diff --git a/.hgignore b/.hgignore
index 41d9fcd05..f017928d9 100644
--- a/.hgignore
+++ b/.hgignore
@@ -19,3 +19,4 @@ glob:*.orig
 glob:*.suo
 glob:src/Orchard.Web/Modules-temp/*
 glob:*.itrace.csdef
+glob:*.build.csdef
diff --git a/AzurePackage.proj b/AzurePackage.proj
index 202ec1827..1c91317d0 100644
--- a/AzurePackage.proj
+++ b/AzurePackage.proj
@@ -136,7 +136,7 @@
   <Target Name="Package-Stage">
  
     <Exec 
-      Command="&quot;$(ServiceHostingSDKBinDir)cspack&quot; &quot;$(ServiceFolder)\ServiceDefinition.csdef&quot; /role:Orchard.Azure.Web;&quot;$(CloudRootFolder)&quot;;Orchard.Azure.Web.dll /rolePropertiesFile:Orchard.Azure.Web;&quot;$(ServiceFolder)\Properties.txt&quot; /out:&quot;$(StageFolder)\Orchard.Azure.Web.cspkg&quot;" 
+      Command="&quot;$(ServiceHostingSDKBinDir)cspack&quot; &quot;$(ServiceFolder)\ServiceDefinition.build.csdef&quot; /role:Orchard.Azure.Web;&quot;$(CloudRootFolder)&quot;;Orchard.Azure.Web.dll /rolePropertiesFile:Orchard.Azure.Web;&quot;$(ServiceFolder)\Properties.txt&quot; /out:&quot;$(StageFolder)\Orchard.Azure.Web.cspkg&quot;" 
       WorkingDirectory="$(CloudRootFolder)" 
     />
 
