diff --git a/html/ajax_search.php b/html/ajax_search.php
index 2000e3182e..410aac1111 100755
--- a/html/ajax_search.php
+++ b/html/ajax_search.php
@@ -47,7 +47,11 @@ if (isset($_REQUEST['search']))
     } elseif($_REQUEST['type'] == 'device') {
 
       // Device search
-      $results = dbFetchRows("SELECT * FROM `devices` WHERE `hostname` LIKE '%" . $search . "%' OR `location` LIKE '%" . $search . "%' ORDER BY hostname LIMIT 8");
+      if (is_admin() === TRUE || is_read() === TRUE) {
+          $results = dbFetchRows("SELECT * FROM `devices` WHERE `hostname` LIKE '%" . $search . "%' OR `location` LIKE '%" . $search . "%' ORDER BY hostname LIMIT 8");
+      } else {
+          $results = dbFetchRows("SELECT * FROM `devices` AS `D`, `devices_perms` AS `P` WHERE `P`.`user_id` = ? AND `P`.`device_id` = `D`.`device_id` AND (`hostname` LIKE '%" . $search . "%' OR `location` LIKE '%" . $search . "%') ORDER BY hostname LIMIT 8", array($_SESSION['user_id']));
+      }
       if (count($results))
       {
         $found = 1;
@@ -72,7 +76,11 @@ if (isset($_REQUEST['search']))
           {
             $highlight_colour = '#008000';
           }
-          $num_ports = dbFetchCell("SELECT COUNT(*) FROM `ports` WHERE device_id = ?", array($result['device_id']));
+          if (is_admin() === TRUE || is_read() === TRUE) {
+              $num_ports = dbFetchCell("SELECT COUNT(*) FROM `ports` WHERE device_id = ?", array($result['device_id']));
+          } else {
+              $num_ports = dbFetchCell("SELECT COUNT(*) FROM `ports` AS `I`, `devices` AS `D`, `devices_perms` AS `P` WHERE `P`.`user_id` = ? AND `P`.`device_id` = `D`.`device_id` AND `I`.`device_id` = `D`.`device_id` AND device_id = ?", array($_SESSION['user_id'],$result['device_id']));
+          }
           $device[]=array('name'=>$name,
           'device_id'=>$result['device_id'],
           'url'=> generate_device_url($result),
@@ -91,7 +99,11 @@ if (isset($_REQUEST['search']))
     
     } elseif($_REQUEST['type'] == 'ports') {
       // Search ports
-      $results = dbFetchRows("SELECT `ports`.*,`devices`.* FROM `ports` LEFT JOIN `devices` ON  `ports`.`device_id` =  `devices`.`device_id` WHERE `ifAlias` LIKE '%" . $search . "%' OR `ifDescr` LIKE '%" . $search . "%' ORDER BY ifDescr LIMIT 8");
+      if (is_admin() === TRUE || is_read() === TRUE) {
+          $results = dbFetchRows("SELECT `ports`.*,`devices`.* FROM `ports` LEFT JOIN `devices` ON  `ports`.`device_id` =  `devices`.`device_id` WHERE `ifAlias` LIKE '%" . $search . "%' OR `ifDescr` LIKE '%" . $search . "%' ORDER BY ifDescr LIMIT 8");
+      } else {
+          $results = dbFetchRows("SELECT DISTINCT(`I`.`port_id`), `I`.*, `D`.`hostname` FROM `ports` AS `I`, `devices` AS `D`, `devices_perms` AS `P`, `ports_perms` AS `PP` WHERE ((`P`.`user_id` = ? AND `P`.`device_id` = `D`.`device_id`) OR (`PP`.`user_id` = ? AND `PP`.`port_id` = `I`.`port_id` AND `I`.`device_id` = `D`.`device_id`)) AND `D`.`device_id` = `I`.`device_id` AND (`ifAlias` LIKE '%" . $search . "%' OR `ifDescr` LIKE '%" . $search . "%') ORDER BY ifDescr LIMIT 8", array($_SESSION['user_id'],$_SESSION['user_id']));
+      }
 
       if (count($results))
       {
@@ -144,7 +156,11 @@ if (isset($_REQUEST['search']))
 
