diff --git a/app/DataTables/WorklistDataTable.php b/app/DataTables/WorklistDataTable.php
index 33c109d..ea8d67b 100644
--- a/app/DataTables/WorklistDataTable.php
+++ b/app/DataTables/WorklistDataTable.php
@@ -5,9 +5,9 @@
 use App\DAL\Studies\WorklistFactory;
 use App\Models\Study;
 use App\Models\User;
-use App\Services\ACL\AccessControl;
 use App\Services\ACL\WorklistButton;
 use App\Services\ACL\WorklistColumn;
+use App\Services\ACL\WorklistGuard;
 use Carbon\Carbon;
 use Carbon\CarbonImmutable;
 use Closure;
@@ -105,7 +105,7 @@ public function html(): HtmlBuilder
     public function getColumns(): array
     {
         $columns = [];
-        foreach (AccessControl::worklistColumns() as $col) {
+        foreach (WorklistGuard::worklistColumns() as $col) {
             switch ($col) {
                 case WorklistColumn::Priority:
                     $columns[] = Column::make($col->value)
@@ -206,7 +206,7 @@ private function customColumns(): array
     {
         $columns = [];
 
-        foreach (AccessControl::worklistColumns() as $col) {
+        foreach (WorklistGuard::worklistColumns() as $col) {
             switch ($col) {
                 case WorklistColumn::PatientName:
                     $columns[$col->value] = fn (Study $study) => $study->sanitizedPatientName();
@@ -269,7 +269,7 @@ private function renderButton(string $data_id, string $fa_icon, string $data_cla
     private function generateButtons(Study $study): string
     {
         $btns = [];
-        foreach (AccessControl::worklistButtons() as $button) {
+        foreach (WorklistGuard::worklistButtons() as $button) {
             switch ($button) {
                 case WorklistButton::StudyMetadata:
                     $btns[] = $this->renderButton($study->hash, 'fa-circle-info', 'showStudy btn-outline-facebook', 'Info');
diff --git a/app/Models/Study.php b/app/Models/Study.php
index 209dad7..76e58c9 100644
--- a/app/Models/Study.php
+++ b/app/Models/Study.php
@@ -120,6 +120,11 @@ public function isAssigned(int $rad_id): bool
         return $this->assigned_physician_id === $rad_id;
     }
 
+    public function isActive(): bool
+    {
+        return $this->is_archived === false;
+    }
+
     public function getReportStatusLedAttribute(): string
     {
         $color = match ($this->report_status) {
diff --git a/app/Services/ACL/AccessControl.php b/app/Services/ACL/WorklistGuard.php
similarity index 97%
rename from app/Services/ACL/AccessControl.php
rename to app/Services/ACL/WorklistGuard.php
index 79f3f03..6dbbf61 100644
--- a/app/Services/ACL/AccessControl.php
+++ b/app/Services/ACL/WorklistGuard.php
@@ -5,7 +5,7 @@
 use App\Models\User;
 use Illuminate\Support\Collection;
 
-final readonly class AccessControl
+final readonly class WorklistGuard
 {
     public static function worklistColumns(?int $user_id = null): Collection
     {
diff --git a/app/Services/Workflow/Manager.php b/app/Services/Workflow/Manager.php
new file mode 100644
index 0000000..3a40659
--- /dev/null
+++ b/app/Services/Workflow/Manager.php
@@ -0,0 +1,86 @@
+<?php
+
+namespace App\Services\Workflow;
+
+use App\Models\Enums\Permission;
+use App\Models\Enums\ReportStatus;
+use App\Models\Study;
+use App\Models\User;
+use Closure;
+
+final class Manager
+{
+    private ?User $user = null;
+
+    public static function of(Study $study): self
+    {
+        return new self($study);
+    }
+
+    public function by(User|int|null $user): self
+    {
+        if (is_int($user)) {
+            $this->user = User::find($user);
+        } elseif ($user instanceof User) {
+            $this->user = $user;
+        } else {
+            $this->user = auth()->user();
+        }
+
+        return $this;
+    }
+
+    private function checkUserPermission(Permission $permission): bool
+    {
+        if (is_null($this->user)) {
+            $this->user = auth()->user();
+        }
+
+        return $this->user->may($permission);
+    }
+
+    public function can(Permission $permission): bool
+    {
+        if (! $this->checkUserPermission($permission)) {
+            return false;
+        }
+
+        $prop = 'can' . $permission->name;
+        if (! method_exists($this, $prop)) {
+            return false;
+        }
+
+        return $this->{$prop}();
+    }
+
+    private function activeStudy(Closure $fn): bool
+    {
+        if (! $this->study->isActive()) {
+            return false;
+        }
+
+        return $fn();
+    }
+
+    public function canAssignPhysician(): bool
+    {
+        return $this->activeStudy(fn () => $this->study->report_status <= ReportStatus::Draft);
+    }
+
+    public function canStudyHistoryEdit(): bool
+    {
+        return $this->activeStudy(fn () => $this->study->report_status <= ReportStatus::Draft);
+    }
+
+    public function canAttachmentUpload(): bool
+    {
+        return $this->activeStudy(fn () => $this->study->report_status <= ReportStatus::Draft);
+    }
+
+    public function canReportDownload(): bool
+    {
+        return $this->activeStudy(fn () => $this->study->report_status >= ReportStatus::Finalized);
+    }
+
+    public function __construct(private readonly Study $study) {}
+}