diff --git a/README.md b/README.md
index a835f85..8d6c1da 100644
--- a/README.md
+++ b/README.md
@@ -72,4 +72,7 @@ symfony console make:registration-form
 symfony console make:entity 
 symfony console make:migration
 symfony console d:f:l
-```
\ No newline at end of file
+```
+
+### Question 9
+Pas de commandes, juste du code dans AtelierController
diff --git a/src/Controller/AtelierController.php b/src/Controller/AtelierController.php
index 3f6c9f6..9587c1a 100644
--- a/src/Controller/AtelierController.php
+++ b/src/Controller/AtelierController.php
@@ -12,12 +12,10 @@ use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Annotation\Route;
 use Symfony\Component\Security\Http\Attribute\IsGranted;
 
-#[IsGranted('ROLE_INSTRUCTOR')]
 #[Route('/atelier')]
 class AtelierController extends AbstractController
 {
     #[Route('/', name: 'app_atelier_index', methods: ['GET'])]
-
     public function index(AtelierRepository $atelierRepository, MarkdownAtelier $markdown): Response
     {
         return $this->render('atelier/index.html.twig', [
@@ -25,6 +23,7 @@ class AtelierController extends AbstractController
         ]);
     }
 
+    #[IsGranted('ROLE_INSTRUCTOR')]
     #[Route('/new', name: 'app_atelier_new', methods: ['GET', 'POST'])]
     public function new(Request $request, AtelierRepository $atelierRepository): Response
     {
@@ -53,6 +52,7 @@ class AtelierController extends AbstractController
         ]);
     }
 
+    #[IsGranted('ROLE_INSTRUCTOR')]
     #[Route('/{id}/edit', name: 'app_atelier_edit', methods: ['GET', 'POST'])]
     public function edit(Request $request, Atelier $atelier, AtelierRepository $atelierRepository): Response
     {
@@ -71,10 +71,11 @@ class AtelierController extends AbstractController
         ]);
     }
 
+    #[IsGranted('ROLE_INSTRUCTOR')]
     #[Route('/{id}', name: 'app_atelier_delete', methods: ['POST'])]
     public function delete(Request $request, Atelier $atelier, AtelierRepository $atelierRepository): Response
     {
-        if ($this->isCsrfTokenValid('delete'.$atelier->getId(), $request->request->get('_token'))) {
+        if ($this->isCsrfTokenValid('delete' . $atelier->getId(), $request->request->get('_token'))) {
             $atelierRepository->remove($atelier, true);
         }