diff --git a/backend/src/admin/admin.controller.ts b/backend/src/admin/admin.controller.ts
index 01751676..c6c3b2a2 100644
--- a/backend/src/admin/admin.controller.ts
+++ b/backend/src/admin/admin.controller.ts
@@ -35,8 +35,8 @@ let requestConfig: AxiosRequestConfig;
 
 @Controller('admin')
 @UseGuards(JwtAuthGuard)
-// @UseGuards(JwtRoleGuard)
-// @Roles(Role.TICDI_ADMIN)
+@UseGuards(JwtRoleGuard)
+@Roles(Role.TICDI_ADMIN)
 export class AdminController {
   constructor(private readonly adminService: AdminService) {
     const hostname = process.env.backend_url ? process.env.backend_url : `http://localhost`;
diff --git a/backend/src/report/report.controller.ts b/backend/src/report/report.controller.ts
index 48b5f329..d17f72d4 100644
--- a/backend/src/report/report.controller.ts
+++ b/backend/src/report/report.controller.ts
@@ -80,8 +80,8 @@ export class ReportController {
 
   // remember to update
   @Post('generate-report')
-  // @UseGuards(JwtRoleGuard)
-  // @Roles(Role.GENERATE_DOCUMENTS)
+  @UseGuards(JwtRoleGuard)
+  @Roles(Role.GENERATE_DOCUMENTS)
   @Header('Content-Type', 'application/vnd.openxmlformats-officedocument.wordprocessingml.document')
   @Header('Content-Disposition', 'attachment; filename=report.docx')
   async generateReport(
diff --git a/frontend/src/app/content/display/Header.tsx b/frontend/src/app/content/display/Header.tsx
index 7acf44d1..5fd288fd 100644
--- a/frontend/src/app/content/display/Header.tsx
+++ b/frontend/src/app/content/display/Header.tsx
@@ -4,8 +4,7 @@ import UserService from '../../service/user-service';
 
 const Header: FC = () => {
   const username = UserService.getUsername();
-  // const isAdmin = UserService.hasRole([Roles.TICDI_ADMIN]);
-  const isAdmin = true;
+  const isAdmin = UserService.hasRole([Roles.TICDI_ADMIN]);
 
   return (
     <header className="header">