diff --git a/resources/sql/youyesyet.postgres.overrides.sql b/resources/sql/youyesyet.postgres.overrides.sql
index dad6bce..146a2db 100644
--- a/resources/sql/youyesyet.postgres.overrides.sql
+++ b/resources/sql/youyesyet.postgres.overrides.sql
@@ -1,3 +1,22 @@
+------------------------------------------------------------------------
+-- User `youyesyet` (the app, and less secure parts of the site)
+-- must have the permissions of `canvassers`.
+------------------------------------------------------------------------
+DO
+$do$
+BEGIN
+ IF NOT EXISTS (
+ SELECT -- SELECT list can stay empty for this
+ FROM pg_catalog.pg_roles
+ WHERE rolname = 'youyesyet') THEN
+
+ CREATE ROLE youyesyet LOGIN PASSWORD 'thisisnotsecure';
+ END IF;
+END
+$do$;
+
+grant canvassers to youyesyet;
+
------------------------------------------------------------------------
-- convenience view lv_followupactions of entity followupactions for
-- lists, et cetera
diff --git a/resources/templates/issue-expert/request.html b/resources/templates/issue-expert/request.html
index 295ba19..6207c25 100644
--- a/resources/templates/issue-expert/request.html
+++ b/resources/templates/issue-expert/request.html
@@ -36,7 +36,7 @@
</label>
{% ifmemberof issueexperts analysts issueeditors admin %}
<span id='visit' name='visit' class='pseudo-widget disabled'>
- by {{visit.canvasser_id_expanded}} at {{visit.date}}
+ by {{visit.canvasser_id_expanded}} on {{visit.date}}
</span>
{% else %}
<span id='visit_id' name='visit_id' class='pseudo-widget not-authorised'>
@@ -46,8 +46,17 @@
</p>
<p class='widget'>
<label for='issue_id'>
- {{issue.id}}
+ Issue
</label>
+ {% ifmemberof issueexperts analysts issueeditors admin %}
+ <span id='visit' name='visit' class='pseudo-widget disabled'>
+ {{issue.id}}
+ </span>
+ {% else %}
+ <span id='visit_id' name='visit_id' class='pseudo-widget not-authorised'>
+ You are not permitted to view visit of followuprequests
+ </span>
+ {% endifmemberof %}
{% ifmemberof issueexperts admin %}
<div id="issue-brief">
{{issue.brief|safe}}