How to implement menu with user levels ?

My application needs to show menus to five types of different users. For example, Administrator user can see all menus but Gestor user can see just one menu.

login's screen has the code below:

namespace Admin 
{ 
 public partial class Login : System.Web.UI.Page 
 { 
   protected void Page_Load(object sender, EventArgs e)
   {
   } 
   protected void btnLogin_Click(object sender, EventArgs e)
   { 
      DataSet ds = Login.ValidarLogin(txtUserID.Text, txtPassword.Text); 
      DataTable dt = ds.Tables[0]; 
      if (dt.Rows.Count == 0) 
      { messageBox.ShowMessage("Usuário ou Senha incorretos!!");
      } 
      else 
      {  this.Session["UserID"] = dt.Rows[0]["Id"].ToString(); 
         this.Session["UserName"] = dt.Rows[0]["Username"].ToString(); 
         this.Session["Privileges"] = dt.Rows[0]["Permissao"].ToString(); 
         Response.Redirect("Principal.aspx");
      }
    } 
  } 
}

The class that controls and shows the menus is this:

namespace Teach 
{ 
   public partial class UCNavigation : System.Web.UI.UserControl 
   {    
      public Usuario usuario    
      { 
                     get
         { 
            return HttpContext.Current.Session["Usuario"] as             Usuario; }
          set
         {   HttpContext.Current.Session["Usuario"] = value; }
   }
 
   private void Page_Load(object sender, EventArgs e)
   { 
                                             bool Logged = paginaBase.LoggedIn(Session);
      
      if (this.lnkChangePassword.Enabled)
      { 
         this.lnkChangePassword.CssClass = "izq"; 
      }
      else { this.lnkChangePassword.CssClass = "izqDesactivado"; }
 
      Page.ClientScript.RegisterStartupScript(Page.GetType(),       "tttt", "ocultarEnlaces(" + Logged.ToString().ToLower() +       ");", true); this.divLogin.Visible = !Logged;
 
       if (Logged) 
      { 
         if (this.usuario.Permissao == Usuario.Permissoes.Gestor)
         {   
            this.linkListGestor.Visible = false; 
         } 
         
         else if (this.usuario.Permissao == Usuario.Permissoes.Concedente)
         { 
            this.linkListConvenio.Visible = false;
            this.linkListConcedente.Visible = false; 
            this.linkListPagamento.Visible = false; 
            this.linkListMeta.Visible = false; }
            this.lnkHome.CssClass = "izq"; 
            this.lnkLogout.CssClass = "izq"; 
            this.linkListGestor.CssClass = "izqDos";             this.linkListProponente.CssClass = "izqDos";             this.linkListConvenente.CssClass = "izqDos";             this.linkListConvenio.CssClass = "izqDos";             this.linkListConcedente.CssClass = "izqDos";             this.linkListInterveniente.CssClass = "izqDos";             this.linkListFavorecido.CssClass = "izqDos";             this.linkListDesembolso.CssClass = "izqDos";             this.linkListMeta.CssClass = "izqDos";             this.linkListPagamento.CssClass = "izqDos";             this.linkListBemProduzido.CssClass = "izqDos"; 
       }
   } 
   protected override void OnInit(EventArgs e)
   { 
      this.InitializeComponent(); base.OnInit(e);
   } 
 
   private void InitializeComponent() 
   { 
         base.Load += new EventHandler(this.Page_Load); 
   } 
 }
 
}

This class calls another method: 

public static bool LoggedIn(HttpSessionState Session) 
{                          
      bool Result = true; 
      if (Session["UserName"] == null) 
      { Result = false; 
      } 
      if (Session["UserID"] == null) 
      { Result = false; 
      } 
      if (Session["Privileges"] == null) 
      { Result = false; 
      } 
      return Result; 
}
The problem happens in this lines:
if (this.usuario.Permissao == Usuario.Permissoes.Gestor)  
and  
else if (this.usuario.Permissao == Usuario.Permissoes.Concedente)

Source error is :  [NullReferenceException: Object reference not set to an instance of an object.]
Is there a way where I can catch the attribute 'Permissao' combined to user from database and compare it in my logic condition to show the menus to the users?