diff --git a/src/Orchard.Azure.Tests/App.config b/src/Orchard.Azure.Tests/App.config
index b6e948b4a..61487f367 100644
--- a/src/Orchard.Azure.Tests/App.config
+++ b/src/Orchard.Azure.Tests/App.config
@@ -1,6 +1,6 @@
 <?xml version="1.0"?>
 <configuration>
   <appSettings>
-    <add key="AzureSDK" value="C:\Program Files\Windows Azure SDK\v1.2\"/>
+    <add key="AzureSDK" value="C:\Program Files\Windows Azure SDK\v1.3\"/>
   </appSettings>
 <startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/></startup></configuration>
diff --git a/src/Orchard.Azure.Tests/Orchard.Azure.Tests.csproj b/src/Orchard.Azure.Tests/Orchard.Azure.Tests.csproj
index ecdce0f39..355147332 100644
--- a/src/Orchard.Azure.Tests/Orchard.Azure.Tests.csproj
+++ b/src/Orchard.Azure.Tests/Orchard.Azure.Tests.csproj
@@ -55,7 +55,7 @@
   <ItemGroup>
     <Reference Include="Microsoft.WindowsAzure.Diagnostics, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" />
     <Reference Include="Microsoft.WindowsAzure.ServiceRuntime, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" />
-    <Reference Include="Microsoft.WindowsAzure.StorageClient, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" />
+    <Reference Include="Microsoft.WindowsAzure.StorageClient, Version=1.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" />
     <Reference Include="Moq, Version=4.0.812.4, Culture=neutral, PublicKeyToken=69f491c39445e920, processorArchitecture=MSIL">
       <SpecificVersion>False</SpecificVersion>
       <HintPath>..\..\lib\moq\Moq.dll</HintPath>
diff --git a/src/Orchard.Azure/Orchard.Azure.CloudService/Orchard.Azure.CloudService.ccproj b/src/Orchard.Azure/Orchard.Azure.CloudService/Orchard.Azure.CloudService.ccproj
index f6cce926d..4d2726fc6 100644
--- a/src/Orchard.Azure/Orchard.Azure.CloudService/Orchard.Azure.CloudService.ccproj
+++ b/src/Orchard.Azure/Orchard.Azure.CloudService/Orchard.Azure.CloudService.ccproj
@@ -3,7 +3,7 @@
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
     <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
-    <ProductVersion>1.0.0</ProductVersion>
+    <ProductVersion>1.3.0</ProductVersion>
     <ProjectGuid>{03c5327d-4e8e-45a7-acd1-e18e7caa3c4a}</ProjectGuid>
     <OutputType>Library</OutputType>
     <AppDesignerFolder>Properties</AppDesignerFolder>
diff --git a/src/Orchard.Azure/Orchard.Azure.CloudService/ServiceDefinition.csdef b/src/Orchard.Azure/Orchard.Azure.CloudService/ServiceDefinition.csdef
index c1f66c33a..fb41cf303 100644
--- a/src/Orchard.Azure/Orchard.Azure.CloudService/ServiceDefinition.csdef
+++ b/src/Orchard.Azure/Orchard.Azure.CloudService/ServiceDefinition.csdef
@@ -1,12 +1,19 @@
 <?xml version="1.0" encoding="utf-8"?>
 <ServiceDefinition name="OrchardCloudService" xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceDefinition">
   <WebRole name="Orchard.Azure.Web">
-    <InputEndpoints>
-      <InputEndpoint name="HttpIn" protocol="http" port="80" />
-    </InputEndpoints>
+    <Sites>
+      <Site name="Web">
+        <Bindings>
+          <Binding name="HttpIn" endpointName="HttpIn" />
+        </Bindings>
+      </Site>
+    </Sites>
     <ConfigurationSettings>
       <Setting name="DiagnosticsConnectionString" />
       <Setting name="DataConnectionString" />
     </ConfigurationSettings>
+    <Endpoints>
+      <InputEndpoint name="HttpIn" protocol="http" port="80" />
+    </Endpoints>
   </WebRole>
 </ServiceDefinition>
\ No newline at end of file
diff --git a/src/Orchard.Azure/Orchard.Azure.Web/Config/Diagnostics.config b/src/Orchard.Azure/Orchard.Azure.Web/Config/Diagnostics.config
deleted file mode 100644
index 9fa5b157a..000000000
--- a/src/Orchard.Azure/Orchard.Azure.Web/Config/Diagnostics.config
+++ /dev/null
@@ -1,22 +0,0 @@
-<system.diagnostics>
