diff --git a/static/src/app/app.component.html b/static/src/app/app.component.html
index 5003f64..a0e53b5 100644
--- a/static/src/app/app.component.html
+++ b/static/src/app/app.component.html
@@ -21,23 +21,41 @@
           <li routerLinkActive="active">
             <a routerLink='/cc-overview' class="link">Armeeübersicht</a>
           </li>
-          <li *ngIf="loginService.isLoggedIn()" routerLinkActive="active">
+          <li *ngIf="loginService.hasPermission(2)" routerLinkActive="active">
             <a routerLink='/cc-users' class="link">Teilnehmer</a>
           </li>
-          <li *ngIf="loginService.isLoggedIn()" routerLinkActive="active">
+          <li *ngIf="loginService.hasPermission(2)" routerLinkActive="active">
             <a routerLink='/cc-squads' class="link">Squads</a>
           </li>
-          <li *ngIf="loginService.isLoggedIn()" routerLinkActive="active">
+          <li *ngIf="loginService.hasPermission(2)" routerLinkActive="active">
             <a routerLink='/cc-decorations' class="link">Auszeichnungen</a>
           </li>
-          <li *ngIf="loginService.isLoggedIn()" routerLinkActive="active">
+          <li *ngIf="loginService.hasPermission(2)" routerLinkActive="active">
             <a routerLink='/cc-ranks' class="link">Ränge</a>
           </li>
+          <li *ngIf="loginService.hasPermission(1) && !loginService.hasPermission(2)" class="dropdown">
+            <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true"
+               aria-expanded="false">
+              Beantragen
+              <span class="caret"></span>
+            </a>
+            <ul class="dropdown-menu">
+              <li>
+                <a [routerLink]="['/request-promotion']">Beförderung</a>
+              </li>
+              <li>
+                <a [routerLink]="['/request-award']">Orden/ Auszeichnung</a>
+              </li>
+            </ul>
+          </li>
         </ul>
 
         <ul class="nav navbar-nav" style="float: right">
+          <li *ngIf="loginService.hasPermission(4)" routerLinkActive="active">
+            <a routerLink='/admin-panel' class="link">Admin Panel</a>
+          </li>
           <li *ngIf="authEnabled" class="link" style="cursor: pointer">
-            <a *ngIf="loginService.isLoggedIn()" (click)="logout()" >Abmelden</a>
+            <a *ngIf="loginService.isLoggedIn()" (click)="logout()">Abmelden</a>
           </li>
         </ul>
       </div>
diff --git a/static/src/app/app.module.ts b/static/src/app/app.module.ts
index df9ba0f..f163179 100644
--- a/static/src/app/app.module.ts
+++ b/static/src/app/app.module.ts
@@ -22,7 +22,7 @@ import {RankStore} from "./services/stores/rank.store";
 import {RankService} from "./services/rank-service/rank.service";
 import {DecorationItemComponent} from "./decorations/decoration-list/decoration-item.component";
 import {AppConfig} from "./app.config";
-import {LoginGuard} from "./login/login.guard";
+import {LoginGuardAdmin, LoginGuardHL, LoginGuardSQL} from "./login/login.guard";
 import {AwardingService} from "./services/awarding-service/awarding.service";
 import {HttpClient} from "./services/http-client";
 import {ArmyService} from "./services/army-service/army.service";
@@ -33,7 +33,9 @@ import { ClipboardModule } from 'ngx-clipboard';
   providers: [
     HttpClient,
     LoginService,
-    LoginGuard,
+    LoginGuardSQL,
+    LoginGuardHL,
+    LoginGuardAdmin,
     ArmyService,
     UserService,
     UserStore,
diff --git a/static/src/app/app.routing.ts b/static/src/app/app.routing.ts
index a516844..f6ea582 100644
--- a/static/src/app/app.routing.ts
+++ b/static/src/app/app.routing.ts
@@ -1,7 +1,7 @@
 import {Routes, RouterModule} from '@angular/router';
 import {LoginComponent} from './login/index';
 import {NotFoundComponent} from './not-found/not-found.component';
-import {LoginGuard} from './login/login.guard';
+import {LoginGuardHL} from './login/login.guard';
 import {usersRoutes, usersRoutingComponents} from "./users/users.routing";
 import {squadsRoutes, squadsRoutingComponents} from "./squads/squads.routing";
 import {decorationsRoutes, decorationsRoutingComponents} from "./decorations/decoration.routing";
@@ -15,10 +15,10 @@ export const appRoutes: Routes = [
   {path: '', redirectTo: '/cc-overview', pathMatch: 'full'},
 
