diff --git a/app/policies/application_policy.rb b/app/policies/application_policy.rb
index ec49b4d..14e0cbc 100644
--- a/app/policies/application_policy.rb
+++ b/app/policies/application_policy.rb
@@ -12,6 +12,14 @@ class ApplicationPolicy < ActionPolicy::Base
     deny! unless user.verified?
   end
 
+  def operate?
+    allow! if user.operator? || user.admin?
+  end
+
+  def admin?
+    allow! if user.admin?
+  end
+
   # Configure additional authorization contexts here
   # (`user` is added by default).
   #
diff --git a/app/views/layouts/_header.html.erb b/app/views/layouts/_header.html.erb
index fe723f3..cf90765 100644
--- a/app/views/layouts/_header.html.erb
+++ b/app/views/layouts/_header.html.erb
@@ -13,14 +13,14 @@
             <%= link_to "Profil", profile_path %>
           </button>
         </li>
-        <% if current_user.admin? %>
+        <% if allowed_to? :admin?, with: ApplicationPolicy %>
           <li class="relative">
             <button class="px-4 py-2 <%= current_user.admin? && 'hover:text-hsrm-red' || 'text-hsrm-gray-light'  %> border-b-4 <%= admin_tab? && 'border-hsrm-red-light' || 'hover:border-hsrm-red-light hover:bg-gray-100' %>">
               <%= link_to_if current_user.admin?, "Admin", admin_dashboard_path %>
             </button>
           </li>
         <% end %>
-        <% if current_user.operator? %>
+        <% if allowed_to? :operate?, with: ApplicationPolicy %>
           <li class="relative">
             <button class="px-4 py-2 hover:text-hsrm-red border-b-4 <%= operator_tab? && 'border-hsrm-red-light' || 'hover:border-hsrm-red-light hover:bg-gray-100'  %>">
               <%= link_to 'Operator', operator_jobs_path  %>