-  <sources>
-    <source name="Default" switchValue="Verbose">
-      <listeners>
-        <add name="AzureDiagnostics" />
-      </listeners>
-    </source>
-    <source name="Orchard.Localization" switchValue="Verbose">
-      <listeners>
-        <add name="AzureDiagnostics" />
-      </listeners>
-    </source>
-    <source name="Orchard.Data.SessionLocator" switchValue="Verbose">
-      <listeners>
-        <add name="AzureDiagnostics" />
-      </listeners>
-    </source>
-  </sources>
-  <sharedListeners>
-    <add name="AzureDiagnostics" type="Microsoft.WindowsAzure.Diagnostics.DiagnosticMonitorTraceListener, Microsoft.WindowsAzure.Diagnostics, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
-  </sharedListeners>
-</system.diagnostics>
diff --git a/src/Orchard.Azure/Orchard.Azure.Web/Config/log4net.config b/src/Orchard.Azure/Orchard.Azure.Web/Config/log4net.config
new file mode 100644
index 000000000..7b1b9b36c
--- /dev/null
+++ b/src/Orchard.Azure/Orchard.Azure.Web/Config/log4net.config
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<log4net>
+  <root>
+    <!-- Value of priority may be ALL, DEBUG, INFO, WARN, ERROR, FATAL, OFF -->
+    <priority value="WARN" />
+    <appender-ref ref="RollingLogFileAppender" />
+  </root>
+
+  <logger name="Orchard.Localization">
+    <priority value="WARN" />
+    <appender-ref ref="RollingLogFileAppender" />
+  </logger>
+
+  <logger name="Orchard.Data.SessionLocator">
+    <priority value="INFO" />
+    <appender-ref ref="RollingLogFileAppender" />
+  </logger>
+
+  <appender name="RollingLogFileAppender" type="log4net.Appender.RollingFileAppender">
+    <file value="App_Data/Logs/orchard-debug.txt" />
+    <appendToFile value="true" />
+    <immediateFlush value="true" />
+
+    <layout type="log4net.Layout.PatternLayout">
+      <conversionPattern value="%logger - %message%newline" />
+    </layout>
+  </appender>
+</log4net>
diff --git a/src/Orchard.Azure/Orchard.Azure.Web/Orchard.Azure.Web.csproj b/src/Orchard.Azure/Orchard.Azure.Web/Orchard.Azure.Web.csproj
index 1fc26a0e5..fa2d89e80 100644
--- a/src/Orchard.Azure/Orchard.Azure.Web/Orchard.Azure.Web.csproj
+++ b/src/Orchard.Azure/Orchard.Azure.Web/Orchard.Azure.Web.csproj
@@ -50,11 +50,15 @@
     <Reference Include="Autofac.Integration.Web.Mvc">
       <HintPath>..\..\..\lib\autofac\Autofac.Integration.Web.Mvc.dll</HintPath>
     </Reference>
+    <Reference Include="Microsoft.Web.Infrastructure, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <SpecificVersion>False</SpecificVersion>
+      <HintPath>..\..\..\lib\aspnetmvc\Microsoft.Web.Infrastructure.dll</HintPath>
+    </Reference>
     <Reference Include="Microsoft.WindowsAzure.Diagnostics, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" />
     <Reference Include="Microsoft.WindowsAzure.ServiceRuntime, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <Private>False</Private>
     </Reference>
-    <Reference Include="Microsoft.WindowsAzure.StorageClient, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" />
+    <Reference Include="Microsoft.WindowsAzure.StorageClient, Version=1.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" />
     <Reference Include="NHibernate.ByteCode.Castle">
       <HintPath>..\..\..\lib\fluentnhibernate\NHibernate.ByteCode.Castle.dll</HintPath>
     </Reference>
@@ -71,11 +75,7 @@
     <Reference Include="System.Data.DataSetExtensions">
       <Private>False</Private>
     </Reference>
-    <Reference Include="System.Data.SqlServerCe, Version=3.5.1.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91, processorArchitecture=MSIL">
-      <SpecificVersion>False</SpecificVersion>
-      <HintPath>..\..\..\lib\sqlce\System.Data.SqlServerCe.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
