diff --git a/models/user.js b/models/user.js
index c1002af326ebe6d2f356739409256b50e848397b..a0276539e91b14dd3f192995951908f0907b63c4 100644
--- a/models/user.js
+++ b/models/user.js
@@ -3,7 +3,13 @@ const Schema = mongoose.Schema;
 
 const USER_ROLE = {
     CLIENT: "client",
-    AGENT: "agent"
+    AGENT: "agent",
+};
+
+const USER_PERMISSIONS = {
+  NOBODY: 0,
+  [USER_ROLE.CLIENT]: 1,
+  [USER_ROLE.AGENT]: 2,
 };
 
 const userSchema = new Schema({
@@ -34,6 +40,7 @@ const userSchema = new Schema({
 const User = mongoose.model("User", userSchema);
 
 module.exports = {
-    USER_ROLE: USER_ROLE,
+    USER_ROLE,
+    USER_PERMISSIONS,
     User: User,
 };
\ No newline at end of file
diff --git a/src/permissions.js b/src/permissions.js
new file mode 100644
index 0000000000000000000000000000000000000000..3eec10e63b34551754e6449865df593598a63c19
--- /dev/null
+++ b/src/permissions.js
@@ -0,0 +1,20 @@
+const USER_PERMISSIONS = require("../models/user").USER_PERMISSIONS;
+
+function check_permissions(requiredPermissionLevel, checkEquality, onAuthorized) {
+  return function (req, res, next) {
+    const requestEmitterPermissionLevel = USER_PERMISSIONS[req.user && req.user.role || "NOBODY"];
+
+    //User doesn't have required permissions to access this route
+    if (checkEquality && requestEmitterPermissionLevel !== requiredPermissionLevel || !checkEquality && requestEmitterPermissionLevel < requiredPermissionLevel) {
+      req.flash("info", "Vous n'avez pas les autorisations requises pour accéder à cette ressource");
+      res.redirect("/");
+    }
+    else {
+      onAuthorized(req, res, next);
+    }
+  };
+}
+
+module.exports = {
+  check_permissions,
+};
\ No newline at end of file