     } elseif($_REQUEST['type'] == 'bgp') {
       // Search bgp peers
-      $results = dbFetchRows("SELECT `bgpPeers`.*,`devices`.* FROM `bgpPeers` LEFT JOIN `devices` ON  `bgpPeers`.`device_id` =  `devices`.`device_id` WHERE `astext` LIKE '%" . $search . "%' OR `bgpPeerIdentifier` LIKE '%" . $search . "%' OR `bgpPeerRemoteAs` LIKE '%" . $search . "%' ORDER BY `astext` LIMIT 8");
+      if (is_admin() === TRUE || is_read() === TRUE) {
+          $results = dbFetchRows("SELECT `bgpPeers`.*,`devices`.* FROM `bgpPeers` LEFT JOIN `devices` ON  `bgpPeers`.`device_id` =  `devices`.`device_id` WHERE `astext` LIKE '%" . $search . "%' OR `bgpPeerIdentifier` LIKE '%" . $search . "%' OR `bgpPeerRemoteAs` LIKE '%" . $search . "%' ORDER BY `astext` LIMIT 8");
+      } else {
+          $results = dbFetchRows("SELECT `bgpPeers`.*,`D`.* FROM `bgpPeers`, `devices` AS `D`, `devices_perms` AS `P` WHERE `P`.`user_id` = ? AND `P`.`device_id` = `D`.`device_id` AND  `bgpPeers`.`device_id`=`D`.`device_id` AND  (`astext` LIKE '%" . $search . "%' OR `bgpPeerIdentifier` LIKE '%" . $search . "%' OR `bgpPeerRemoteAs` LIKE '%" . $search . "%') ORDER BY `astext` LIMIT 8", array($_SESSION['user_id']));
+      }
       if (count($results))
       {
         $found = 1;
diff --git a/html/includes/functions.inc.php b/html/includes/functions.inc.php
index 48295cd3e7..b6d1a42d00 100644
--- a/html/includes/functions.inc.php
+++ b/html/includes/functions.inc.php
@@ -730,6 +730,15 @@ function is_admin() {
     return $allowed;
 }
 
+function is_read() {
+    if ($_SESSION['userlevel'] == '5') {
+        $allowed = true;
+    } else {
+        $allowed = false;
+    }
+    return $allowed;
+}
+
 function demo_account() {
     print_error("You are logged in as a demo account, this page isn't accessible to you");
 }
diff --git a/html/includes/print-menubar.php b/html/includes/print-menubar.php
index 6c15928e0f..c90763560d 100644
--- a/html/includes/print-menubar.php
+++ b/html/includes/print-menubar.php
@@ -95,7 +95,13 @@ if ($_SESSION['userlevel'] >= '10') {
               <ul class="dropdown-menu scrollable-menu">
 <?php
 
-foreach (dbFetchRows('SELECT `type`,COUNT(`type`) AS total_type FROM `devices` AS D WHERE 1 GROUP BY `type` ORDER BY `type`') as $devtype) {
+if (is_admin() === TRUE || is_read() === TRUE) {
+    $sql = "SELECT `type`,COUNT(`type`) AS total_type FROM `devices` AS D WHERE 1 GROUP BY `type` ORDER BY `type`";
+} else {
+    $sql = "SELECT `type`,COUNT(`type`) AS total_type FROM `devices` AS `D`, `devices_perms` AS `P` WHERE `P`.`user_id` = ? AND `P`.`device_id` = `D`.`device_id` GROUP BY `type` ORDER BY `type`";
+    $param[] = $_SESSION['user_id'];
+}
+foreach (dbFetchRows($sql,$param) as $devtype) {
     if (empty($devtype['type'])) {
         $devtype['type'] = 'generic';
     }
diff --git a/html/includes/table/alertlog.inc.php b/html/includes/table/alertlog.inc.php
index 0dd0a4d60b..0d15037c3d 100644
--- a/html/includes/table/alertlog.inc.php
+++ b/html/includes/table/alertlog.inc.php
@@ -11,7 +11,7 @@ if ($_SESSION['userlevel'] >= '5') {
     $sql = " FROM `alert_log` AS E LEFT JOIN devices AS D ON E.device_id=D.device_id RIGHT JOIN alert_rules AS R ON E.rule_id=R.id WHERE $where";
 } else {
     $sql = " FROM `alert_log` AS E LEFT JOIN devices AS D ON E.device_id=D.device_id RIGHT JOIN alert_rules AS R ON E.rule_id=R.id RIGHT JOIN devices_perms AS P ON E.device_id = P.device_id WHERE $where AND P.user_id = ?";
-    $param[] = $_SESSION['user_id'];
+    $param[] = array($_SESSION['user_id']);
 }
 
