diff --git a/functions/api/events-team/events/[id].ts b/functions/api/events-team/events/[id].ts
new file mode 100644
index 0000000..8423e04
--- /dev/null
+++ b/functions/api/events-team/events/[id].ts
@@ -0,0 +1,58 @@
+import { jsonError } from "../../../common.js";
+
+export async function onRequestDelete(context: RequestContext) {
+  const eventId = context.params.id as string;
+  const eventData: { [k: string]: any } | null = await context.env.DATA.get(
+    `event_${eventId}`,
+    { type: "json" },
+  );
+
+  if (!eventData) return jsonError("No event exists with that ID", 404);
+
+  const { current_user: currentUser } = context.data;
+
+  if (
+    eventData.created_by !== currentUser.id &&
+    ![1 << 4, 1 << 12].find((int) => currentUser.permissions & int)
+  )
+    return jsonError("You are not authorized to delete that event", 403);
+
+  await context.env.DATA.delete(`event_${eventId}`);
+  await context.env.D1.prepare("DELETE FROM events WHERE id = ?;")
+    .bind(eventId)
+    .run();
+
+  return new Response(null, {
+    status: 204,
+  });
+}
+
+export async function onRequestPatch(context: RequestContext) {
+  const eventId = context.params.id as string;
+  const { body } = context.data;
+  const eventData: { [k: string]: any } | null = await context.env.DATA.get(
+    `event_${eventId}`,
+    { type: "json" },
+  );
+
+  if (!eventData) return jsonError("No event exists with that ID", 404);
+
+  const { current_user: currentUser } = context.data;
+
+  if (
+    eventData.created_by !== currentUser.id &&
+    ![1 << 4, 1 << 12].find((int) => currentUser.permissions & int)
+  )
+    return jsonError("You are not authorized to modify this event", 403);
+
+  eventData.answer &&= body.answer;
+  eventData.details &&= body.details;
+
+  await context.env.DATA.put(`event_${eventId}`, JSON.stringify(eventData), {
+    expirationTtl: 15552000,
+  });
+
+  return new Response(null, {
+    status: 204,
+  });
+}