries from '/imports/api/library/Libraries.js';
+import { assertEditPermission } from '/imports/api/sharing/sharingPermissions.js';
+import getModifierFields from '/imports/api/getModifierFields.js';
 
 let LibraryNodes = new Mongo.Collection('libraryNodes');
 
@@ -50,3 +53,31 @@ for (let key in librarySchemas){
 
 export default LibraryNodes;
 export { LibraryNodeSchema };
+
+function getLibrary(node){
+  if (!node) throw new Meteor.Error('No node provided');
+  return Libraries.findOne(node.ancestors[0].id);
+}
+
+function assertNodeEditPermission(node, userId){
+  let lib = getLibrary(node);
+  return assertEditPermission(lib, userId);
+}
+
+const updateNode = new ValidatedMethod({
+  name: 'LibraryNodes.methods.update',
+  validate({_id, update}){
+    let fields = getModifierFields(update);
+    return !fields.hasAny([
+      'libraryNodeType',
+      'order',
+      'parent',
+      'ancestors',
+    ]);
+  },
+  run({_id, update}) {
+    let node = LibraryNodes.findOne(_id);
+    assertNodeEditPermission(node, this.userId);
+		return LibraryNodes.update(_id, update);
+  },
+});
diff --git a/app/imports/api/sharing/sharingPermissions.js b/app/imports/api/sharing/sharingPermissions.js
index 5f4587fd..e04d1133 100644
--- a/app/imports/api/sharing/sharingPermissions.js
+++ b/app/imports/api/sharing/sharingPermissions.js
@@ -5,14 +5,14 @@ function assertIdValid(userId){
     throw new Meteor.Error("Permission denied",
       "No user ID given for edit permission check");
   }
-};
+}
 
 function assertdocExists(doc){
   if (!doc){
     throw new Meteor.Error("Edit permission denied",
       `No doc exists with the given id: ${charId}`);
   }
-};
+}
 
 export function assertOwnership(doc, userId){
   assertIdValid(userId);
@@ -34,7 +34,7 @@ export function assertEditPermission(doc, userId) {
     throw new Meteor.Error("Edit permission denied",
       `You do not have permission to edit this character`);
   }
-};
+}
 
 export function assertViewPermission(doc, userId) {
   assertIdValid(userId);
@@ -50,4 +50,4 @@ export function assertViewPermission(doc, userId) {
     throw new Meteor.Error("View permission denied",
       `You do not have permission to view this character`);
   }
-};
+}