 if (isset($searchPhrase) && !empty($searchPhrase)) {
diff --git a/html/pages/alert-log.inc.php b/html/pages/alert-log.inc.php
index 0d67679dc4..45cfac998d 100644
--- a/html/pages/alert-log.inc.php
+++ b/html/pages/alert-log.inc.php
@@ -45,12 +45,15 @@ var grid = $("#alertlog").bootgrid({
                 "<option value=\"\">All Devices</option>"+
 <?php
     foreach (get_all_devices() as $hostname) {
-        echo('"<option value=\"'.getidbyname($hostname).'\""+');
+        $device_id = getidbyname($hostname);
+        if (device_permitted($device_id)) {
+            echo('"<option value=\"'.$device_id.'\""+');
             if (getidbyname($hostname) == $_POST['device_id']) {
                 echo('" selected "+');
             }
-            echo('">'.$hostname.'</option>"+');
+           echo('">'.$hostname.'</option>"+');
         }
+    }
 ?>
                "</select>"+
                "</div>"+
diff --git a/html/pages/devices.inc.php b/html/pages/devices.inc.php
index 9305c519f0..488ed0ba61 100644
--- a/html/pages/devices.inc.php
+++ b/html/pages/devices.inc.php
@@ -216,7 +216,13 @@ var grid = $("#devices").bootgrid({
                 "<option value=''>All OSes</option>"+
 <?php
 
-foreach (dbFetch('SELECT `os` FROM `devices` AS D WHERE 1 GROUP BY `os` ORDER BY `os`') as $data) {
+if (is_admin() === TRUE || is_read() === TRUE) {
+    $sql = "SELECT `os` FROM `devices` AS D WHERE 1 GROUP BY `os` ORDER BY `os`";
+} else {
+    $sql = "SELECT `os` FROM `devices` AS `D`, `devices_perms` AS `P` WHERE `P`.`user_id` = ? AND `P`.`device_id` = `D`.`device_id` GROUP BY `os` ORDER BY `os`";
+    $param[] = $_SESSION['user_id'];
+}
+foreach (dbFetch($sql,$param) as $data) {
     if ($data['os']) {
         $tmp_os = clean_bootgrid($data['os']);
         echo('"<option value=\"'.$tmp_os.'\""+');
@@ -234,7 +240,13 @@ foreach (dbFetch('SELECT `os` FROM `devices` AS D WHERE 1 GROUP BY `os` ORDER BY
                 "<option value=''>All Versions</option>"+
 <?php
 
-foreach (dbFetch('SELECT `version` FROM `devices` AS D WHERE 1 GROUP BY `version` ORDER BY `version`') as $data) {
+if (is_admin() === TRUE || is_read() === TRUE) {
+    $sql = "SELECT `version` FROM `devices` AS D WHERE 1 GROUP BY `version` ORDER BY `version`";
+} else {
+    $sql = "SELECT `version` FROM `devices` AS `D`, `devices_perms` AS `P` WHERE `P`.`user_id` = ? AND `P`.`device_id` = `D`.`device_id` GROUP BY `version` ORDER BY `version`";
+    $param[] = $_SESSION['user_id'];
+}
+foreach (dbFetch($sql,$param) as $data) {
     if ($data['version']) {
         $tmp_version = clean_bootgrid($data['version']);
         echo('"<option value=\"'.$tmp_version.'\""+');
@@ -252,7 +264,13 @@ foreach (dbFetch('SELECT `version` FROM `devices` AS D WHERE 1 GROUP BY `version
                  "<option value=\"\">All Platforms</option>"+
 <?php
 