+    <Reference Include="System.Data.SqlServerCe, Version=3.5.1.0, PublicKeyToken=89845dcd8080cc91" />
     <Reference Include="System.Web.ApplicationServices">
       <Private>False</Private>
     </Reference>
@@ -96,9 +96,6 @@
       <HintPath>..\..\..\lib\aspnetmvc\System.Web.Mvc.dll</HintPath>
       <Private>True</Private>
     </Reference>
-    <Reference Include="System.Drawing">
-      <Private>False</Private>
-    </Reference>
     <Reference Include="System.Web">
       <Private>False</Private>
     </Reference>
@@ -154,11 +151,6 @@
     <Content Include="Default.aspx" />
     <Content Include="Global.asax" />
   </ItemGroup>
-  <ItemGroup>
-    <Content Include="Config\Diagnostics.config">
-      <SubType>Designer</SubType>
-    </Content>
-  </ItemGroup>
   <ItemGroup>
     <Content Include="Config\Host.config">
       <SubType>Designer</SubType>
@@ -172,10 +164,6 @@
       <Project>{9916839C-39FC-4CEB-A5AF-89CA7E87119F}</Project>
       <Name>Orchard.Core</Name>
     </ProjectReference>
-    <ProjectReference Include="..\..\Orchard.Web\Modules\Lucene\Lucene.csproj">
-      <Project>{D5D447D7-EF8E-43A6-B9A4-3B025DD9F45D}</Project>
-      <Name>Lucene</Name>
-    </ProjectReference>
     <ProjectReference Include="..\..\Orchard.Web\Modules\Orchard.ArchiveLater\Orchard.ArchiveLater.csproj">
       <Project>{1C981BB3-26F7-494C-9005-CC27A5144233}</Project>
       <Name>Orchard.ArchiveLater</Name>
@@ -313,14 +301,7 @@
     </Content>
   </ItemGroup>
   <ItemGroup>
-    <Content Include="Web.Debug.config">
-      <DependentUpon>Web.config</DependentUpon>
-    </Content>
-  </ItemGroup>
-  <ItemGroup>
-    <Content Include="Web.Release.config">
-      <DependentUpon>Web.config</DependentUpon>
-    </Content>
+    <Content Include="Config\log4net.config" />
   </ItemGroup>
   <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
   <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" />
diff --git a/src/Orchard.Azure/Orchard.Azure.Web/Web.Debug.config b/src/Orchard.Azure/Orchard.Azure.Web/Web.Debug.config
deleted file mode 100644
index a8eacfd77..000000000
--- a/src/Orchard.Azure/Orchard.Azure.Web/Web.Debug.config
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0"?>
-
-<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
-  <system.web.extensions xdt:Transform="Remove" />
-</configuration>
\ No newline at end of file
diff --git a/src/Orchard.Azure/Orchard.Azure.Web/Web.Release.config b/src/Orchard.Azure/Orchard.Azure.Web/Web.Release.config
deleted file mode 100644
index a8eacfd77..000000000
--- a/src/Orchard.Azure/Orchard.Azure.Web/Web.Release.config
+++ /dev/null
@@ -1,5 +0,0 @@
-<?xml version="1.0"?>
-
-<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
-  <system.web.extensions xdt:Transform="Remove" />
-</configuration>
\ No newline at end of file
diff --git a/src/Orchard.Azure/Orchard.Azure.Web/Web.config b/src/Orchard.Azure/Orchard.Azure.Web/Web.config
index f84174283..92583c3f9 100644
--- a/src/Orchard.Azure/Orchard.Azure.Web/Web.config
+++ b/src/Orchard.Azure/Orchard.Azure.Web/Web.config
@@ -1,4 +1,4 @@
-<?xml version="1.0"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!-- 
     Note: As an alternative to hand editing this file you can use the 
     web admin tool to configure settings for your application. Use
@@ -13,9 +13,14 @@
       <section name="host" type="System.Web.WebPages.Razor.Configuration.HostSection, System.Web.WebPages.Razor" requirePermission="false" />
       <section name="pages" type="System.Web.WebPages.Razor.Configuration.RazorPagesSection, System.Web.WebPages.Razor" requirePermission="false" />
     </sectionGroup>
+
+    <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler, log4net" requirePermission="false" />
   </configSections>
 
