diff --git a/admin/admin.go b/admin/admin.go
index d59608a..f4d3fe0 100644
--- a/admin/admin.go
+++ b/admin/admin.go
@@ -50,7 +50,7 @@ func AddUser() common.Handler {
 				StatusCode: http.StatusInternalServerError,
 			}
 		}
-		statement, err := db.Prepare("INSERT INTO users(username,hash,realname,email) VALUES (?,?,?,?)")
+		statement, err := db.Prepare("INSERT INTO users(username,hash,realname,email,permissions) VALUES (?,?,?,?,?)")
 		if err != nil {
 			return &common.HTTPError{
 				Message:    fmt.Sprintf("error preparing sqlite3 statement: %v", err),
@@ -70,10 +70,11 @@ func AddUser() common.Handler {
 		password := strings.Join(r.Form["password"], "")
 		realname := strings.Join(r.Form["realname"], "")
 		email := strings.Join(r.Form["email"], "")
+		permissions := strings.Join(r.Form["permissions"], "")
 
 		hash, err := bcrypt.GenerateFromPassword([]byte(password), 4)
 
-		_, err = statement.Exec(username, hash, realname, email)
+		_, err = statement.Exec(username, hash, realname, email, permissions)
 		if err != nil {
 			return &common.HTTPError{
 				Message:    fmt.Sprintf("error executing sqlite3 statement: %v", err),
@@ -112,9 +113,10 @@ func EditUser() common.Handler {
 		newpassword := strings.Join(r.Form["newpw1"], "")
 		realname := strings.Join(r.Form["realname"], "")
 		email := strings.Join(r.Form["email"], "")
+		permissions := strings.Join(r.Form["permissions"], "")
 		pwhash, err := bcrypt.GenerateFromPassword([]byte(password), 4)
 
-		statement, err := db.Prepare("UPDATE users SET username=?, hash=?, realname=?, email=? WHERE id=?")
+		statement, err := db.Prepare("UPDATE users SET username=?, hash=?, realname=?, email=?, permissions=? WHERE id=?")
 		if err != nil {
 			return &common.HTTPError{
 				Message:    fmt.Sprintf("error preparing sqlite3 statement: %v", err),
@@ -162,7 +164,7 @@ func EditUser() common.Handler {
 			pwhash, err = bcrypt.GenerateFromPassword([]byte(newpassword), 4)
 		}
 
-		_, err = statement.Exec(username, pwhash, realname, email, id)
+		_, err = statement.Exec(username, pwhash, realname, email, id, permissions)
 		if err != nil {
 			return &common.HTTPError{
 				Message:    fmt.Sprintf("error executing sqlite3 statement: %v", err),
diff --git a/assets/config/users.db b/assets/config/users.db
index cf14ec3..7b05088 100644
Binary files a/assets/config/users.db and b/assets/config/users.db differ
diff --git a/assets/web/static/app.js b/assets/web/static/app.js
index 1e933ee..b4013ff 100644
--- a/assets/web/static/app.js
+++ b/assets/web/static/app.js
@@ -91,6 +91,12 @@ const usernew = {
 
         <label for="password">New Password</label>
         <input type="password" id="password" name="password">
+        <label for="permissions">Permission Level</label>
+        <select name="permissions">
+            <option value="0">Publishing only</option>
+            <option value="1">Publishing and Episode Management</option>
+            <option value="2">Publishing, Episode and User management</option>
+        </select>
         <br /><br />
         <input type="submit" class="button" value="Save"></form>
     </div>
diff --git a/router/router.go b/router/router.go
index 9c31b9a..8a0fdeb 100644
--- a/router/router.go
+++ b/router/router.go
@@ -97,22 +97,22 @@ func Init() *mux.Router {
 		admin.DeleteUser(),
 	)).Methods("GET")
 	r.Handle("/admin/edit", Handle(
-		auth.RequireAuthorization(0),
+		auth.RequireAuthorization(1),
 		admin.EditEpisode(),
 	)).Methods("POST")
 
 	r.Handle("/admin/delete", Handle(
-		auth.RequireAuthorization(0),
+		auth.RequireAuthorization(1),
 		admin.RemoveEpisode(),
 	)).Methods("GET")
 
 	r.Handle("/admin/css", Handle(
-		auth.RequireAuthorization(2),
+		auth.RequireAuthorization(1),
 		admin.CustomCss(),
 	)).Methods("GET", "POST")
 
 	r.Handle("/admin/adduser", Handle(
-		auth.RequireAuthorization(1),
+		auth.RequireAuthorization(2),
 		admin.AddUser(),
 	)).Methods("POST")