I plan to have two wireguard and one lan zone.
wg0 = 192.168.150.1-255
wg1 = 192.168.140.1-255
lan = 192.168.120.1-255
I wish to have the possibility to access all devices from wg1 and lan and only access from lan and wg1 to wg0 but not from wg0 to lan and wg1.
How do I have to setup the case in Luci?
For that, on my configuration, I create the 2 wireguard interfaces (seems good for you)
From the router, you need to be able to ping all IP (LAN and to the 2 Wireguard interface), if you can’t, you need to fix it before any other step.
I create a new zone in the firewall (called LAN_WG) where all the Wireguard interface are in and make the rules :
After that, in the “Traffic rules” section, I add 1 rule (adapt if required) :
Forwarded (accept forward), IPv4+IPv6, from any zone IP X.X.X.X, Y.Y.Y.Y to any zone X.X.X.X Y.Y.Y.Y
For you, replace X.X.X.X, Y.Y.Y.Y by 192.168.150.0/24, 192.168.140.0/24, 192.168.120.0/24
Maybe I missed some configuration, but I think it’s a good start.
On my setup, I use BIRD for the routes due to a more complex configuration.
Hope it help you, if you have more questions, ask 
Edit, the tutorial I make for my configuration : Redundant Wireguard Network with Bird and OSPF
Thanks a lot for the advice. I will reset my current settings and try it the next days.
Any sugestion for the wg peers?
currently, I set up e.g. 192.168.120.120/32 and nothing on allowed IP.
According to my tests I got unstable results. In my current settings. Sometimes i had to setup an allowed peer on client, sometimes on client and server and sometimes it seems Im not able to connect a specific ip on lan in any case.
It did not change anything. I tested it with my Synology NAS I could not find It t from a Wireguard device. Also I’m not able to connect from my NAS any wireguard device.
Could it be a Problem that I blocket the NAS from Internet access?
In the trafic rules I blocket resceiving data from WAN and sending data to WAN.
If I ping, I get a destination Net unreachable.