diff --git a/server/SHServ/Controllers/DevicesRESTAPIController.php b/server/SHServ/Controllers/DevicesRESTAPIController.php
index d38b189..b439bbd 100644
--- a/server/SHServ/Controllers/DevicesRESTAPIController.php
+++ b/server/SHServ/Controllers/DevicesRESTAPIController.php
@@ -6,8 +6,10 @@
 use \SHServ\Tools\DeviceScanner;
 use \SHServ\Entities\Device;
 use \SHServ\Entities\Area;
+use \SHServ\Integrations\GAuth\AuthControllerTrait;
 
 class DevicesRESTAPIController extends \SHServ\Middleware\Controller {
+	use AuthControllerTrait;
 	protected function withScanLock(callable $callback) {
 		$tmpDir   = sys_get_temp_dir();
 		$lockFile = $tmpDir . '/shserv-scan.lock';
@@ -59,6 +61,7 @@
 	}
 
 	public function scanning__ready_to_setup() {
+		if ($auth = $this -> require_permission('devices.scan')) { return $auth; }
 		return $this -> withScanLock(function() {
 			$device_model = new Devices();
 			$devices = $device_model -> get_unregistered_devices();
@@ -70,6 +73,7 @@
 	}
 
 	public function scanning__all() {
+		if ($auth = $this -> require_permission('devices.scan')) { return $auth; }
 		return $this -> withScanLock(function() {
 			$device_model = new Devices();
 			$devices = $device_model -> scanning_localnet(FCONF["device_ip_range"][0], FCONF["device_ip_range"][1]);
@@ -81,6 +85,7 @@
 	}
 
 	public function setup_new_device($device_ip, $alias, $name, $description) {
+		if ($auth = $this -> require_permission('devices.setup')) { return $auth; }
 		$devices_model = new \SHServ\Models\Devices();
 
 		$host = $device_ip;
@@ -122,6 +127,7 @@
 	}
 
 	public function resetup_device($device_id) {
+		if ($auth = $this -> require_permission('devices.setup')) { return $auth; }
 		$devices_model = new \SHServ\Models\Devices();
 
 		$device = $devices_model -> by_id(intval($device_id));
@@ -149,6 +155,7 @@
 	}
 
 	public function remove_device($device_id) {
+		if ($auth = $this -> require_permission('devices.delete')) { return $auth; }
 		$devices_model  = new Devices();
 		$result = $devices_model -> remove_device(intval($device_id));
 
@@ -167,6 +174,7 @@
 	}
 
 	public function reboot_device($device_id) {
+		if ($auth = $this -> require_permission('devices.control')) { return $auth; }
 		$devices_model = new Devices();
 		$result = $devices_model -> reboot_device(intval($device_id));
 
@@ -184,6 +192,7 @@
 	}
 
 	public function device_info($device_id) {
+		if ($auth = $this -> require_permission('devices.view')) { return $auth; }
 		$device_id = intval($device_id);
 		$devices_model = new Devices();
 		$result = $devices_model -> get_device_info($device_id);
@@ -196,6 +205,7 @@
 	}
 
 	public function device($device_id) {
+		if ($auth = $this -> require_permission('devices.view')) { return $auth; }
 		$devices_model = new Devices();
 		$device = $devices_model -> by_id(intval($device_id));
 
@@ -225,6 +235,7 @@
 	}
 
 	public function device_status($device_id) {
+		if ($auth = $this -> require_permission('devices.view')) { return $auth; }
 		$devices_model = new Devices();
 		$device = $devices_model -> by_id(intval($device_id));
 
@@ -256,6 +267,7 @@
 	}
 
 	public function do_device_action($device_id, $action, $params) {
+		if ($auth = $this -> require_permission('devices.control')) { return $auth; }
 		$devices_model = new Devices();
 		$device = $devices_model -> by_id(intval($device_id));
 
@@ -304,6 +316,7 @@
 	}
 
 	public function place_in_area($target_id, $place_in_area_id) {
+		if ($auth = $this -> require_permission('devices.edit')) { return $auth; }
 		if ($error = $this -> validate_positive_int_ids([
 			'target_id' => $target_id,
 			'place_in_area_id' => $place_in_area_id,
@@ -330,6 +343,7 @@
 	}
 
 	public function unassign_from_area($target_id) {
+		if ($auth = $this -> require_permission('devices.edit')) { return $auth; }
 		if ($error = $this -> validate_positive_int_ids(['target_id' => $target_id])) {
 			return $error;
 		}
@@ -346,6 +360,7 @@
 	}
 
 	public function devices_list($status = "active") {
+		if ($auth = $this -> require_permission('devices.view')) { return $auth; }
 		$status_list = Device::get_status_list();
 		if(!in_array($status, $status_list)) {
 			return $this -> utils() -> response_error("wrong_status_name");
@@ -363,6 +378,7 @@
 	}
 
 	public function update_name($device_id, $name) {
+		if ($auth = $this -> require_permission('devices.edit')) { return $auth; }
 		$device_id = intval($device_id);
 
 		if($device_id < 1) {
@@ -390,6 +406,7 @@
 	}
 
 	public function update_description($device_id, $description) {
+		if ($auth = $this -> require_permission('devices.edit')) { return $auth; }
 		$device_id = intval($device_id);
 
 		if($device_id < 1) {
@@ -409,6 +426,7 @@
 	}
 
 	public function update_alias($device_id, $new_alias) {
+		if ($auth = $this -> require_permission('devices.edit')) { return $auth; }
 		$device_id = intval($device_id);
 
 		if($device_id < 1) {
@@ -438,6 +456,7 @@
 	}
 
 	public function reset_device($device_id) {
+		if ($auth = $this -> require_permission('devices.edit')) { return $auth; }
 		$device_id = intval($device_id);
 
 		if($device_id < 1) {