diff --git a/sigap-website/app/(pages)/(admin)/dashboard/user-management/_components/table/columns/actions-column.tsx b/sigap-website/app/(pages)/(admin)/dashboard/user-management/_components/table/columns/actions-column.tsx
index 701614e..77c524d 100644
--- a/sigap-website/app/(pages)/(admin)/dashboard/user-management/_components/table/columns/actions-column.tsx
+++ b/sigap-website/app/(pages)/(admin)/dashboard/user-management/_components/table/columns/actions-column.tsx
@@ -10,7 +10,9 @@ export const createActionsColumn = (
 ) => {
     return {
         id: "actions",
-        header: "",
+        header: () => {
+            return <span>Actions</span>
+        },
         cell: ({ row }: { row: { original: IUserSchema } }) => <ActionsCell user={row.original} onUpdate={handleUserUpdate} />
     }
 }
\ No newline at end of file
diff --git a/sigap-website/app/_utils/authz.ts b/sigap-website/app/_utils/authz.ts
new file mode 100644
index 0000000..5719068
--- /dev/null
+++ b/sigap-website/app/_utils/authz.ts
@@ -0,0 +1,19 @@
+import { IUserSchema } from "@/src/entities/models/users/users.model"
+
+type Role = "viewer" | "editor" | "admin";
+
+const PERMISSIONS: Record<Role, string[]> = {
+    viewer: ["view:post"],
+    editor: ["view:post", "edit:post"],
+    admin: ["view:post", "create:post", "edit:post", "delete:post"],
+};
+export const CheckPermission = (user: IUserSchema, action: string, resource: string) => {
+    const permissions = PERMISSIONS[user.role as Role]
+
+    if (!permissions) return false
+
+    return permissions.includes(`${action}:${resource}`)
+}
+
+
+export default CheckPermission
\ No newline at end of file