diff --git a/src/main/java/info/bukova/isspst/dao/jpa/BaseDaoJPA.java b/src/main/java/info/bukova/isspst/dao/jpa/BaseDaoJPA.java
index 8352f0f0..6a3ef5ba 100644
--- a/src/main/java/info/bukova/isspst/dao/jpa/BaseDaoJPA.java
+++ b/src/main/java/info/bukova/isspst/dao/jpa/BaseDaoJPA.java
@@ -33,7 +33,6 @@ public abstract class BaseDaoJPA<T> implements BaseDao<T> {
 	@SuppressWarnings("unchecked")
 	@Override
 	public T getById(int id) {
-		sessionFactory.getCurrentSession().enableFetchProfile("fetch-all");
 		Query q = sessionFactory.getCurrentSession().createQuery("from " + getEntityName() + " e where ID = :id");
 		q.setInteger("id", id);
 		return (T) q.uniqueResult();
diff --git a/src/main/java/info/bukova/isspst/ui/NavigationVM.java b/src/main/java/info/bukova/isspst/ui/NavigationVM.java
new file mode 100644
index 00000000..3a4d927e
--- /dev/null
+++ b/src/main/java/info/bukova/isspst/ui/NavigationVM.java
@@ -0,0 +1,41 @@
+package info.bukova.isspst.ui;
+
+import org.zkoss.bind.annotation.Init;
+import org.zkoss.zk.ui.Executions;
+
+public class NavigationVM {
+	
+	private String contextPath;
+	private String moduleUrl;
+	
+	@Init
+	public void init() {
+		contextPath = Executions.getCurrent().getContextPath();
+		moduleUrl = Executions.getCurrent().getDesktop().getRequestPath();
+	}
+	
+	public String getContextPath() {
+		return contextPath;
+	}
+	
+	public String getModuleUrl() {
+		return moduleUrl;
+	}
+	
+	public boolean isOrders() {
+		return moduleUrl.contains("orders");
+	}
+	
+	public boolean isSettings() {
+		return moduleUrl.contains("settings");
+	}
+	
+	public boolean isAdmin() {
+		return moduleUrl.contains("admin");
+	}
+	
+	public boolean isUser() {
+		return moduleUrl.contains("passwd");
+	}
+
+}
diff --git a/src/main/java/info/bukova/isspst/ui/SecurityHelper.java b/src/main/java/info/bukova/isspst/ui/SecurityHelper.java
new file mode 100644
index 00000000..731cb10a
--- /dev/null
+++ b/src/main/java/info/bukova/isspst/ui/SecurityHelper.java
@@ -0,0 +1,45 @@
+package info.bukova.isspst.ui;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
+
+public class SecurityHelper {
+	
+	public static boolean isAllGranted(String authorities) {
+        if (null == authorities || "".equals(authorities)) {
+            return false;
+        }
+        final Collection<String> granted = getPrincipalAuthorities();
+        boolean isAllGranted = granted.containsAll(parseAuthorities(authorities));
+        return isAllGranted;
+    }
+ 
+    private static Collection<String> parseAuthorities(String authorities) {
+		String[] auth = authorities.split(",");
+		return Arrays.asList(auth);
+	}
+
+	private static Collection<String> getPrincipalAuthorities() {
+        Authentication currentUser = SecurityContextHolder.getContext().getAuthentication();
+        if (null == currentUser) {
+            return Collections.emptyList();
+        }
+        if ((null == currentUser.getAuthorities()) || (currentUser.getAuthorities().isEmpty())) {
+            return Collections.emptyList();
+        }
+        
+        Collection<String> granted = new ArrayList<String>();
+        for (GrantedAuthority a : currentUser.getAuthorities()) {
+        	granted.add(a.getAuthority());
+        }
+        
+        return granted;
+    }
+
+}
diff --git a/src/main/java/info/bukova/isspst/ui/TestVM.java b/src/main/java/info/bukova/isspst/ui/TestVM.java
deleted file mode 100644
index b516c080..00000000
--- a/src/main/java/info/bukova/isspst/ui/TestVM.java
+++ /dev/null
@@ -1,18 +0,0 @@
-package info.bukova.isspst.ui;
-
-import org.zkoss.bind.annotation.Command;
-import org.zkoss.zk.ui.select.annotation.WireVariable;
-
-import info.bukova.isspst.services.UserService;
-
-public class TestVM {
-	
-	@WireVariable
-	private UserService userService;
-	
-	@Command
-	public void test() {
-		userService.test();
-	}
-
-}
diff --git a/src/main/webapp/WEB-INF/security.tld b/src/main/webapp/WEB-INF/security.tld
new file mode 100644
index 00000000..2ac85b0e
--- /dev/null
+++ b/src/main/webapp/WEB-INF/security.tld
@@ -0,0 +1,16 @@
+<taglib>
+    <uri>http://www.zkoss.org/demo/integration/security</uri>
+    <description>
+        Methods and actions for ZK + Spring Security
+    </description>
+ 
+    <function>
+        <name>isAllGranted</name>
+        <function-class>info.bukova.isspst.ui.SecurityHelper</function-class>
+        <function-signature> boolean isAllGranted(java.lang.String authorities)
+        </function-signature>
+        <description>
+            Return true if the authenticated principal is granted authorities of ALL the specified roles.
