diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 0000000..b2bad72
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,5 @@
+# Hitobito Changelog
+
+## Version 1.15
+
+* [Anpassung von Rollen und Berechtigungen](https://github.com/hitobito/hitobito/issues/270)
diff --git a/README.rdoc b/README.rdoc
index 9ffc767..ff407fd 100644
--- a/README.rdoc
+++ b/README.rdoc
@@ -9,17 +9,17 @@ This hitobito wagon defines the organization hierarchy with groups and roles of
   * Dachverband
     * Administrator/-in: [:admin, :layer_and_below_full]
   * Vorstand
-    * Präsidium: [:layer_and_below_read, :group_and_below_full, :contact_data]
-    * Finanzverantwortliche/-r: [:layer_and_below_read, :financials, :contact_data]
-    * Mitglied: [:layer_and_below_read, :contact_data]
+    * Präsidium: [:layer_read, :group_and_below_full, :contact_data]
+    * Finanzverantwortliche/-r: [:layer_read, :financials, :contact_data]
+    * Mitglied: [:layer_read, :contact_data]
   * Geschäftsstelle
-    * Geschäftsleiter/-in: [:layer_and_below_full, :admin, :contact_data]
-    * Angestellte/-r: [:layer_and_below_full, :admin, :contact_data]
-    * Finanzverantwortliche/-r: [:layer_and_below_full, :financials, :admin, :contact_data]
+    * Geschäftsleiter/-in: [:layer_full, :contact_data]
+    * Angestellte/-r: [:layer_full, :contact_data]
+    * Finanzverantwortliche/-r: [:layer_full, :financials, :contact_data]
   * Gremium
-    * Leitung: [:layer_and_below_read, :group_and_below_full, :contact_data]
-    * Mitglied: [:layer_and_below_read]
-    * Aktive/-r Kursleiter/-in: [:layer_and_below_read]
+    * Leitung: [:layer_read, :group_and_below_full, :contact_data]
+    * Mitglied: [:layer_read]
+    * Aktive/-r Kursleiter/-in: [:layer_read]
   * Mitglieder
     * Adressverwalter/-in: [:group_and_below_full]
     * Mitglied: []
@@ -37,9 +37,9 @@ This hitobito wagon defines the organization hierarchy with groups and roles of
     * Finanzverantwortliche-/r: [:layer_and_below_read, :financials, :contact_data]
     * Mitglied: [:layer_and_below_read, :contact_data]
   * Geschäftsstelle
-    * Geschäftsleiter/-in: [:layer_and_below_full, :admin, :contact_data]
-    * Angestellte/-r: [:layer_and_below_full, :admin, :contact_data]
-    * Finanzverantwortliche/-r: [:layer_and_below_full, :financials, :admin, :contact_data]
+    * Geschäftsleiter/-in: [:layer_and_below_full, :contact_data]
+    * Angestellte/-r: [:layer_and_below_full, :contact_data]
+    * Finanzverantwortliche/-r: [:layer_and_below_full, :financials, :contact_data]
     * Administrator/-in Ortsgruppen: [:layer_and_below_full, :unconfined_below]
   * Gremium
     * Leitung: [:layer_and_below_read, :group_and_below_full, :contact_data]
@@ -55,13 +55,15 @@ This hitobito wagon defines the organization hierarchy with groups and roles of
     * Spender/-in: []
     * Spendenverwalter/-in: [:group_and_below_full]
 * Sektion
+  * Sektion
+    * Administrator/-in: [:layer_and_below_full, :contact_data]
 * Ortsgruppe
   * Ortsgruppe
     * Administrator/-in Cevi DB: [:layer_and_below_full, :unconfined_below]
 * Jungschar
   * Jungschar
     * Abteilungsleiter/-in: [:layer_and_below_full, :contact_data]
-    * Coach: [:layer_and_below_read, :approve_applications]
+    * Coach: [:layer_and_below_full, :approve_applications]
     * Finanzverantwortliche/-r: [:layer_and_below_read, :financials]
     * Adressverwalter/-in: [:layer_and_below_full]
     * Aktuar/-in: [:layer_and_below_read]
@@ -101,7 +103,7 @@ This hitobito wagon defines the organization hierarchy with groups and roles of
     * Teilnehmer/-in: [:group_read]
   * Team
     * Abteilungsleiter/-in: [:layer_and_below_full, :contact_data]
-    * Coach: [:layer_and_below_read, :approve_applications]
+    * Coach: [:layer_and_below_full, :approve_applications]
     * Finanzverantwortliche/-r: [:layer_and_below_read, :financials]
     * Adressverwalter/-in: [:layer_and_below_full]
     * Aktuar/-in: [:layer_and_below_read]
@@ -162,7 +164,7 @@ This hitobito wagon defines the organization hierarchy with groups and roles of
     * Mitglied: [:group_read]
     * Freie/-r Mitarbeiter/-in: [:layer_and_below_read]
   * Sport Team/Gruppe
-    * Leiter: [:group_and_below_full]
+    * Leiter/-in: [:group_and_below_full]
     * Mitglied: [:group_read]
   * Externe
     * Verantwortliche/-r: [:group_and_below_full]
diff --git a/app/models/group/dachverband_geschaeftsstelle.rb b/app/models/group/dachverband_geschaeftsstelle.rb
index 3c31451..ea0a303 100644
--- a/app/models/group/dachverband_geschaeftsstelle.rb
+++ b/app/models/group/dachverband_geschaeftsstelle.rb
@@ -36,15 +36,15 @@ class Group::DachverbandGeschaeftsstelle < Group::Geschaeftsstelle
   ### ROLES
 
