diff --git a/lib/NGCP/Panel/Controller/Customer.pm b/lib/NGCP/Panel/Controller/Customer.pm
index 1c585711e5..09ba879f81 100644
--- a/lib/NGCP/Panel/Controller/Customer.pm
+++ b/lib/NGCP/Panel/Controller/Customer.pm
@@ -31,7 +31,7 @@ Catalyst Controller.
 
 =cut
 
-sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(subscriberadmin) {
     my ($self, $c) = @_;
     $c->log->debug(__PACKAGE__ . '::auto');
     NGCP::Panel::Utils::Navigation::check_redirect_chain(c => $c);
@@ -56,7 +56,7 @@ sub list_customer :Chained('/') :PathPart('customer') :CaptureArgs(0) {
     );
 }
 
-sub root :Chained('list_customer') :PathPart('') :Args(0) {
+sub root :Chained('list_customer') :PathPart('') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
     my ($self, $c) = @_;
 }
 
@@ -71,12 +71,20 @@ sub base :Chained('list_customer') :PathPart('') :CaptureArgs(1) {
 
     my $contract = $c->model('DB')->resultset('contracts')
         ->search('me.id' => $contract_id);
-    unless($c->user->is_superuser) {
+    if($c->user->roles eq 'reseller') {
         $contract = $contract->search({
             'contact.reseller_id' => $c->user->reseller_id,
         }, {
             join => 'contact',
         });
+    } elsif($c->user->roles eq 'subscriberadmin') {
+        $contract = $contract->search({
+            'me.id' => $c->user->account_id,
+        });
+        unless($contract->count) {
+            $c->log->error("unauthorized access of subscriber uuid '".$c->user->uuid."' to contract id '$contract_id'");
+            $c->detach('/denied_page');
+        }
     }
 
     my $stime = NGCP::Panel::Utils::DateTime::current_local()->truncate(to => 'month');
diff --git a/lib/NGCP/Panel/Controller/Subscriber.pm b/lib/NGCP/Panel/Controller/Subscriber.pm
index e4746e0a51..83f9fbb7fb 100644
--- a/lib/NGCP/Panel/Controller/Subscriber.pm
+++ b/lib/NGCP/Panel/Controller/Subscriber.pm
@@ -75,7 +75,7 @@ sub sub_list :Chained('/') :PathPart('subscriber') :CaptureArgs(0) {
         },{
             join => { 'contract' => 'contact'},
         });
-    } elsif($c->user->roles eq 'subscriber' || $c->user->roles eq 'subscriberadmin') {
+    } elsif($c->user->roles eq 'subscriber') {
         $c->stash->{subscribers_rs} = $c->stash->{subscribers_rs}->search({
             'username' => $c->user->username
         },{
@@ -88,6 +88,12 @@ sub sub_list :Chained('/') :PathPart('subscriber') :CaptureArgs(0) {
                 join => 'domain'
             });
         }
+    } elsif($c->user->roles eq 'subscriberadmin') {
+        $c->stash->{subscribers_rs} = $c->stash->{subscribers_rs}->search({
+            'contract.id' => $c->user->account_id,
+        },{
+            join => { 'contract' => 'contact'},
+        });
     }
 
     $c->stash->{dt_columns} = NGCP::Panel::Utils::Datatables::set_columns($c, [
diff --git a/share/templates/customer/details.tt b/share/templates/customer/details.tt
index 74ccb1df93..8bb8c00269 100644
--- a/share/templates/customer/details.tt
+++ b/share/templates/customer/details.tt
@@ -14,7 +14,7 @@
     <span>
         <a class="btn btn-primary btn-large" href="[% c.uri_for('/back') %]"><i class="icon-arrow-left"></i> Back</a>
     </span>
-    [% UNLESS c.user.read_only -%]
+    [% IF !c.user.read_only && (c.user.roles == 'admin' || c.user.roles == 'reseller') -%]
     <span>
         <a class="btn btn-primary btn-large" href="[% c.uri_for_action('/contract/edit', [ contract.id ]) %]"><i class="icon-edit"></i> Edit</a>
     </span>
@@ -63,6 +63,7 @@
     </div>
     [% END -%]
 
+    [% IF c.user.roles == 'admin' || c.user.roles == 'reseller' %]
     <div class="accordion-group">
         <div class="accordion-heading">
             <a class="accordion-toggle" data-toggle="collapse" data-parent="#customer_details" href="#collapse_contact">Contact Details</a>
@@ -144,6 +145,7 @@
             </div>
         </div>
     </div>
+    [% END -%]
 
     <div class="accordion-group">
         <div class="accordion-heading">
@@ -327,6 +329,7 @@
         </div>
     </div>
 
+    [% IF c.user.roles == 'admin' || c.user.roles == 'reseller' %]
     <div class="accordion-group">
         <div class="accordion-heading">
             <a class="accordion-toggle" data-toggle="collapse" data-parent="#customer_details" href="#collapse_fraud">Fraud Limits</a>
@@ -407,6 +410,7 @@
             </div>
         </div>
     </div>
+    [% END -%]
 </div>
 
 [% IF create_flag == 1 -%]
diff --git a/share/templates/subscriber/master.tt b/share/templates/subscriber/master.tt
index 20aa7c4b8b..5f06aa6159 100644
--- a/share/templates/subscriber/master.tt
+++ b/share/templates/subscriber/master.tt
@@ -24,6 +24,7 @@
 <div class="ngcp-separator"></div>
 
 <div class="accordion" id="subscriber_data">
+    [% IF c.user.roles == 'admin' || c.user.roles == 'reseller' %]
     <div class="accordion-group">
         <div class="accordion-heading">
             <a class="accordion-toggle" data-toggle="collapse" data-parent="#subscriber_data" href="#collapse_master">Master Data</a>
@@ -87,8 +88,12 @@
             </div>
         </div>
     </div>
+    [% END -%]
 
-[% IF c.user.call_data -%]
+    [% IF 
+        ((c.user.roles == 'admin' || c.user.roles == 'reseller') && c.user.call_data) ||
+        c.user.roles == 'subscriberadmin'
+    -%]
     <div class="accordion-group">
         <div class="accordion-heading">
             <a class="accordion-toggle" data-toggle="collapse" data-parent="#subscriber_data" href="#collapse_calls">Call History</a>
@@ -108,7 +113,7 @@
             </div>
         </div>
     </div>
-[% END -%]
+    [% END -%]
 
 
     <div class="accordion-group">