diff --git a/Gemfile b/Gemfile
index dd34a39..99b2df4 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,33 +1,33 @@
 source 'https://rubygems.org'
 
-ruby "2.2.0"
+ruby '2.2.0'
 
 gem 'rails', '~> 4.2.4'
 
 # Bundle edge Rails instead:
 # gem 'rails', :git => 'git://github.com/rails/rails.git'
 
-gem "devise"
-gem "cancancan"
-gem "haml-rails"
+gem 'devise'
+gem 'cancancan'
+gem 'haml-rails'
 gem 'coffee-rails'
 gem 'gmaps4rails', '~> 1.5.6'
 gem 'geocoder'
-gem "unicorn"
-gem "rack-timeout", '0.0.4' # https://github.com/heroku/rack-timeout/issues/55
-gem "sidekiq"
-gem "sinatra", require: false # Required for Sidekiq web interface
+gem 'unicorn'
+gem 'rack-timeout', '0.0.4' # https://github.com/heroku/rack-timeout/issues/55
+gem 'sidekiq'
+gem 'sinatra', require: false # Required for Sidekiq web interface
 
-gem "devise-async"
-gem "gravatar-ultimate"
+gem 'devise-async'
+gem 'gravatar-ultimate'
 # render markdown
-gem "redcarpet", "~> 1.17.2"
-gem "icalendar"
+gem 'redcarpet', '~> 1.17.2'
+gem 'icalendar'
 
 # parse urls
-gem "addressable"
+gem 'addressable'
 
-gem "twitter"
+gem 'twitter'
 
 group :development do
   gem 'letter_opener'
@@ -44,7 +44,7 @@ end
 gem 'sass-rails',   '~> 4.0.0' # v5 breaks CI
 # See https://github.com/sstephenson/execjs#readme for more supported runtimes
 # gem 'therubyracer', :platforms => :ruby
-gem "uglifier", '~> 2.1.1'
+gem 'uglifier', '~> 2.1.1'
 
 gem 'httparty'
 
@@ -64,25 +64,29 @@ gem 'socket.io-client-simple'
 gem 'houston'
 
 group :test do
-  gem "factory_girl_rails"
-  gem "timecop"
+  gem 'factory_girl_rails'
+  gem 'timecop'
   gem 'shoulda-matchers'
   gem 'simplecov', :require => false # code coverage tool
-  gem "database_cleaner"
+  gem 'database_cleaner'
   gem 'email_spec'
-  gem "webmock"
+  gem 'webmock'
 end
 
 group :test, :development do
-  gem "rspec-rails"
+  gem 'rspec-rails'
   gem 'capybara'
   gem 'poltergeist'
   gem 'pry-rails'
+  gem 'tzinfo-data', platforms: [:mingw, :mswin, :x64_mingw]
   gem 'sqlite3'
+
+
 end
 
+
 # To use ActiveModel has_secure_password
-# gem 'bcrypt-ruby', '~> 3.0.0'
+ gem 'bcrypt-ruby', '~> 3.0.0', :require => 'bcrypt'
 
 # To use Jbuilder templates for JSON
 # gem 'jbuilder'
diff --git a/app/controllers/polls_controller.rb b/app/controllers/polls_controller.rb
index 1a27d7d..53fa4bd 100644
--- a/app/controllers/polls_controller.rb
+++ b/app/controllers/polls_controller.rb
@@ -1,5 +1,6 @@
 class PollsController < ApplicationController
-
+  
+  load_and_authorize_resource only: [:new, :create, :edit, :update]
   before_action :authenticate_user!
 
   # GET /polls
@@ -27,12 +28,13 @@ def show
   # GET /polls/new
   # GET /polls/new.json
   def new
-    @poll = Poll.new
+      @poll = Poll.new
+      respond_to do |format|
+        format.html # new.html.erb
+        format.json { render json: @poll }
 
-    respond_to do |format|
-      format.html # new.html.erb
-      format.json { render json: @poll }
     end
+
   end
 
   # GET /polls/1/edit
@@ -43,6 +45,7 @@ def edit
   # POST /polls
   # POST /polls.json
   def create
+
     @poll = Poll.new(poll_params)
 
     respond_to do |format|
diff --git a/app/views/polls/index.html.haml b/app/views/polls/index.html.haml
index 7d98c72..84232c8 100644
--- a/app/views/polls/index.html.haml
+++ b/app/views/polls/index.html.haml
@@ -3,13 +3,12 @@
 
 -@polls.each do |poll|
   .poll{'data-id' => poll.id}
-    %h2=poll.question
+    %h2= poll.question
     .publish
       =render :partial => "polls/publish_link", :locals => {:poll => poll}
     .actions
       = link_to 'Show', poll
-      = link_to 'Edit', edit_poll_path(poll)
-      = link_to 'Destroy', poll, method: :delete, data: { confirm: 'Are you sure?' }
+      = link_to 'Edit', edit_poll_path(poll) 
+      = link_to 'Destroy', poll, method: :delete, data: { confirm: 'Are you sure?' } 
 
-
-= link_to 'New Poll', new_poll_path
+= link_to 'New Poll', new_poll_path if can? :manage, :polls
diff --git a/app/views/polls/show.html.haml b/app/views/polls/show.html.haml
index 8179146..5333c52 100644
--- a/app/views/polls/show.html.haml
+++ b/app/views/polls/show.html.haml
@@ -4,6 +4,6 @@
   %b Question:
   = @poll.question
 
-= link_to 'Edit', edit_poll_path(@poll)
+= link_to 'Edit', edit_poll_path(@poll) if can? :manage, :polls
 \|
-= link_to 'Back', polls_path
+= link_to 'Back', polls_path if can? :manage, :polls
diff --git a/spec/acceptance/lessons_spec.rb b/spec/acceptance/lessons_spec.rb
index b858378..91a4a0a 100644
--- a/spec/acceptance/lessons_spec.rb
+++ b/spec/acceptance/lessons_spec.rb
@@ -245,7 +245,6 @@
     uri = URI.parse(current_url)
     uri.path.should == root_path
   end
-
 end
 
 feature %q{
diff --git a/spec/acceptance/polls_spec.rb b/spec/acceptance/polls_spec.rb
index e53ea03..a5da412 100644
--- a/spec/acceptance/polls_spec.rb
+++ b/spec/acceptance/polls_spec.rb
@@ -35,7 +35,6 @@
     page.should have_css("p", :text => "Poll was successfully updated.", :visible => true)
   end
 
-
 end
 
 feature %q{
@@ -55,4 +54,27 @@
     save_and_open_page
     page.should have_css(".polls", :visible => true)
   end
+
 end
+
+feature %q{
+  As a website
+  I want to make sure,
+  That non-admin user
+  Can't create polls
+} do
+
+  background do
+    @user = FactoryGirl.create(:user)
+    venue = FactoryGirl.create(:venue)
+    @user.school = venue.school
+    sign_in_manually @user
+  end
+
+  scenario "Non-admin user is trying to access polls", :js => true do
+    visit new_poll_path
+    uri = URI.parse(current_url)
+    uri.path.should == root_path
+  end
+
+end
\ No newline at end of file