   class Geschaeftsleiter < ::Role
-    self.permissions = [:layer_and_below_full, :admin, :contact_data]
+    self.permissions = [:layer_full, :contact_data]
   end
 
   class Angestellter < ::Role
-    self.permissions = [:layer_and_below_full, :admin, :contact_data]
+    self.permissions = [:layer_full, :contact_data]
   end
 
   class Finanzverantwortlicher < ::Role
-    self.permissions = [:layer_and_below_full, :financials, :admin, :contact_data]
+    self.permissions = [:layer_full, :financials, :contact_data]
   end
 
   roles Geschaeftsleiter,
diff --git a/app/models/group/dachverband_gremium.rb b/app/models/group/dachverband_gremium.rb
index 1001ae2..99436c5 100644
--- a/app/models/group/dachverband_gremium.rb
+++ b/app/models/group/dachverband_gremium.rb
@@ -39,15 +39,15 @@ class Group::DachverbandGremium < Group::Gremium
   ### ROLES
 
   class Leitung < ::Role
-    self.permissions = [:layer_and_below_read, :group_and_below_full, :contact_data]
+    self.permissions = [:layer_read, :group_and_below_full, :contact_data]
   end
 
   class Mitglied < ::Role
-    self.permissions = [:layer_and_below_read]
+    self.permissions = [:layer_read]
   end
 
   class AktiverKursleiter < ::Role
-    self.permissions = [:layer_and_below_read]
+    self.permissions = [:layer_read]
   end
 
   roles Leitung,
diff --git a/app/models/group/dachverband_vorstand.rb b/app/models/group/dachverband_vorstand.rb
index 62df90b..31afb28 100644
--- a/app/models/group/dachverband_vorstand.rb
+++ b/app/models/group/dachverband_vorstand.rb
@@ -36,15 +36,15 @@ class Group::DachverbandVorstand < Group::Vorstand
   ### ROLES
 
   class Praesidium < ::Role
-    self.permissions = [:layer_and_below_read, :group_and_below_full, :contact_data]
+    self.permissions = [:layer_read, :group_and_below_full, :contact_data]
   end
 
   class Finanzverantwortlicher < ::Role
-    self.permissions = [:layer_and_below_read, :financials, :contact_data]
+    self.permissions = [:layer_read, :financials, :contact_data]
   end
 
   class Mitglied < ::Role
-    self.permissions = [:layer_and_below_read, :contact_data]
+    self.permissions = [:layer_read, :contact_data]
   end
 
   roles Praesidium,
diff --git a/app/models/group/jungschar.rb b/app/models/group/jungschar.rb
index 76d1ebc..a90296b 100644
--- a/app/models/group/jungschar.rb
+++ b/app/models/group/jungschar.rb
@@ -45,7 +45,7 @@ class Abteilungsleiter < ::Role
   end
 
   class Coach < ::Role
-    self.permissions = [:layer_and_below_read, :approve_applications]
+    self.permissions = [:layer_and_below_full, :approve_applications]
   end
 