+        </description>
+    </function>
+</taglib>
\ No newline at end of file
diff --git a/src/main/webapp/admin/test.zul b/src/main/webapp/admin/test.zul
deleted file mode 100644
index 3c408ca0..00000000
--- a/src/main/webapp/admin/test.zul
+++ /dev/null
@@ -1,10 +0,0 @@
-<?page title="Okno" contentType="text/html;charset=UTF-8"?>
-<zk>
-<?variable-resolver class="org.zkoss.zkplus.spring.DelegatingVariableResolver"?>
-<window title="Okno" border="normal" apply="org.zkoss.bind.BindComposer"
-	viewModel="@id('vm') @init('info.bukova.isspst.ui.TestVM')">
-	<label value="Pokus pokus"/>
-	<button label="metoda" onClick="@command('test')"/>
-</window>
-<include src="../app/testApp.zul"/>
-</zk>
\ No newline at end of file
diff --git a/src/main/webapp/admin/users/index.zul b/src/main/webapp/admin/users/index.zul
new file mode 100644
index 00000000..1504c852
--- /dev/null
+++ b/src/main/webapp/admin/users/index.zul
@@ -0,0 +1,10 @@
+<?page title="Uživatelé" contentType="text/html;charset=UTF-8"?>
+<zk>
+
+<zscript>
+	String gridZul = "users.zul";
+</zscript>
+
+<include src="../../app/template.zhtml"/>
+
+</zk>
\ No newline at end of file
diff --git a/src/main/webapp/admin/userForm.zul b/src/main/webapp/admin/users/userForm.zul
similarity index 100%
rename from src/main/webapp/admin/userForm.zul
rename to src/main/webapp/admin/users/userForm.zul
diff --git a/src/main/webapp/admin/users.zul b/src/main/webapp/admin/users/users.zul
similarity index 100%
rename from src/main/webapp/admin/users.zul
rename to src/main/webapp/admin/users/users.zul
diff --git a/src/main/webapp/app/index.zhtml b/src/main/webapp/app/index.zhtml
deleted file mode 100644
index 225ff4fe..00000000
--- a/src/main/webapp/app/index.zhtml
+++ /dev/null
@@ -1,11 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
-<title>Objednávky</title>
-</head>
-<body>
-	aplikace
-</body>
-</html>
\ No newline at end of file
diff --git a/src/main/webapp/app/index.zul b/src/main/webapp/app/index.zul
new file mode 100644
index 00000000..22368533
--- /dev/null
+++ b/src/main/webapp/app/index.zul
@@ -0,0 +1,10 @@
+<?page title="Informace" contentType="text/html;charset=UTF-8"?>
+<zk>
+
+<zscript>
+	String gridZul = "info.zul";
+</zscript>
+
+<include src="template.zhtml"/>
+
+</zk>
\ No newline at end of file
diff --git a/src/main/webapp/app/info.zul b/src/main/webapp/app/info.zul
new file mode 100644
index 00000000..1aca925a
--- /dev/null
+++ b/src/main/webapp/app/info.zul
@@ -0,0 +1,6 @@
+<?page title="Informace" contentType="text/html;charset=UTF-8"?>
+<zk>
+<window title="Informace" border="normal">
+New Content Here!
