diff --git a/app/Http/Controllers/Staff/StudyHistoryController.php b/app/Http/Controllers/Staff/StudyHistoryController.php
index dae377c..989958c 100644
--- a/app/Http/Controllers/Staff/StudyHistoryController.php
+++ b/app/Http/Controllers/Staff/StudyHistoryController.php
@@ -11,7 +11,7 @@ class StudyHistoryController extends HashidControllerBase
 {
     public function view()
     {
-        abort_unless(auth()->user()->can(Permission::StudyHistoryView) || auth()->user()->isAdmin(), 403);
+        abort_unless(auth()->user()->may(Permission::StudyHistoryView), 403);
         $this->decodeKeys();
         $details = StudyDetails::historyOnly($this->key);
 
@@ -20,7 +20,7 @@ public function view()
 
     public function edit()
     {
-        abort_unless(auth()->user()->can(Permission::StudyHistoryEdit) || auth()->user()->isAdmin(), 403);
+        abort_unless(auth()->user()->may(Permission::StudyHistoryEdit), 403);
         $this->decodeKeys();
         $details = StudyDetails::historyOnly($this->key);
 
@@ -29,7 +29,7 @@ public function edit()
 
     public function save(StudyHistoryRequest $request)
     {
-        abort_unless(auth()->user()->can(Permission::StudyHistoryEdit) || auth()->user()->isAdmin(), 403);
+        abort_unless(auth()->user()->may(Permission::StudyHistoryEdit), 403);
         $this->decodeKeys();
         $details = StudyDetails::historyOnly($this->key);
         $payload = array_trim_strings($request->validated());