CanCan does not allow action but allows html?

Question

For some reason, for a non logged in user, this code displays the html but once delete is clicked CanCan does not allow the action.

  <% if can? :destroy, @boat %>
    <%= link_to "", boat, method: :delete, data: { confirm: "You sure?" } %>
  <% end %>

How do I prevent the HTML from displaying???

  def initialize(user)
       user ||= User.new
       if user.admin? || user.email = 'test@test.io'
         can :manage, :all
       elsif user.manager?
         can :read, Boat
         can [:create, :read, :update], User
       else
         can :read, Boat
         can :create, User      
       end
  end

Answer 1

Some how the app was still detecting my email, even while logged out and therefore giving me admin privileges!

Not sure how this is happening...