-  <system.diagnostics configSource="Config\Diagnostics.config"/>
+  <appSettings>
+    <add key="webpages:Enabled" value="false" />
+    <add key="log4net.Config" value="Config\log4net.config" />
+  </appSettings>
 
   <system.web.webPages.razor>
     <host factoryType="System.Web.Mvc.MvcWebRazorHostFactory, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
@@ -25,9 +30,9 @@
         <add namespace="System.Web.Mvc.Ajax" />
         <add namespace="System.Web.Mvc.Html" />
         <add namespace="System.Web.Routing" />
-        <add namespace="System.Linq"/>
-        <add namespace="System.Collections.Generic"/>
-        <add namespace="Orchard.Mvc.Html"/>
+        <add namespace="System.Linq" />
+        <add namespace="System.Collections.Generic" />
+        <add namespace="Orchard.Mvc.Html" />
       </namespaces>
     </pages>
   </system.web.webPages.razor>
@@ -37,7 +42,7 @@
         is easier (default timeout is less than one minute)
   -->
   <system.transactions>
-    <defaultSettings timeout="00:30:00"/>
+    <defaultSettings timeout="00:30:00" />
   </system.transactions>
   <system.web>
 
@@ -50,13 +55,13 @@
     -->
     <compilation debug="true" targetFramework="4.0">
       <buildProviders>
-        <add extension=".csproj" type="Orchard.Environment.Extensions.Compilers.CSharpExtensionBuildProviderShim"/>
+        <add extension=".csproj" type="Orchard.Environment.Extensions.Compilers.CSharpExtensionBuildProviderShim" />
       </buildProviders>
       <assemblies>
-        <add assembly="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"/>
-        <add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"/>
-        <add assembly="System.Web.Routing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"/>
-        <add assembly="System.Data.Linq, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
+        <add assembly="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" />
+        <add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" />
+        <add assembly="System.Web.Routing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" />
+        <add assembly="System.Data.Linq, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
         <remove assembly="mscorlib" />
         <remove assembly="System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
         <remove assembly="System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
@@ -69,11 +74,11 @@
         <remove assembly="System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
         <remove assembly="System.Runtime.Serialization, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
         <remove assembly="System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
-        <remove assembly="System.ServiceModel.Activation, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
-        <remove assembly="System.ServiceModel.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
-        <remove assembly="System.Activities, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
-        <remove assembly="System.ServiceModel.Activities, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
-        <remove assembly="System.WorkflowServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
+        <remove assembly="System.ServiceModel.Activation, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
+        <remove assembly="System.ServiceModel.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
+        <remove assembly="System.Activities, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
+        <remove assembly="System.ServiceModel.Activities, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
+        <remove assembly="System.WorkflowServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
         <remove assembly="System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
         <remove assembly="System.Data.DataSetExtensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
         <remove assembly="System.Web.ApplicationServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
@@ -85,7 +90,7 @@
             ASP.NET to identify an incoming user. 
     -->
     <authentication mode="Forms">
-      <forms loginUrl="~/Users/Account/AccessDenied" timeout="2880"/>
+      <forms loginUrl="~/Users/Account/AccessDenied" timeout="2880" />
     </authentication>
 
     <!--
@@ -98,45 +103,46 @@
     <customErrors mode="Off" />
     <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID">
       <namespaces>
-        <add namespace="System.Web.Mvc"/>
-        <add namespace="System.Web.Mvc.Ajax"/>
-        <add namespace="System.Web.Mvc.Html"/>
-        <add namespace="System.Web.Routing"/>
-        <add namespace="System.Linq"/>
-        <add namespace="System.Collections.Generic"/>
-        <add namespace="Orchard.Mvc.Html"/>
+        <add namespace="System.Web.Mvc" />
+        <add namespace="System.Web.Mvc.Ajax" />
+        <add namespace="System.Web.Mvc.Html" />
+        <add namespace="System.Web.Routing" />
+        <add namespace="System.Linq" />
+        <add namespace="System.Collections.Generic" />
+        <add namespace="Orchard.Mvc.Html" />
       </namespaces>
     </pages>
+    
     <httpHandlers>
       <!-- see below -->
       <clear />
       <add path="default.aspx" verb="*" type="System.Web.UI.PageHandlerFactory" validate="true" />
-      <add path="*" verb="*" type="System.Web.HttpNotFoundHandler"/>
+      <add path="*" verb="*" type="System.Web.HttpNotFoundHandler" />
 
