diff --git a/lib/mv_web/live/user_live/index.html.heex b/lib/mv_web/live/user_live/index.html.heex
index 9314f1e..dcb2e83 100644
--- a/lib/mv_web/live/user_live/index.html.heex
+++ b/lib/mv_web/live/user_live/index.html.heex
@@ -2,9 +2,11 @@
<.header>
{gettext("Listing Users")}
<:actions>
- <.button variant="primary" navigate={~p"/users/new"}>
- <.icon name="hero-plus" /> {gettext("New User")}
-
+ <%= if can?(@current_user, :create, Mv.Accounts.User) do %>
+ <.button variant="primary" navigate={~p"/users/new"}>
+ <.icon name="hero-plus" /> {gettext("New User")}
+
+ <% end %>
@@ -62,16 +64,20 @@
<.link navigate={~p"/users/#{user}"}>{gettext("Show")}
- <.link navigate={~p"/users/#{user}/edit"}>{gettext("Edit")}
+ <%= if can?(@current_user, :update, user) do %>
+ <.link navigate={~p"/users/#{user}/edit"}>{gettext("Edit")}
+ <% end %>
<:action :let={user}>
- <.link
- phx-click={JS.push("delete", value: %{id: user.id}) |> hide("#row-#{user.id}")}
- data-confirm={gettext("Are you sure?")}
- >
- {gettext("Delete")}
-
+ <%= if can?(@current_user, :destroy, user) do %>
+ <.link
+ phx-click={JS.push("delete", value: %{id: user.id}) |> hide("#row-#{user.id}")}
+ data-confirm={gettext("Are you sure?")}
+ >
+ {gettext("Delete")}
+
+ <% end %>
diff --git a/lib/mv_web/live/user_live/show.ex b/lib/mv_web/live/user_live/show.ex
index e961d84..fa4f186 100644
--- a/lib/mv_web/live/user_live/show.ex
+++ b/lib/mv_web/live/user_live/show.ex
@@ -41,9 +41,11 @@ defmodule MvWeb.UserLive.Show do
<.icon name="hero-arrow-left" />
{gettext("Back to users list")}
- <.button variant="primary" navigate={~p"/users/#{@user}/edit?return_to=show"}>
- <.icon name="hero-pencil-square" /> {gettext("Edit User")}
-
+ <%= if can?(@current_user, :update, @user) do %>
+ <.button variant="primary" navigate={~p"/users/#{@user}/edit?return_to=show"}>
+ <.icon name="hero-pencil-square" /> {gettext("Edit User")}
+
+ <% end %>