diff --git a/config/permissions.yaml b/config/permissions.yaml
index e9e4a450..fc315f7f 100644
--- a/config/permissions.yaml
+++ b/config/permissions.yaml
@@ -153,6 +153,10 @@ perms: # Here comes a list with all Permission names (they have a perm_[name] co
     <<: *PART_MULTI_ATTRIBUTE
     label: "perm.part.prices"
 
+  parts_parameters:
+    <<: *PART_MULTI_ATTRIBUTE
+    label: "perm.part.parameters"
+
   parts_lots:
     <<: *PART_MULTI_ATTRIBUTE
     label: "perm.part.lots"
diff --git a/src/Controller/GroupController.php b/src/Controller/GroupController.php
index cb481b49..1bbdf1b0 100644
--- a/src/Controller/GroupController.php
+++ b/src/Controller/GroupController.php
@@ -44,6 +44,7 @@ namespace App\Controller;
 
 use App\Controller\AdminPages\BaseAdminController;
 use App\Entity\Attachments\GroupAttachment;
+use App\Entity\Parameters\GroupParameter;
 use App\Entity\UserSystem\Group;
 use App\Form\AdminPages\GroupAdminForm;
 use App\Services\EntityExporter;
@@ -65,6 +66,7 @@ class GroupController extends BaseAdminController
     protected $form_class = GroupAdminForm::class;
     protected $route_base = 'group';
     protected $attachment_class = GroupAttachment::class;
+    protected $parameter_class = GroupParameter::class;
 
     /**
      * @Route("/{id}/edit/{timestamp}", requirements={"id"="\d+"}, name="group_edit")
diff --git a/src/Entity/UserSystem/PermissionsEmbed.php b/src/Entity/UserSystem/PermissionsEmbed.php
index c6b01782..63fed4d8 100644
--- a/src/Entity/UserSystem/PermissionsEmbed.php
+++ b/src/Entity/UserSystem/PermissionsEmbed.php
@@ -235,6 +235,12 @@ class PermissionsEmbed
      */
     protected $parts_prices = 0;
 
+    /**
+     * @var int
+     * @ORM\Column(type="smallint")
+     */
+    protected $parts_parameters = 0;
+
     /**
      * @var int
      * @ORM\Column(type="smallint", name="parts_attachements")
diff --git a/src/Form/Part/PartBaseType.php b/src/Form/Part/PartBaseType.php
index b990fb4d..1610afcf 100644
--- a/src/Form/Part/PartBaseType.php
+++ b/src/Form/Part/PartBaseType.php
@@ -269,12 +269,13 @@ class PartBaseType extends AbstractType
 
         $builder->add('parameters', CollectionType::class, [
             'entry_type' => ParameterType::class,
-            'allow_add' => true,
-            'allow_delete' => true,
+            'allow_add' => $this->security->isGranted('parameters.create', $part),
+            'allow_delete' => $this->security->isGranted('parameters.delete', $part),
             'label' => false,
             'by_reference' => false,
             'prototype_data' => new PartParameter(),
             'entry_options' => [
+                'disabled' => ! $this->security->isGranted('parameters.edit', $part),
                 'data_class' => PartParameter::class,
             ],
         ]);
diff --git a/src/Migrations/Version20200311204104.php b/src/Migrations/Version20200311204104.php
index f7025f42..0cd173d8 100644
--- a/src/Migrations/Version20200311204104.php
+++ b/src/Migrations/Version20200311204104.php
@@ -23,7 +23,19 @@ final class Version20200311204104 extends AbstractMigration
         $this->abortIf('mysql' !== $this->connection->getDatabasePlatform()->getName(), 'Migration can only be executed safely on \'mysql\'.');
 
         $this->addSql('CREATE TABLE parameters (id INT AUTO_INCREMENT NOT NULL, name VARCHAR(255) NOT NULL, symbol VARCHAR(255) NOT NULL, value_min DOUBLE PRECISION DEFAULT NULL, value_typical DOUBLE PRECISION DEFAULT NULL, value_max DOUBLE PRECISION DEFAULT NULL, unit VARCHAR(255) NOT NULL, value_text VARCHAR(255) NOT NULL, param_group VARCHAR(255) NOT NULL, last_modified DATETIME DEFAULT CURRENT_TIMESTAMP NOT NULL, datetime_added DATETIME DEFAULT CURRENT_TIMESTAMP NOT NULL, type SMALLINT NOT NULL, element_id INT NOT NULL, INDEX IDX_69348FE1F1F2A24 (element_id), PRIMARY KEY(id)) DEFAULT CHARACTER SET utf8mb4 COLLATE `utf8mb4_unicode_ci` ENGINE = InnoDB');
+        $this->addSql('ALTER TABLE `groups` ADD perms_parts_parameters SMALLINT NOT NULL');
+        $this->addSql('ALTER TABLE `users` ADD perms_parts_parameters SMALLINT NOT NULL');
         $this->addSql('ALTER TABLE log CHANGE level level TINYINT');
+
+        $sql = 'UPDATE `groups`' .
+            'SET perms_parts_parameters = 341 WHERE (id = 1 AND name = "admins") OR (id = 3 AND name = "users");';
+        $this->addSql($sql);
+
+        $sql = 'UPDATE `groups`' .
+            'SET perms_parts_parameters = 681 WHERE (id = 2 AND name = "readonly");';
+        $this->addSql($sql);
+
+        $this->write('<question>[!!!] Permissions were updated! Please check if they fit your expectations!</question>');
     }
 
     public function down(Schema $schema): void
@@ -32,6 +44,8 @@ final class Version20200311204104 extends AbstractMigration
         $this->abortIf('mysql' !== $this->connection->getDatabasePlatform()->getName(), 'Migration can only be executed safely on \'mysql\'.');
 
         $this->addSql('DROP TABLE parameters');
+        $this->addSql('ALTER TABLE `groups` DROP perms_parts_parameters');
+        $this->addSql('ALTER TABLE `users` DROP perms_parts_parameters');
         $this->addSql('ALTER TABLE log CHANGE level level TINYINT(1) DEFAULT NULL');
     }
 }
diff --git a/templates/Parts/edit/_specifications.html.twig b/templates/Parts/edit/_specifications.html.twig
index 61cdbcfd..dd5af0fd 100644
--- a/templates/Parts/edit/_specifications.html.twig
+++ b/templates/Parts/edit/_specifications.html.twig
@@ -21,7 +21,7 @@
     </tbody>
 </table>
 
-<button type="button" class="btn btn-success" onclick="create_specification_entry(this)" {% if not is_granted('orderdetails.create', part) %}disabled{% endif %}>
+<button type="button" class="btn btn-success" onclick="create_specification_entry(this)" {% if not is_granted('parameters.create', part) %}disabled{% endif %}>
     <i class="fas fa-plus-square fa-fw"></i>
     {% trans %}specification.create{% endtrans %}
 </button>