-foreach (dbFetch('SELECT `hardware` FROM `devices` AS D WHERE 1 GROUP BY `hardware` ORDER BY `hardware`') as $data) {
+if (is_admin() === TRUE || is_read() === TRUE) {
+    $sql = "SELECT `hardware` FROM `devices` AS D WHERE 1 GROUP BY `hardware` ORDER BY `hardware`";
+} else {
+    $sql = "SELECT `hardware` FROM `devices` AS `D`, `devices_perms` AS `P` WHERE `P`.`user_id` = ? AND `P`.`device_id` = `D`.`device_id` GROUP BY `hardware` ORDER BY `hardware`";
+    $param[] = $_SESSION['user_id'];
+}
+foreach (dbFetch($sql,$param) as $data) {
     if ($data['hardware']) {
         $tmp_hardware = clean_bootgrid($data['hardware']);
         echo('"<option value=\"'.$tmp_hardware.'\""+');
@@ -271,7 +289,13 @@ foreach (dbFetch('SELECT `hardware` FROM `devices` AS D WHERE 1 GROUP BY `hardwa
                 "<option value=\"\">All Featuresets</option>"+
 <?php
 
-foreach (dbFetch('SELECT `features` FROM `devices` AS D WHERE 1 GROUP BY `features` ORDER BY `features`') as $data)
+if (is_admin() === TRUE || is_read() === TRUE) {
+    $sql = "SELECT `features` FROM `devices` AS D WHERE 1 GROUP BY `features` ORDER BY `features`";
+} else {
+    $sql = "SELECT `features` FROM `devices` AS `D`, `devices_perms` AS `P` WHERE `P`.`user_id` = ? AND `P`.`device_id` = `D`.`device_id` GROUP BY `features` ORDER BY `features`";
+    $param[] = $_SESSION['user_id'];
+}
+foreach (dbFetch($sql,$param) as $data)
 {
   if ($data['features'])
   {
@@ -312,7 +336,13 @@ foreach (getlocations() as $location) {
                     "<option value=\"\">All Device Types</option>"+
 <?php
 
-foreach (dbFetch('SELECT `type` FROM `devices` AS D WHERE 1 GROUP BY `type` ORDER BY `type`') as $data) {
+if (is_admin() === TRUE || is_read() === TRUE) {
+    $sql = "SELECT `type` FROM `devices` AS D WHERE 1 GROUP BY `type` ORDER BY `type`";
+} else {
+    $sql = "SELECT `type` FROM `devices` AS `D`, `devices_perms` AS `P` WHERE `P`.`user_id` = ? AND `P`.`device_id` = `D`.`device_id` GROUP BY `type` ORDER BY `type`";
+    $param[] = $_SESSION['user_id'];
+}
+foreach (dbFetch($sql,$param) as $data) {
     if ($data['type']) {
         echo('"<option value=\"'.$data['type'].'\""+');
         if ($data['type'] == $vars['type']) {
diff --git a/html/pages/eventlog.inc.php b/html/pages/eventlog.inc.php
index bd67432530..4e1cad13d2 100644
--- a/html/pages/eventlog.inc.php
+++ b/html/pages/eventlog.inc.php
@@ -26,11 +26,12 @@ print_optionbar_start();
         <?php
           foreach (get_all_devices() as $hostname)
           {
-            echo("<option value='".getidbyname($hostname)."'");
-
-            if (getidbyname($hostname) == $_POST['device']) { echo("selected"); }
-
-            echo(">".$hostname."</option>");
+              $device_id = getidbyname($hostname);
+              if (device_permitted($device_id)) {
+                  echo("<option value='".$device_id."'");
+                  if ($device_id == $_POST['device']) { echo("selected"); }
+                  echo(">".$hostname."</option>");
+              }
           }
         ?>
       </select>
diff --git a/html/pages/inventory.inc.php b/html/pages/inventory.inc.php
index dc0a5dad67..e53daab965 100644
--- a/html/pages/inventory.inc.php
+++ b/html/pages/inventory.inc.php
@@ -56,11 +56,13 @@ foreach (dbFetchRows("SELECT `entPhysicalModelName` FROM `entPhysical` GROUP BY
 <?php
 