     </httpHandlers>
   </system.web>
-  <system.web.extensions/>
   <!-- 
         The system.webServer section is required for running ASP.NET AJAX under Internet
         Information Services 7.0.  It is not necessary for previous version of IIS.
   -->
   <system.webServer>
-    <validation validateIntegratedModeConfiguration="false"/>
+    
+    <validation validateIntegratedModeConfiguration="false" />
     <modules runAllManagedModulesForAllRequests="true" />
     <handlers accessPolicy="Script">
       <!-- clear all handlers, prevents executing code file extensions, prevents returning any file contents -->
-      <clear/>
+      <clear />
       <!-- Return 404 for all requests via managed handler. The url routing handler will substitute the mvc request handler when routes match. -->
-      <add name="Default" path="default.aspx" verb="*" type="System.Web.UI.PageHandlerFactory" preCondition="integratedMode" requireAccess="Script"/>
-      <add name="NotFound" path="*" verb="*" type="System.Web.HttpNotFoundHandler" preCondition="integratedMode" requireAccess="Script"/>
+      <add name="Default" path="default.aspx" verb="*" type="System.Web.UI.PageHandlerFactory" preCondition="integratedMode" requireAccess="Script" />
+      <add name="NotFound" path="*" verb="*" type="System.Web.HttpNotFoundHandler" preCondition="integratedMode" requireAccess="Script" />
     </handlers>
   </system.webServer>
   <runtime>
     <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
-      <probing privatePath="App_Data/Dependencies"/>
+      <probing privatePath="App_Data/Dependencies" />
       <dependentAssembly>
-        <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35"/>
-        <bindingRedirect  oldVersion="2.0.0.0" newVersion="3.0.0.0"/>
+        <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
+        <bindingRedirect oldVersion="2.0.0.0" newVersion="3.0.0.0" />
       </dependentAssembly>
     </assemblyBinding>
   </runtime>
diff --git a/src/Orchard.Azure/Orchard.Azure.csproj b/src/Orchard.Azure/Orchard.Azure.csproj
index b70945429..01dd0d140 100644
--- a/src/Orchard.Azure/Orchard.Azure.csproj
+++ b/src/Orchard.Azure/Orchard.Azure.csproj
@@ -54,7 +54,7 @@
   </PropertyGroup>
   <ItemGroup>
     <Reference Include="Microsoft.WindowsAzure.ServiceRuntime, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" />
-    <Reference Include="Microsoft.WindowsAzure.StorageClient, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" />
+    <Reference Include="Microsoft.WindowsAzure.StorageClient, Version=1.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" />
     <Reference Include="System" />
     <Reference Include="System.Core">
       <RequiredTargetFramework>3.5</RequiredTargetFramework>
diff --git a/src/Orchard.Specs/Bindings/ContentRights.cs b/src/Orchard.Specs/Bindings/ContentRights.cs
index d796d2b09..75b5291b8 100644
--- a/src/Orchard.Specs/Bindings/ContentRights.cs
+++ b/src/Orchard.Specs/Bindings/ContentRights.cs
@@ -94,11 +94,11 @@ namespace Orchard.Specs.Bindings {
         private static Permission GetPermissionForAction(string action) {
             switch ( action ) {
                 case "publish":
-                    return Permissions.PublishContent;
+                    return Permissions.PublishOthersContent;
                 case "edit":
-                    return Permissions.EditContent;
+                    return Permissions.EditOthersContent;
                 case "delete":
-                    return Permissions.DeleteContent;
+                    return Permissions.DeleteOthersContent;
                 default:
                     return null;
             }
diff --git a/src/Orchard.Web/Config/log4net.config b/src/Orchard.Web/Config/log4net.config
index 7b1b9b36c..2e6d55f12 100644
--- a/src/Orchard.Web/Config/log4net.config
+++ b/src/Orchard.Web/Config/log4net.config
@@ -17,12 +17,16 @@
   </logger>
 
   <appender name="RollingLogFileAppender" type="log4net.Appender.RollingFileAppender">
-    <file value="App_Data/Logs/orchard-debug.txt" />
+    <file value="App_Data/Logs/orchard-debug-" />
     <appendToFile value="true" />
     <immediateFlush value="true" />
 
