diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/model/PrivilegeContext.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/model/PrivilegeContext.java
index 2edad3ee0..dd70e321b 100644
--- a/li.strolch.privilege/src/main/java/li/strolch/privilege/model/PrivilegeContext.java
+++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/model/PrivilegeContext.java
@@ -81,6 +81,25 @@ public class PrivilegeContext {
 		}
 	}
 
+	public void assertHasRole(String roleName) throws AccessDeniedException {
+		if (!this.userRep.hasRole(roleName)) {
+			String msg = MessageFormat.format(PrivilegeMessages.getString("Privilege.noprivilege.role"), //$NON-NLS-1$
+					userRep.getUsername(), roleName);
+			throw new AccessDeniedException(msg);
+		}
+	}
+
+	public void assertHasAnyRole(String... roleNames) throws AccessDeniedException {
+		for (String roleName : roleNames) {
+			if (this.userRep.hasRole(roleName))
+				return;
+		}
+
+		String msg = MessageFormat.format(PrivilegeMessages.getString("Privilege.noprivilege.role"), //$NON-NLS-1$
+				userRep.getUsername(), String.join(", ", roleNames));
+		throw new AccessDeniedException(msg);
+	}
+
 	public IPrivilege getPrivilege(String privilegeName) throws AccessDeniedException {
 		assertHasPrivilege(privilegeName);
 		return this.privileges.get(privilegeName);
diff --git a/li.strolch.privilege/src/main/resources/PrivilegeMessages.properties b/li.strolch.privilege/src/main/resources/PrivilegeMessages.properties
index da35a4110..ec013a5e2 100644
--- a/li.strolch.privilege/src/main/resources/PrivilegeMessages.properties
+++ b/li.strolch.privilege/src/main/resources/PrivilegeMessages.properties
@@ -11,6 +11,7 @@ Privilege.privilegeNameEmpty=The PrivilegeName for the Restrictable is null or e
 Privilege.privilegeNull=Privilege may not be null\!
 Privilege.restrictableNull=Restrictable may not be null\!
 Privilege.noprivilege=No Privilege exists with name {0}
+Privilege.noprivilege.role=User {0} does not have the role {1}
 Privilege.noprivilege.user=User {0} does not have the privilege {1}
 Privilege.roleAccessPrivilege.unknownPrivilege=Unhandled privilege {0} for policy {1}
 Privilege.userAccessPrivilege.unknownPrivilege=Unhandled privilege {0} for policy {1}