diff --git a/app/models/ability.rb b/app/models/ability.rb
new file mode 100644
index 000000000..74c79f472
--- /dev/null
+++ b/app/models/ability.rb
@@ -0,0 +1,22 @@
+class Ability
+  include CanCan::Ability
+
+  def initialize(user)
+    # Not logged in users
+    can :read, Debate
+
+    if user # logged-in users
+      can [:read, :create, :vote], Debate
+      can :edit, Debate do |debate|
+        debate.editable_by?(user)
+      end
+
+      if user.moderator? or user.administrator?
+
+      elsif user.administrator?
+
+      end
+    end
+  end
+
+end
diff --git a/spec/models/ability_spec.rb b/spec/models/ability_spec.rb
new file mode 100644
index 000000000..70d09f684
--- /dev/null
+++ b/spec/models/ability_spec.rb
@@ -0,0 +1,55 @@
+require 'rails_helper'
+require 'cancan/matchers'
+
+describe Ability do
+  subject(:ability) { Ability.new(user) }
+  let(:debate) { Debate.new }
+
+  describe "Non-logged in users" do
+    let(:user) { nil }
+
+    it { should be_able_to(:index, Debate) }
+    it { should be_able_to(:show, debate) }
+    it { should_not be_able_to(:edit, Debate) }
+    it { should_not be_able_to(:vote, Debate) }
+  end
+
+  describe "Citizens" do
+    let(:user) { create(:user) }
+
+    it { should be_able_to(:index, Debate) }
+    it { should be_able_to(:show, debate) }
+    it { should be_able_to(:vote, debate) }
+
+    describe "editing debates" do
+      let(:own_debate) { create(:debate, author: user) }
+      let(:own_debate_non_editable) { create(:debate, author: user) }
+
+      before { allow(own_debate_non_editable).to receive(:editable?).and_return(false) }
+
+      it { should be_able_to(:edit, own_debate) }
+      it { should_not be_able_to(:edit, debate) } # Not his
+      it { should_not be_able_to(:edit, own_debate_non_editable) }
+    end
+  end
+
+  describe "Moderators" do
+    let(:user) { create(:user) }
+    before { create(:moderator, user: user) }
+
+    it { should be_able_to(:index, Debate) }
+    it { should be_able_to(:show, debate) }
+    it { should be_able_to(:vote, debate) }
+
+  end
+
+  describe "Administrators" do
+    let(:user) { create(:user) }
+    before { create(:administrator, user: user) }
+
+    it { should be_able_to(:index, Debate) }
+    it { should be_able_to(:show, debate) }
+    it { should be_able_to(:vote, debate) }
+
+  end
+end