diff --git a/Gemfile b/Gemfile
index 7dfedb7..c54acb3 100644
--- a/Gemfile
+++ b/Gemfile
@@ -74,6 +74,7 @@ group :test do
   gem 'selenium-webdriver'
 end
 
+gem 'cancancan'
 gem 'devise'
 gem 'devise-jwt'
 gem 'faker'
@@ -81,4 +82,3 @@ gem 'foreman', '~> 0.87.2'
 gem 'jsonapi-serializer'
 gem 'rack-cors'
 gem 'tailwindcss-rails', '~> 2.0'
-gem 'cancancan'
diff --git a/app/models/ability.rb b/app/models/ability.rb
index 7790623..f472ebd 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -4,36 +4,13 @@ class Ability
   include CanCan::Ability
 
   def initialize(user)
+    return unless user.present?
     can :read, :all
     can :manage, Rental
 
-    # Check if the user is an admin, and if so, allow them to manage (do everything with) all Rentals
-    if user.admin?
-      can :manage, :all
-    end
-    # Define abilities for the user here. For example:
-    #
-    #   return unless user.present?
-    #   can :read, :all
-    #   return unless user.admin?
-    #   can :manage, :all
-    #
-    # The first argument to `can` is the action you are giving the user
-    # permission to do.
-    # If you pass :manage it will apply to every action. Other common actions
-    # here are :read, :create, :update and :destroy.
-    #
-    # The second argument is the resource the user can perform the action on.
-    # If you pass :all it will apply to every resource. Otherwise pass a Ruby
-    # class of the resource.
-    #
-    # The third argument is an optional hash of conditions to further filter the
-    # objects.
-    # For example, here the user can only update published articles.
-    #
-    #   can :update, Article, published: true
-    #
-    # See the wiki for details:
-    # https://github.com/CanCanCommunity/cancancan/blob/develop/docs/define_check_abilities.md
+    return unless user.admin?
+
+    can :manage, :all
+
   end
 end