   class Finanzverantwortlicher < ::Role
diff --git a/app/models/group/mitgliederorganisation_geschaeftsstelle.rb b/app/models/group/mitgliederorganisation_geschaeftsstelle.rb
index e44ee65..00a4cfd 100644
--- a/app/models/group/mitgliederorganisation_geschaeftsstelle.rb
+++ b/app/models/group/mitgliederorganisation_geschaeftsstelle.rb
@@ -36,15 +36,15 @@ class Group::MitgliederorganisationGeschaeftsstelle < Group::Geschaeftsstelle
   ### ROLES
 
   class Geschaeftsleiter < ::Role
-    self.permissions = [:layer_and_below_full, :admin, :contact_data]
+    self.permissions = [:layer_and_below_full, :contact_data]
   end
 
   class Angestellter < ::Role
-    self.permissions = [:layer_and_below_full, :admin, :contact_data]
+    self.permissions = [:layer_and_below_full, :contact_data]
   end
 
   class Finanzverantwortlicher < ::Role
-    self.permissions = [:layer_and_below_full, :financials, :admin, :contact_data]
+    self.permissions = [:layer_and_below_full, :financials, :contact_data]
   end
 
   class AdminOrtsgruppen < ::Role
diff --git a/app/models/group/sektion.rb b/app/models/group/sektion.rb
index 51db5b7..c0e2b9d 100644
--- a/app/models/group/sektion.rb
+++ b/app/models/group/sektion.rb
@@ -1,6 +1,6 @@
 # encoding: utf-8
 
-#  Copyright (c) 2012-2014, CEVI Regionalverband ZH-SH-GL. This file is part of
+#  Copyright (c) 2012-2017, CEVI Regionalverband ZH-SH-GL. This file is part of
 #  hitobito_cevi and licensed under the Affero General Public License version 3
 #  or later. See the COPYING file at the top-level directory or at
 #  https://github.com/hitobito/hitobito_cevi.
@@ -37,4 +37,12 @@ class Group::Sektion < Group
 
   children Group::Ortsgruppe
 
+  ### ROLES
+
+  class Administrator < ::Role
+    self.permissions = [:layer_and_below_full, :contact_data]
+  end
+
+  roles Administrator
+
 end
diff --git a/config/locales/models.cevi.de.yml b/config/locales/models.cevi.de.yml
index adb2c8b..1670e00 100644
--- a/config/locales/models.cevi.de.yml
+++ b/config/locales/models.cevi.de.yml
@@ -316,6 +316,12 @@ de:
         other: Spendenverwalter/-innen
         description:
 
+      group/sektion/administrator:
+        one: Administrator/-in
+        other: Administrator/-innen
+        description:
+
+
 
       group/ortsgruppe/administrator_cevi_db:
         one: Administrator/-in Cevi DB
diff --git a/spec/abilities/person_ability_spec.rb b/spec/abilities/person_ability_spec.rb
index 29c9347..69efc0c 100644
--- a/spec/abilities/person_ability_spec.rb
+++ b/spec/abilities/person_ability_spec.rb
@@ -195,7 +195,7 @@
   end
 
   context :layer_and_below_full do
-    let(:role) { Fabricate(Group::DachverbandGeschaeftsstelle::Geschaeftsleiter.name.to_sym, group: groups(:dachverband_gs)) }
+    let(:role) { Fabricate(Group::Dachverband::Administrator.name.to_sym, group: groups(:dachverband)) }
 
     it 'may not view any non-visible in lower layers' do
       other = Fabricate(Group::Stufe::Teilnehmer.name.to_sym, group: groups(:jungschar_burgd_wildsau))
diff --git a/spec/abilities/person_layer_writables_spec.rb b/spec/abilities/person_layer_writables_spec.rb
index e015c7c..0501ac9 100644
--- a/spec/abilities/person_layer_writables_spec.rb
+++ b/spec/abilities/person_layer_writables_spec.rb
@@ -16,7 +16,7 @@
   subject { accessibles }
 
   context :layer_and_below_full do
-    let(:role) { Fabricate(Group::DachverbandGeschaeftsstelle::Geschaeftsleiter.name, group: groups(:dachverband_gs)) }
+    let(:role) { Fabricate(Group::Dachverband::Administrator.name, group: groups(:dachverband)) }
 
     context 'own layer' do
       it 'may get people' do