To do that we're going to need to create a custom permission.

Now we can add that custom permission to our snippet instance endpoint, by editing the property on the view class:

Now, if you open a browser again, you find that the 'DELETE' and 'PUT' actions only appear on a snippet instance endpoint if you're logged in as the same user that created the code snippet.