diff --git a/back/methods/account/user-acl.js b/back/methods/account/user-acl.js
new file mode 100644
index 0000000000..49e417260f
--- /dev/null
+++ b/back/methods/account/user-acl.js
@@ -0,0 +1,29 @@
+module.exports = Self => {
+    Self.remoteMethod('userAcl', {
+        description: 'Get all of the current user permissions',
+        accepts: [
+            {
+                arg: 'ctx',
+                type: 'Object',
+                http: {source: 'context'}
+            }
+        ],
+        returns: {
+            type: 'Object',
+            root: true
+        },
+        http: {
+            path: '/user/acl',
+            verb: 'GET'
+        }
+    });
+
+    Self.userAcl = async function(ctx) {
+        let userId = ctx.req.accessToken.userId;
+        let models = Self.app.models;
+
+        let user = await models.User.findById(userId, {
+            fields: ['id', 'name', 'nickname']
+        });
+    };
+};
diff --git a/front/core/services/user-acl-service.js b/front/core/services/user-acl-service.js
index 0d20c78b0b..1e29ea28d1 100644
--- a/front/core/services/user-acl-service.js
+++ b/front/core/services/user-acl-service.js
@@ -3,11 +3,25 @@ import ngModule from '../module';
 class UserAclService {
     constructor($http) {
         this.$http = $http;
-        this.roles = [];
+    }
+
+    reset() {
+        this.user = null;
+        this.roles = null;
     }
 
     load() {
+        // return this.$http.get
+    }
 
+    hasAny(roles) {
+        if (this.roles) {
+            for (let role of roles) {
+                if (this.roles[role])
+                    return true;
+            }
+        }
+        return false;
     }
 }
 UserAclService.$inject = ['$http'];