 foreach (dbFetchRows("SELECT * FROM `devices` ORDER BY `hostname`") as $data) {
-    echo('"<option value=\"'.$data['device_id'].'\""+');
-    if ($data['device_id'] == $_POST['device']) {
-        echo('" selected"+');
+    if (device_permitted($data['device_id'])) {
+        echo('"<option value=\"'.$data['device_id'].'\""+');
+        if ($data['device_id'] == $_POST['device']) {
+            echo('" selected"+');
+        }
+        echo('">'.$data['hostname'].'</option>"+');
     }
-    echo('">'.$data['hostname'].'</option>"+');
 }
 ?>
                  "</select>"+
diff --git a/html/pages/ports.inc.php b/html/pages/ports.inc.php
index 386100262a..2000ffdab4 100644
--- a/html/pages/ports.inc.php
+++ b/html/pages/ports.inc.php
@@ -140,7 +140,14 @@ foreach ($results as $data)
       <select name="ifSpeed" id="ifSpeed" class="form-control input-sm">
         <option value="">All Speeds</option>
 <?php
-foreach (dbFetchRows("SELECT `ifSpeed` FROM `ports` GROUP BY `ifSpeed` ORDER BY `ifSpeed`") as $data)
+
+if (is_admin() === TRUE || is_read() === TRUE) {
+    $sql = "SELECT `ifSpeed` FROM `ports` GROUP BY `ifSpeed` ORDER BY `ifSpeed`";
+} else {
+    $sql = "SELECT `ifSpeed` FROM `ports` AS `I`, `devices` AS `D`, `devices_perms` AS `P`, `ports_perms` AS `PP` WHERE ((`P`.`user_id` = ? AND `P`.`device_id` = `D`.`device_id`) OR (`PP`.`user_id` = ? AND `PP`.`port_id` = `I`.`port_id` AND `I`.`device_id` = `D`.`device_id`)) AND `D`.`device_id` = `I`.`device_id` GROUP BY `ifSpeed` ORDER BY `ifSpeed`";
+    $param[] = array($_SESSION['user_id'],$_SESSION['user_id']);
+}
+foreach (dbFetchRows($sql,$param) as $data)
 {
   if ($data['ifSpeed'])
   {
@@ -156,7 +163,14 @@ foreach (dbFetchRows("SELECT `ifSpeed` FROM `ports` GROUP BY `ifSpeed` ORDER BY
       <select name="ifType" id="ifType" class="form-control input-sm">
         <option value="">All Media</option>
 <?php
-foreach (dbFetchRows("SELECT `ifType` FROM `ports` GROUP BY `ifType` ORDER BY `ifType`") as $data)
+
+if (is_admin() === TRUE || is_read() === TRUE) {
+    $sql = "SELECT `ifType` FROM `ports` GROUP BY `ifType` ORDER BY `ifType`";
+} else {
+    $sql = "SELECT `ifType` FROM `ports` AS `I`, `devices` AS `D`, `devices_perms` AS `P`, `ports_perms` AS `PP` WHERE ((`P`.`user_id` = ? AND `P`.`device_id` = `D`.`device_id`) OR (`PP`.`user_id` = ? AND `PP`.`port_id` = `I`.`port_id` AND `I`.`device_id` = `D`.`device_id`)) AND `D`.`device_id` = `I`.`device_id` GROUP BY `ifType` ORDER BY `ifType`";
+    $param[] = array($_SESSION['user_id'],$_SESSION['user_id']);
+}
+foreach (dbFetchRows($sql,$param) as $data)
 {
   if ($data['ifType'])
   {
@@ -170,9 +184,14 @@ foreach (dbFetchRows("SELECT `ifType` FROM `ports` GROUP BY `ifType` ORDER BY `i
       <select name="port_descr_type" id="port_descr_type" class="form-control input-sm">
         <option value="">All Port Types</option>
 <?php
-$ports = dbFetchRows("SELECT `port_descr_type` FROM `ports` GROUP BY `port_descr_type` ORDER BY `port_descr_type`");
-$total = count($ports);
-echo("Total: $total");
+
+if (is_admin() === TRUE || is_read() === TRUE) {
+    $sql = "SELECT `port_descr_type` FROM `ports` GROUP BY `port_descr_type` ORDER BY `port_descr_type`";
+} else {
+    $sql = "SELECT `port_descr_type` FROM `ports` AS `I`, `devices` AS `D`, `devices_perms` AS `P`, `ports_perms` AS `PP` WHERE ((`P`.`user_id` = ? AND `P`.`device_id` = `D`.`device_id`) OR (`PP`.`user_id` = ? AND `PP`.`port_id` = `I`.`port_id` AND `I`.`device_id` = `D`.`device_id`)) AND `D`.`device_id` = `I`.`device_id` GROUP BY `port_descr_type` ORDER BY `port_descr_type`";
+    $param[] = array($_SESSION['user_id'],$_SESSION['user_id']);
+}
+$ports = dbFetchRows($sql,$param);
 foreach ($ports as $data)
 {
   if ($data['port_descr_type'])