diff --git a/lib/NGCP/Panel/Controller/Domain.pm b/lib/NGCP/Panel/Controller/Domain.pm
index 776f41aa2b..bedaf94321 100644
--- a/lib/NGCP/Panel/Controller/Domain.pm
+++ b/lib/NGCP/Panel/Controller/Domain.pm
@@ -13,7 +13,7 @@ use NGCP::Panel::Utils::Prosody;
 use NGCP::Panel::Utils::Preferences;
 use NGCP::Panel::Utils::XMLDispatcher;
 
-sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare)  {
     my ($self, $c) = @_;
     $c->log->debug(__PACKAGE__ . '::auto');
     NGCP::Panel::Utils::Navigation::check_redirect_chain(c => $c);
@@ -23,7 +23,14 @@ sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRol
 sub dom_list :Chained('/') :PathPart('domain') :CaptureArgs(0) {
     my ($self, $c) = @_;
 
-    my $dispatch_to = '_dom_resultset_' . $c->user->roles;
+    my $resultset_role = $c->user->roles;
+    if ($resultset_role eq 'ccareadmin') {
+        $resultset_role = 'admin';
+    } elsif ($resultset_role eq 'ccare') {
+        $resultset_role = 'reseller';
+    }
+
+    my $dispatch_to = '_dom_resultset_' . $resultset_role;
     my $dom_rs = $self->$dispatch_to($c);
 
     $c->stash->{domain_dt_columns} = NGCP::Panel::Utils::Datatables::set_columns($c, [
@@ -36,6 +43,10 @@ sub dom_list :Chained('/') :PathPart('domain') :CaptureArgs(0) {
               template => 'domain/list.tt');
 }
 
+sub dom_list_restricted :Chained('dom_list') :PathPart('') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+    my ($self, $c) = @_;
+}
+
 sub _dom_resultset_admin {
     my ($self, $c) = @_;
     return $c->model('DB')->resultset('domains');
@@ -55,7 +66,7 @@ sub root :Chained('dom_list') :PathPart('') :Args(0) {
     my ($self, $c) = @_;
 }
 
-sub create :Chained('dom_list') :PathPart('create') :Args() {
+sub create :Chained('dom_list_restricted') :PathPart('create') :Args() {
     my ($self, $c, $reseller_id, $type) = @_;
 
     my $posted = ($c->request->method eq 'POST');
@@ -169,7 +180,7 @@ sub create :Chained('dom_list') :PathPart('create') :Args() {
     );
 }
 
-sub base :Chained('/domain/dom_list') :PathPart('') :CaptureArgs(1) {
+sub base :Chained('/domain/dom_list_restricted') :PathPart('') :CaptureArgs(1) {
     my ($self, $c, $domain_id) = @_;
 
     unless($domain_id && is_int($domain_id)) {
diff --git a/share/templates/customer/details.tt b/share/templates/customer/details.tt
index dca2658962..c1f6f4fb8b 100644
--- a/share/templates/customer/details.tt
+++ b/share/templates/customer/details.tt
@@ -67,7 +67,8 @@ $(function() {
         <a class="btn btn-primary btn-large" href="[% c.uri_for('/back') %]"><i class="icon-arrow-left"></i> [% c.loc('Back') %]</a>
         <a class="btn btn-primary btn-large" href="[% c.uri_for_action('/customer/preferences', [c.req.captures.0]) %]"><i class="icon-list"></i> [% c.loc('Preferences') %]</a>
     </span>
-    [% IF !c.user.read_only && (c.user.roles == 'admin' || c.user.roles == 'reseller') -%]
+    [% IF (c.user.roles == 'admin' || c.user.roles == 'reseller' ||
+           c.user.roles == 'ccareadmin' || c.user.roles == 'ccare') && !c.user.read_only -%]
     <span>
         <a class="btn btn-primary btn-large" href="[% c.uri_for_action('/customer/edit', [ contract.id ]) %]"><i class="icon-edit"></i> [% c.loc('Edit') %]</a>
     </span>
@@ -234,7 +235,9 @@ $(function() {
                         [% c.loc('Maximum number of [_1] subscribers [_2] created',contract.max_subscribers,
                             c.config.features.cloudpbx ? c.loc('(including PBX groups) ') : '') %]
                     </div>
-                [% ELSIF (c.user.roles == "subscriberadmin" && product.class == "pbxaccount") || c.user.roles == "admin" || c.user.roles == "reseller" -%]
+                [% ELSIF (c.user.roles == "subscriberadmin" && product.class == "pbxaccount") ||
+                          c.user.roles == "admin" || c.user.roles == "reseller" ||
+                          c.user.roles == "ccareadmin" || c.user.roles == "ccare" -%]
                     <a class="btn btn-large btn-primary" href="[% c.uri_for_action('/customer/subscriber_create', [ c.req.captures.0 ]) %]">
                         <i class="icon-star"></i> [% c.loc('Create Subscriber') %]
                     </a>
@@ -390,7 +393,9 @@ $(function() {
     [% IF
         c.config.features.cloudpbx &&
         product.class == 'pbxaccount' &&
-        (c.user.roles == 'admin' || c.user.roles == 'reseller' || c.user.roles == 'subscriberadmin')
+        (c.user.roles == 'admin' || c.user.roles == 'reseller' ||
+         c.user.roles == 'ccareadmin' || c.user.roles == 'ccare' ||
+         c.user.roles == 'subscriberadmin')
     -%]
     <div class="accordion-group">
         <div class="accordion-heading">
@@ -435,7 +440,8 @@ $(function() {
 
             <div class="accordion-inner">
 
-                [% IF (c.user.roles == 'admin' || c.user.roles == 'reseller') && !c.user.read_only -%]
+                [% IF (c.user.roles == 'admin' || c.user.roles == 'reseller' ||
+                       c.user.roles == 'ccareadmin' || c.user.roles == 'ccare') && !c.user.read_only -%]
                 <span>
                     [% IF c.user.billing_data -%]
                     <a class="btn btn-primary btn-large" href="[% c.uri_for_action("/customer/topup_voucher", [contract.id]) %]"><i class="icon-repeat"></i> [% c.loc('Top-up Voucher') %]</a>
