diff --git a/app/Http/Controllers/JobsController.php b/app/Http/Controllers/JobsController.php
index 71cdb1d..08106f5 100755
--- a/app/Http/Controllers/JobsController.php
+++ b/app/Http/Controllers/JobsController.php
@@ -31,6 +31,8 @@ class JobsController extends Controller
 
     public function show(Request $request, Job $job)
     {
+        $this->authorize('view', $job);
+
         $editableTask = null;
 
         if ($request->get('action') == 'task_edit' && $request->has('task_id')) {
@@ -44,34 +46,33 @@ class JobsController extends Controller
         return view('jobs.show', compact('job', 'editableTask'));
     }
 
-    public function edit($jobId)
+    public function edit(Job $job)
     {
-        $job = $this->repo->requireById($jobId);
+        $this->authorize('view', $job);
+
         $workers = $this->repo->getWorkersList();
 
         return view('jobs.edit', compact('job', 'workers'));
     }
 
-    public function update(UpdateRequest $req, $jobId)
+    public function update(UpdateRequest $request, Job $job)
     {
-        $job = $this->repo->update($req->except(['_method', '_token']), $jobId);
+        $job = $this->repo->update($request->except(['_method', '_token']), $job->id);
         flash()->success(trans('job.updated'));
 
-        return redirect()->route('jobs.show', $job->id);
+        return redirect()->route('jobs.show', $job);
     }
 
-    public function delete($jobId)
+    public function delete(Job $job)
     {
-        $job = $this->repo->requireById($jobId);
-
         return view('jobs.delete', compact('job'));
     }
 
-    public function destroy(DeleteRequest $req, $jobId)
+    public function destroy(DeleteRequest $request, Job $job)
     {
-        $job = $this->repo->requireById($jobId);
         $projectId = $job->project_id;
-        if ($jobId == $req->get('job_id')) {
+
+        if ($job->id == $request->get('job_id')) {
             $job->tasks()->delete();
             $job->delete();
             flash()->success(trans('job.deleted'));
@@ -82,10 +83,10 @@ class JobsController extends Controller
         return redirect()->route('projects.jobs.index', $projectId);
     }
 
-    public function tasksReorder(Request $req, $jobId)
+    public function tasksReorder(Request $request, Job $job)
     {
         if ($req->ajax()) {
-            $data = $this->repo->tasksReorder($req->get('postData'));
+            $data = $this->repo->tasksReorder($request->get('postData'));
 
             return 'oke';
         }
diff --git a/resources/views/jobs/show.blade.php b/resources/views/jobs/show.blade.php
index 1d6cc25..48e4506 100755
--- a/resources/views/jobs/show.blade.php
+++ b/resources/views/jobs/show.blade.php
@@ -7,8 +7,12 @@
 
 <h1 class="page-header">
     <div class="pull-right">
-        {!! html_link_to_route('projects.jobs.create', trans('job.create'), [$job->project_id], ['class' => 'btn btn-success','icon' => 'plus']) !!}
-        {!! link_to_route('jobs.edit', trans('job.edit'), [$job->id], ['class' => 'btn btn-warning']) !!}
+        @can('create', $job)
+            {!! html_link_to_route('projects.jobs.create', trans('job.create'), [$job->project_id], ['class' => 'btn btn-success','icon' => 'plus']) !!}
+        @endcan
+        @can('update', $job)
+            {!! link_to_route('jobs.edit', trans('job.edit'), [$job->id], ['class' => 'btn btn-warning']) !!}
+        @endcan
         {!! link_to_route('projects.jobs.index', trans('job.back_to_index'), [$job->project_id, '#' . $job->id], ['class' => 'btn btn-default']) !!}
     </div>
     {{ $job->name }} <small>{{ trans('job.detail') }}</small>
diff --git a/tests/Feature/ManageJobsTest.php b/tests/Feature/ManageJobsTest.php
index c1f3a64..a0ef479 100644
--- a/tests/Feature/ManageJobsTest.php
+++ b/tests/Feature/ManageJobsTest.php
@@ -86,32 +86,27 @@ class ManageJobsTest extends TestCase
     /** @test */
     public function admin_can_delete_a_job()
     {
-        $user = $this->adminUserSigningIn();
-        $customer = factory(Customer::class)->create();
-        $project = factory(Project::class)->create(['customer_id' => $customer->id]);
-        $job = factory(Job::class)->create(['project_id' => $project->id]);
+        $this->adminUserSigningIn();
+
+        $job = factory(Job::class)->create();
         $tasks = factory(Task::class, 2)->create(['job_id' => $job->id]);
 
         $this->seeInDatabase('jobs', [
-            'name'       => $job->name,
-            'price'      => $job->price,
-            'project_id' => $project->id,
+            'id' => $job->id,
         ]);
 
-        $this->visit(route('jobs.show', $job->id));
+        $this->visit(route('jobs.show', $job));
 
         $this->click(trans('app.edit'));
         $this->click(trans('job.delete'));
         $this->press(trans('app.delete_confirm_button'));
 
-        $this->seePageIs(route('projects.jobs.index', $project->id));
+        $this->seePageIs(route('projects.jobs.index', $job->project_id));
 
         $this->see(trans('job.deleted'));
 
         $this->notSeeInDatabase('jobs', [
-            'name'       => $job->name,
-            'price'      => $job->price,
-            'project_id' => $project->id,
+            'id' => $job->id,
         ]);
 
         $this->notSeeInDatabase('tasks', [