+</window>
+</zk>
\ No newline at end of file
diff --git a/src/main/webapp/app/navigation.zul b/src/main/webapp/app/navigation.zul
new file mode 100644
index 00000000..33b140ac
--- /dev/null
+++ b/src/main/webapp/app/navigation.zul
@@ -0,0 +1,45 @@
+<?page title="menu" contentType="text/html;charset=UTF-8"?>
+<zk xmlns:n="native">
+<?variable-resolver class="org.zkoss.zkplus.spring.DelegatingVariableResolver"?>
+<?taglib uri="/WEB-INF/security.tld" prefix="sec"?>
+
+<tabbox mold="accordion" apply="org.zkoss.bind.BindComposer"
+	viewModel="@id('vm') @init('info.bukova.isspst.ui.NavigationVM')">
+	<tabs>
+		<tab id="orders" label="Objednávky" selected="@load(vm.orders)"/>
+		<tab id="settings" label="Nastavení" selected="@load(vm.settings)"/>
+		<tab id="admin" label="Administrace" selected="@load(vm.admin)"/>
+		<tab id="user" label="Uživatel" selected="@load(vm.user)"/>
+	</tabs>
+	<tabpanels hflex="1">
+		<tabpanel>
+			<menubar orient="vertical">
+				<menuitem label="Moje" href="/orders/my" width="120px"/>
+				<menuitem label="Ke schválení" href="/orders/approve"/>
+			</menubar>
+		</tabpanel>
+		<tabpanel>
+			<menubar orient="vertical">
+				<menuitem label="E-maily" width="120px"/>
+				<menuitem label="Další"/>
+				<menuitem label="Položka"/>
+			</menubar>
+		</tabpanel>
+		<tabpanel>
+			<menubar orient="vertical">
+				<menuitem label="Uživatelé" href="/admin/users" width="120px"/>
+				<menuitem label="Střediska" href="/admin/users" disabled="${not sec:isAllGranted('ROLE_ADMIN')}"/>
+				<menuitem label="Budovy" href="/admin/users"/>
+				<menuitem label="Místnosti" href="/admin/users"/>
+			</menubar>
+		</tabpanel>
+		<tabpanel>
+			<menubar orient="vertical">
+				<menuitem label="Změnit heslo" width="120px"/>
+				<menuitem label="Odhlásit" href="/j_spring_security_logout"/>
+			</menubar>
+		</tabpanel>
+	</tabpanels>
+</tabbox>
+
+</zk>
\ No newline at end of file
diff --git a/src/main/webapp/app/page.css b/src/main/webapp/app/page.css
new file mode 100644
index 00000000..9996d2b4
--- /dev/null
+++ b/src/main/webapp/app/page.css
@@ -0,0 +1,50 @@
+body {
+    font-family: sans-serif;
+}
+
+#header{
+	width: auto;
+	height:70px;
+	border: 1px solid #ccc;
+	padding:10px;
+}
+
+#leftcolumn{
+	width:140px;
+/*	margin: 20px 20px 20px 0px;*/
+	padding:10px;
+	float: left;
+/*	border: 1px solid #ccc;*/
+}
+
+#navbar{
+	border: 1px solid #ccc;
+}
+
+#maincolumn{
+	padding:10px;
+	margin: 0px 0px 0px 160px;
+	border: 1px solid #ccc;
+}
+
+#footer{
+	clear:both;
+	width:auto;
+	border: 1px solid #ccc;
+}
+/*
+a:link,a:visited {
+   font-size: 12px;
+   color: #0000A0;
+   background-color: #FFFFFF;
+   text-decoration: none;
+   target-new: none;
+}
+
+a:hover {
+   font-size: 12px;
+   color: #0000A0;
+   background-color: #a3d3f8;
+   text-decoration: none;
+   target-new: none;
+}*/
diff --git a/src/main/webapp/app/template.zhtml b/src/main/webapp/app/template.zhtml
new file mode 100644
index 00000000..a1cd3ab8
--- /dev/null
+++ b/src/main/webapp/app/template.zhtml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<html  xmlns="native" xmlns:u="zul" xmlns:zk="zk">
+	<u:style src="/app/page.css"/>
+		
+	<div id="header">
+		hlavicka
+	</div>
+
+	<div id="leftcolumn">
+		<u:include src="/app/navigation.zul"/>
+	</div>
+
+	<div id="maincolumn">
+		<u:include src="${gridZul}"/>
+	</div>
+                
+	<div id="footer">Footer
+
+	</div>
+
+</html>
\ No newline at end of file
diff --git a/src/main/webapp/app/testApp.zul b/src/main/webapp/app/testApp.zul
deleted file mode 100644
index 1dc20114..00000000
--- a/src/main/webapp/app/testApp.zul
+++ /dev/null
@@ -1,6 +0,0 @@
-<?page title="Test" contentType="text/html;charset=UTF-8"?>
-<zk>
-<window title="Test" border="normal">
-New Content Here!
-</window>
-</zk>
\ No newline at end of file
diff --git a/src/main/webapp/index.zul b/src/main/webapp/index.zul
new file mode 100644
index 00000000..a384ef7a
--- /dev/null
+++ b/src/main/webapp/index.zul
@@ -0,0 +1,8 @@
+<?page title="index" contentType="text/html;charset=UTF-8"?>
+<zk>
+
+<zscript>
+	Executions.getCurrent().sendRedirect("app");
+</zscript>
+
+</zk>
\ No newline at end of file