diff --git a/public/language/en-GB/admin/manage/privileges.json b/public/language/en-GB/admin/manage/privileges.json
index e951ffcfe5..b8b83a5439 100644
--- a/public/language/en-GB/admin/manage/privileges.json
+++ b/public/language/en-GB/admin/manage/privileges.json
@@ -34,5 +34,7 @@
 	"purge": "Purge",
 	"moderate": "Moderate",
 
-	"manage-categories": "Manage Categories"
+	"admin-dashboard": "Dashboard",
+	"admin-categories": "Categories",
+	"admin-settings": "Settings"
 }
\ No newline at end of file
diff --git a/public/src/admin/manage/privileges.js b/public/src/admin/manage/privileges.js
index 76db67a687..65132b9e9d 100644
--- a/public/src/admin/manage/privileges.js
+++ b/public/src/admin/manage/privileges.js
@@ -146,7 +146,7 @@ define('admin/manage/privileges', [
 			autocomplete.user(inputEl, function (ev, ui) {
 				var defaultPrivileges;
 				if (ajaxify.data.url === '/admin/manage/privileges/admin') {
-					defaultPrivileges = ['manage:categories'];
+					defaultPrivileges = ['admin:dashboard'];
 				} else {
 					defaultPrivileges = cid ? ['find', 'read', 'topics:read'] : ['chat'];
 				}
@@ -180,7 +180,7 @@ define('admin/manage/privileges', [
 			autocomplete.group(inputEl, function (ev, ui) {
 				var defaultPrivileges;
 				if (ajaxify.data.url === '/admin/manage/privileges/admin') {
-					defaultPrivileges = ['groups:manage:categories'];
+					defaultPrivileges = ['groups:admin:dashboard'];
 				} else {
 					defaultPrivileges = cid ? ['groups:find', 'groups:read', 'groups:topics:read'] : ['groups:chat'];
 				}
diff --git a/src/middleware/admin.js b/src/middleware/admin.js
index 7e3d4fe11e..804999ed1a 100644
--- a/src/middleware/admin.js
+++ b/src/middleware/admin.js
@@ -141,7 +141,7 @@ module.exports = function (middleware) {
 		}
 
 		// Otherwise, check for privilege based on page (if not in mapping, deny access)
-		const path = req.path.replace(/^(\/api)?\/admin\//g, '');
+		const path = req.path.replace(/^(\/api)?\/admin\/?/g, '');
 		const privilege = privileges.admin.resolve(path);
 		if (!privilege || !await privileges.admin.can(privilege, req.uid)) {
 			return controllers.helpers.notAllowed(req, res);
diff --git a/src/privileges/admin.js b/src/privileges/admin.js
index 686629f3e1..e3be83b030 100644
--- a/src/privileges/admin.js
+++ b/src/privileges/admin.js
@@ -13,41 +13,56 @@ module.exports = function (privileges) {
 	privileges.admin = {};
 
 	privileges.admin.privilegeLabels = [
-		{ name: '[[admin/manage/privileges:manage-categories]]' },
+		{ name: '[[admin/manage/privileges:admin-dashboard]]' },
+		{ name: '[[admin/manage/privileges:admin-categories]]' },
+		{ name: '[[admin/manage/privileges:admin-settings]]' },
 	];
 
 	privileges.admin.userPrivilegeList = [
-		'manage:categories',
+		'admin:dashboard',
+		'admin:categories',
+		'admin:settings',
 	];
 
 	privileges.admin.groupPrivilegeList = privileges.admin.userPrivilegeList.map(privilege => 'groups:' + privilege);
 
 	// Mapping for a page route (via direct match or regexp) to a privilege
 	privileges.admin.routeMap = {
-		'manage/categories': 'manage:categories',
+		dashboard: 'admin:dashboard',
+		'manage/categories': 'admin:categories',
 	};
 	privileges.admin.routeRegexpMap = {
-		'^manage/categories/\\d+': 'manage:categories',
+		'^manage/categories/\\d+': 'admin:categories',
+		'^settings/[\\w\\-]+$': 'admin:settings',
 	};
 
 	// Mapping for socket call methods to a privilege
+	// In NodeBB v2, these socket calls will be removed in favour of xhr calls
 	privileges.admin.socketMap = {
-		'admin.categories.getAll': 'manage:categories',
-		'admin.categories.create': 'manage:categories',
-		'admin.categories.update': 'manage:categories',
-		'admin.categories.purge': 'manage:categories',
-		'admin.categories.copySettingsFrom': 'manage:categories',
+		'admin.rooms.getAll': 'admin:dashboard',
+		'admin.analytics.get': 'admin:dashboard',
+
+		'admin.categories.getAll': 'admin:categories',
+		'admin.categories.create': 'admin:categories',
+		'admin.categories.update': 'admin:categories',
+		'admin.categories.purge': 'admin:categories',
+		'admin.categories.copySettingsFrom': 'admin:categories',
+
+		'admin.getSearchDict': 'admin:settings',
+		'admin.config.setMultiple': 'admin:settings',
+		'admin.config.remove': 'admin:settings',
 	};
 
 	privileges.admin.resolve = (path) => {
 		if (privileges.admin.routeMap[path]) {
 			return privileges.admin.routeMap[path];
+		} else if (path === '') {
+			return 'manage:dashboard';
 		}
 
 		let privilege;
 		Object.keys(privileges.admin.routeRegexpMap).forEach((regexp) => {
 			if (!privilege) {
-				console.log('here', new RegExp(regexp), path);
 				if (new RegExp(regexp).test(path)) {
 					privilege = privileges.admin.routeRegexpMap[regexp];
 				}
diff --git a/src/socket.io/admin/categories.js b/src/socket.io/admin/categories.js
index 2c5c514fc5..50e61f94bc 100644
--- a/src/socket.io/admin/categories.js
+++ b/src/socket.io/admin/categories.js
@@ -61,7 +61,6 @@ Categories.setPrivilege = async function (socket, data) {
 		throw new Error('[[error:no-user-or-group]]');
 	}
 
-	console.log('setting', data);
 	await privileges.categories[data.set ? 'give' : 'rescind'](
 		Array.isArray(data.privilege) ? data.privilege : [data.privilege], data.cid, data.member
 	);