diff --git a/InvenTree/order/test_views.py b/InvenTree/order/test_views.py
index 932cac9060..246cc2dd48 100644
--- a/InvenTree/order/test_views.py
+++ b/InvenTree/order/test_views.py
@@ -6,6 +6,7 @@ from __future__ import unicode_literals
 from django.test import TestCase
 from django.urls import reverse
 from django.contrib.auth import get_user_model
+from django.contrib.auth.models import Group
 
 from InvenTree.status_codes import PurchaseOrderStatus
 
@@ -32,7 +33,21 @@ class OrderViewTestCase(TestCase):
 
         # Create a user
         User = get_user_model()
-        User.objects.create_user('username', 'user@email.com', 'password')
+        user = User.objects.create_user('username', 'user@email.com', 'password')
+
+        # Ensure that the user has the correct permissions!
+        g = Group.objects.create(name='orders')
+        user.groups.add(g)
+
+        for rule in g.rule_sets.all():
+            if rule.name in ['purchase_order', 'sales_order']:
+                rule.can_change = True
+                rule.can_add = True
+                rule.can_delete = True
+
+                rule.save()
+
+        g.save()
 
         self.client.login(username='username', password='password')
 
diff --git a/InvenTree/order/views.py b/InvenTree/order/views.py
index 28b8416b65..d2d02bb2c9 100644
--- a/InvenTree/order/views.py
+++ b/InvenTree/order/views.py
@@ -255,7 +255,7 @@ class PurchaseOrderNotes(InvenTreeRoleMixin, UpdateView):
     context_object_name = 'order'
     template_name = 'order/order_notes.html'
     model = PurchaseOrder
-    role_required = 'purchase_order.change'
+    role_required = 'purchase_order.view'
 
     fields = ['notes']