diff --git a/server/controllers/ticket/close.php b/server/controllers/ticket/close.php
index d63b63ef..70a84b3a 100755
--- a/server/controllers/ticket/close.php
+++ b/server/controllers/ticket/close.php
@@ -30,15 +30,34 @@ class CloseController extends Controller {
     private $ticket;
 
     public function validations() {
-        return [
-            'permission' => 'user',
-            'requestData' => [
-                'ticketNumber' => [
-                    'validation' => DataValidator::validTicketNumber(),
-                    'error' => ERRORS::INVALID_TICKET
+        $session = Session::getInstance();
+
+        if (Controller::isUserSystemEnabled() || Controller::isStaffLogged()) {
+            return [
+                'permission' => 'user',
+                'requestData' => [
+                    'ticketNumber' => [
+                        'validation' => DataValidator::validTicketNumber(),
+                        'error' => ERRORS::INVALID_TICKET
+                    ]
                 ]
-            ]
-        ];
+            ];
+        } else {
+            return [
+                'permission' => 'any',
+                'requestData' => [
+                    'ticketNumber' => [
+                        'validation' => DataValidator::equals($session->getTicketNumber()),
+                        'error' => ERRORS::INVALID_TICKET
+                    ],
+                    'csrf_token' => [
+                        'validation' => DataValidator::equals($session->getToken()),
+                        'error' => Controller::request('csrf_token') . ' != ' . $session->getToken()
+
+                    ]
+                ]
+            ];
+        }
     }
 
     public function handler() {
@@ -62,10 +81,14 @@ class CloseController extends Controller {
     }
 
     private function shouldDenyPermission() {
-        $user = Controller::getLoggedUser();
+        if(Controller::isUserSystemEnabled() || Controller::isStaffLogged()) {
+            $user = Controller::getLoggedUser();
 
-        return (!Controller::isStaffLogged() && $this->ticket->author->id !== $user->id) ||
-               (Controller::isStaffLogged() && $this->ticket->owner && $this->ticket->owner->id !== $user->id);
+            return (!Controller::isStaffLogged() && $this->ticket->author->id !== $user->id) ||
+                   (Controller::isStaffLogged() && $this->ticket->owner && $this->ticket->owner->id !== $user->id);
+        } else {
+            return $this->ticket->ticket_number != Session::getInstance()->getTicketNumber();
+        }
     }
 
     private function markAsUnread() {
@@ -95,8 +118,8 @@ class CloseController extends Controller {
         $mailSender = new MailSender();
 
         $mailSender->setTemplate(MailTemplate::TICKET_CLOSED, [
-            'to' => $this->ticket->author->email,
-            'name' => $this->ticket->author->name,
+            'to' => ($this->ticket->author) ? $this->ticket->author->email : $this->ticket->authorEmail,
+            'name' => ($this->ticket->author) ? $this->ticket->author->name : $this->ticket->authorName,
             'ticketNumber' => $this->ticket->ticketNumber,
             'title' => $this->ticket->title,
             'url' => Setting::getSetting('url')->getValue()
@@ -104,4 +127,4 @@ class CloseController extends Controller {
 
         $mailSender->send();
     }
-}
\ No newline at end of file
+}