diff --git a/Modules/Adjustment/Http/Controllers/AdjustmentController.php b/Modules/Adjustment/Http/Controllers/AdjustmentController.php
index 91cc75c8..61c7da83 100644
--- a/Modules/Adjustment/Http/Controllers/AdjustmentController.php
+++ b/Modules/Adjustment/Http/Controllers/AdjustmentController.php
@@ -33,7 +33,7 @@ class AdjustmentController extends Controller
         abort_if(Gate::denies('create_adjustments'), 403);
 
         $request->validate([
-            'reference'   => 'required|string|max:255',
+            'reference'   => 'required|string|max:255|unique:adjustments,reference',
             'date'        => 'required|date',
             'note'        => 'nullable|string|max:1000',
             'product_ids' => 'required',
@@ -94,7 +94,7 @@ class AdjustmentController extends Controller
         abort_if(Gate::denies('edit_adjustments'), 403);
 
         $request->validate([
-            'reference'   => 'required|string|max:255',
+            'reference'   => 'required|string|max:255|unique:adjustments,reference,' . $adjustment->id,
             'date'        => 'required|date',
             'note'        => 'nullable|string|max:1000',
             'product_ids' => 'required',
diff --git a/Modules/Expense/Http/Controllers/ExpenseController.php b/Modules/Expense/Http/Controllers/ExpenseController.php
index 73ac7834..abe57dd5 100644
--- a/Modules/Expense/Http/Controllers/ExpenseController.php
+++ b/Modules/Expense/Http/Controllers/ExpenseController.php
@@ -6,6 +6,7 @@ use App\DataTables\ExpensesDataTable;
 use Illuminate\Contracts\Support\Renderable;
 use Illuminate\Http\Request;
 use Illuminate\Routing\Controller;
+use Illuminate\Support\Facades\Gate;
 use Modules\Expense\Entities\Expense;
 use PhpOffice\PhpSpreadsheet\Calculation\MathTrig\Exp;
 
@@ -13,16 +14,22 @@ class ExpenseController extends Controller
 {
 
     public function index(ExpensesDataTable $dataTable) {
+        abort_if(Gate::denies('access_expenses'), 403);
+
         return $dataTable->render('expense::expenses.index');
     }
 
 
     public function create() {
+        abort_if(Gate::denies('create_expenses'), 403);
+
         return view('expense::expenses.create');
     }
 
 
     public function store(Request $request) {
+        abort_if(Gate::denies('create_expenses'), 403);
+
         $request->validate([
             'date' => 'required|date',
             'reference' => 'required|string|max:255|unique:expenses,reference',
@@ -46,11 +53,15 @@ class ExpenseController extends Controller
 
 
     public function edit(Expense $expense) {
+        abort_if(Gate::denies('edit_expenses'), 403);
+
         return view('expense::expenses.edit', compact('expense'));
     }
 
 
     public function update(Request $request, Expense $expense) {
+        abort_if(Gate::denies('edit_expenses'), 403);
+
         $request->validate([
             'date' => 'required|date',
             'reference' => 'required|string|max:255|unique:expenses,reference,' . $expense->id,
@@ -74,6 +85,8 @@ class ExpenseController extends Controller
 
 
     public function destroy(Expense $expense) {
+        abort_if(Gate::denies('delete_expenses'), 403);
+
         $expense->delete();
 
         toast('Expense Deleted!', 'warning');
diff --git a/Modules/Expense/Resources/views/expenses/partials/actions.blade.php b/Modules/Expense/Resources/views/expenses/partials/actions.blade.php
index c3334d51..89ee7e60 100644
--- a/Modules/Expense/Resources/views/expenses/partials/actions.blade.php
+++ b/Modules/Expense/Resources/views/expenses/partials/actions.blade.php
@@ -1,6 +1,9 @@
+@can('edit_expenses')
 <a href="{{ route('expenses.edit', $data->id) }}" class="btn btn-info btn-sm">
     <i class="bi bi-pencil"></i>
 </a>
+@endcan
+@can('delete_expenses')
 <button id="delete" class="btn btn-danger btn-sm" onclick="
     event.preventDefault();
     if (confirm('Are you sure? It will delete the data permanently!')) {
@@ -13,3 +16,4 @@
         @method('delete')
     </form>
 </button>
+@endcan
diff --git a/Modules/User/Database/Seeders/PermissionsTableSeeder.php b/Modules/User/Database/Seeders/PermissionsTableSeeder.php
index fd3b6d3b..b89dadf0 100644
--- a/Modules/User/Database/Seeders/PermissionsTableSeeder.php
+++ b/Modules/User/Database/Seeders/PermissionsTableSeeder.php
@@ -33,6 +33,10 @@ class PermissionsTableSeeder extends Seeder
             'show_adjustments',
             'edit_adjustments',
             'delete_adjustments',
+            'access_expenses',
+            'create_expenses',
+            'edit_expenses',
+            'delete_expenses',
         ];
 
         foreach ($permissions as $permission) {
diff --git a/composer.json b/composer.json
index 98500c45..a4ca2c75 100644
--- a/composer.json
+++ b/composer.json
@@ -66,7 +66,7 @@
         "preferred-install": "dist",
         "sort-packages": true,
         "platform": {
-            "php": "7.4"
+            "php": "8.0"
         }
     },
     "minimum-stability": "dev",
