diff --git a/policy/diamond/policy/admin/admin.rego b/policy/diamond/policy/admin/admin.rego
index b8ada554..c72601be 100644
--- a/policy/diamond/policy/admin/admin.rego
+++ b/policy/diamond/policy/admin/admin.rego
@@ -3,7 +3,11 @@ package diamond.policy.admin
 import data.diamond.policy.token
 import rego.v1
 
-is_admin[subject] := "super_admin" in data.diamond.data.subjects[subject].permissions
+default is_admin(_) := false
+
+is_admin(subject) if {
+	"super_admin" in data.diamond.data.subjects[subject].permissions
+}
 
 beamline_admin_for_subject[subject_name] contains beamline if {
 	some subject_name, subject in data.diamond.data.subjects
@@ -13,7 +17,7 @@ beamline_admin_for_subject[subject_name] contains beamline if {
 	some beamline in role_beamlines
 }
 
-admin := is_admin[token.claims.fedid] # regal ignore:rule-name-repeats-package
+admin := is_admin(token.claims.fedid) # regal ignore:rule-name-repeats-package
 
 beamline_admin := input.beamline in object.get(beamline_admin_for_subject, token.claims.fedid, [])
 
diff --git a/policy/diamond/policy/admin/admin_test.rego b/policy/diamond/policy/admin/admin_test.rego
index 6f9d2257..d28b2028 100644
--- a/policy/diamond/policy/admin/admin_test.rego
+++ b/policy/diamond/policy/admin/admin_test.rego
@@ -33,7 +33,7 @@ diamond_data := {
 }
 
 test_is_admin_for_admin if {
-	admin.is_admin.carol with data.diamond.data as diamond_data
+	admin.is_admin("carol") with data.diamond.data as diamond_data
 }
 
 test_beamline_admin_for_subject_for_beamline_admin if {
@@ -45,11 +45,11 @@ test_beamlines_admin_for_subject_for_group_admin if {
 }
 
 test_is_admin_for_non_admin if {
-	not admin.is_admin.alice with data.diamond.data as diamond_data
+	not admin.is_admin("alice") with data.diamond.data as diamond_data
 }
 
 test_is_admin_for_beamline_admin_not_admin if {
-	not admin.is_admin.bob with data.diamond.data as diamond_data
+	not admin.is_admin("bob") with data.diamond.data as diamond_data
 }
 
 test_beamline_admin_for_subject_for_non_beamline_admin if {
diff --git a/policy/diamond/policy/proposal/proposal.rego b/policy/diamond/policy/proposal/proposal.rego
index f3c28052..4595f77c 100644
--- a/policy/diamond/policy/proposal/proposal.rego
+++ b/policy/diamond/policy/proposal/proposal.rego
@@ -13,7 +13,7 @@ on_proposal(subject, proposal_number) if {
 default access_proposal(_, _) := false
 
 # Allow if subject has super_admin permission
-access_proposal(subject, proposal_number) if admin.is_admin[subject] # regal ignore:external-reference
+access_proposal(subject, proposal_number) if admin.is_admin(subject) # regal ignore:external-reference
 
 # Allow if subject is on proposal
 access_proposal(subject, proposal_number) if on_proposal(subject, proposal_number)
diff --git a/policy/diamond/policy/session/session.rego b/policy/diamond/policy/session/session.rego
index d3c49093..e8ee71e0 100644
--- a/policy/diamond/policy/session/session.rego
+++ b/policy/diamond/policy/session/session.rego
@@ -24,7 +24,7 @@ on_session(subject, proposal_number, visit_number) if {
 default access_session(_, _, _) := false
 
 # Allow if subject has super_admin permission
-access_session(subject, proposal_number, visit_number) if admin.is_admin[subject] # regal ignore:external-reference
+access_session(subject, proposal_number, visit_number) if admin.is_admin(subject) # regal ignore:external-reference
 
 # Allow if subject is admin for beamline containing session
 access_session(subject, proposal_number, visit_number) if {