   {path: 'login', component: LoginComponent},
-  {path: 'cc-users', children: usersRoutes, canActivate: [LoginGuard]},
-  {path: 'cc-squads', children: squadsRoutes, canActivate: [LoginGuard]},
-  {path: 'cc-decorations', children: decorationsRoutes, canActivate: [LoginGuard]},
-  {path: 'cc-ranks', children: ranksRoutes, canActivate: [LoginGuard]},
+  {path: 'cc-users', children: usersRoutes, canActivate: [LoginGuardHL]},
+  {path: 'cc-squads', children: squadsRoutes, canActivate: [LoginGuardHL]},
+  {path: 'cc-decorations', children: decorationsRoutes, canActivate: [LoginGuardHL]},
+  {path: 'cc-ranks', children: ranksRoutes, canActivate: [LoginGuardHL]},
 
   /** Redirect Konfigurationen **/
   {path: '404', component: NotFoundComponent},
@@ -30,4 +30,4 @@ export const appRouting = RouterModule.forRoot(appRoutes);
 export const routingComponents = [LoginComponent, ...armyRoutingComponents , NotFoundComponent, ...usersRoutingComponents,
   ...squadsRoutingComponents, ...decorationsRoutingComponents, ...ranksRoutingComponents];
 
-export const routingProviders = [LoginGuard];
+export const routingProviders = [LoginGuardHL];
diff --git a/static/src/app/login/login.component.ts b/static/src/app/login/login.component.ts
index 18fbe45..7365886 100644
--- a/static/src/app/login/login.component.ts
+++ b/static/src/app/login/login.component.ts
@@ -25,8 +25,8 @@ export class LoginComponent implements OnInit {
   ngOnInit() {
     // reset login status
     this.loginService.logout();
-    // redirect to user overview on success
-    this.returnUrl = '/cc-users'
+    // redirect on success
+    this.returnUrl = '/cc-overview'
   }
 
   login(username: string, password: string) {
diff --git a/static/src/app/login/login.guard.ts b/static/src/app/login/login.guard.ts
index 187ca03..1083734 100644
--- a/static/src/app/login/login.guard.ts
+++ b/static/src/app/login/login.guard.ts
@@ -2,14 +2,57 @@ import { Injectable } from '@angular/core';
 import { Router, CanActivate, ActivatedRouteSnapshot, RouterStateSnapshot } from '@angular/router';
 
 @Injectable()
-export class LoginGuard implements CanActivate {
+export class LoginGuardSQL implements CanActivate {
 
   constructor(private router: Router) { }
 
   canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot) {
     if (localStorage.getItem('currentUser')) {
-      // logged in so return true
-      return true;
+      let currentUser = JSON.parse(localStorage.getItem('currentUser'));
+      if (currentUser.permission === 1) {
+        // logged and correct permission so return true
+        return true;
+      }
+    }
+
+    // not logged in so redirect to login page with the return url
+    this.router.navigate(['/login'], { queryParams: { returnUrl: state.url }});
+    return false;
+  }
+}
+
+@Injectable()
+export class LoginGuardHL implements CanActivate {
+
+  constructor(private router: Router) { }
+
+  canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot) {
+    if (localStorage.getItem('currentUser')) {
+      let currentUser = JSON.parse(localStorage.getItem('currentUser'));
+      if (currentUser.permission >= 2) {
+        // logged and correct permission so return true
+        return true;
+      }
+    }
+
+    // not logged in so redirect to login page with the return url
+    this.router.navigate(['/login'], { queryParams: { returnUrl: state.url }});
+    return false;
+  }
+}
+
+@Injectable()
+export class LoginGuardAdmin implements CanActivate {
+
+  constructor(private router: Router) { }
+
+  canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot) {
+    if (localStorage.getItem('currentUser')) {
+      let currentUser = JSON.parse(localStorage.getItem('currentUser'));
+      if (currentUser.permission === 4) {
+        // logged and correct permission so return true
+        return true;
+      }
     }
 
     // not logged in so redirect to login page with the return url
diff --git a/static/src/app/services/login-service/login-service.ts b/static/src/app/services/login-service/login-service.ts
index e7884e1..e7264de 100644
--- a/static/src/app/services/login-service/login-service.ts
+++ b/static/src/app/services/login-service/login-service.ts
@@ -33,4 +33,9 @@ export class LoginService {
     return !this.authEnabled || localStorage.getItem('currentUser') != null;
   }
 
+  hasPermission(level : number) {
+    let currentUser = JSON.parse(localStorage.getItem('currentUser'));
+    return this.isLoggedIn() && currentUser.permission >= level;
+  }
+
 }
diff --git a/static/src/assets/opt-logo-klein.png b/static/src/assets/opt-logo-klein.png
index 1bd3696..41f597d 100644
Binary files a/static/src/assets/opt-logo-klein.png and b/static/src/assets/opt-logo-klein.png differ