Two options: local priviledge or tacacs+ AAA.
Local example:
priviledge exec level 2 ping
priviledge exec level 2 show config
priveldge exec level 3 debug ip rip
enable secret level 2 ...
enable secret level 3 ...
Log in on one of those level: enable 2 or enable 3
Tacacs+
aaa new-model
tacacs-server host 1.1.1.1
tacacs-server key ...
aaa authorization exec tacacs+
Set up a tacacs+ server.
Hope it helps.
Steve