+    <staticLogFileName value="false" />
+    <rollingStyle value="Date" />
+    <datepattern value="dd.MM.yyyy-hh_mm_ss.fff'.log'" />
+
     <layout type="log4net.Layout.PatternLayout">
-      <conversionPattern value="%logger - %message%newline" />
+      <conversionPattern value="%date [%thread] %logger - %message%newline" />
     </layout>
   </appender>
 </log4net>
diff --git a/src/Orchard.Web/Core/Contents/Controllers/AdminController.cs b/src/Orchard.Web/Core/Contents/Controllers/AdminController.cs
index e2824ee73..38f46d9e7 100644
--- a/src/Orchard.Web/Core/Contents/Controllers/AdminController.cs
+++ b/src/Orchard.Web/Core/Contents/Controllers/AdminController.cs
@@ -132,7 +132,7 @@ namespace Orchard.Core.Contents.Controllers {
                         break;
                     case ContentsBulkAction.PublishNow:
                         foreach (var item in itemIds.Select(itemId => _contentManager.GetLatest(itemId))) {
-                            if (!accessChecked && !Services.Authorizer.Authorize(Permissions.PublishContent, item, T("Couldn't publish selected content.")))
+                            if (!accessChecked && !Services.Authorizer.Authorize(Permissions.PublishOthersContent, item, T("Couldn't publish selected content.")))
                                 return new HttpUnauthorizedResult();
 
                             accessChecked = true;
@@ -143,7 +143,7 @@ namespace Orchard.Core.Contents.Controllers {
                         break;
                     case ContentsBulkAction.Unpublish:
                         foreach (var item in itemIds.Select(itemId => _contentManager.GetLatest(itemId))) {
-                            if (!accessChecked && !Services.Authorizer.Authorize(Permissions.PublishContent, item, T("Couldn't unpublish selected content.")))
+                            if (!accessChecked && !Services.Authorizer.Authorize(Permissions.PublishOthersContent, item, T("Couldn't unpublish selected content.")))
                                 return new HttpUnauthorizedResult();
 
                             accessChecked = true;
@@ -154,7 +154,7 @@ namespace Orchard.Core.Contents.Controllers {
                         break;
                     case ContentsBulkAction.Remove:
                         foreach (var item in itemIds.Select(itemId => _contentManager.GetLatest(itemId))) {
-                            if (!accessChecked && !Services.Authorizer.Authorize(Permissions.DeleteContent, item, T("Couldn't remove selected content.")))
+                            if (!accessChecked && !Services.Authorizer.Authorize(Permissions.DeleteOthersContent, item, T("Couldn't remove selected content.")))
                                 return new HttpUnauthorizedResult();
 
                             accessChecked = true;
@@ -187,7 +187,7 @@ namespace Orchard.Core.Contents.Controllers {
 
             var contentItem = _contentManager.New(id);
 
-            if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Cannot create content")))
+            if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Cannot create content")))
                 return new HttpUnauthorizedResult();
 
             dynamic model = _contentManager.BuildEditor(contentItem);
@@ -213,7 +213,7 @@ namespace Orchard.Core.Contents.Controllers {
         private ActionResult CreatePOST(string id, Action<ContentItem> conditionallyPublish) {
             var contentItem = _contentManager.New(id);
 
-            if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Couldn't create content")))
+            if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Couldn't create content")))
                 return new HttpUnauthorizedResult();
 
             _contentManager.Create(contentItem, VersionOptions.Draft);
@@ -239,7 +239,7 @@ namespace Orchard.Core.Contents.Controllers {
             if (contentItem == null)
                 return HttpNotFound();
 
-            if (!Services.Authorizer.Authorize(Permissions.EditContent, contentItem, T("Cannot edit content")))
+            if (!Services.Authorizer.Authorize(Permissions.EditOthersContent, contentItem, T("Cannot edit content")))
                 return new HttpUnauthorizedResult();
 
             dynamic model = _contentManager.BuildEditor(contentItem);
@@ -268,7 +268,7 @@ namespace Orchard.Core.Contents.Controllers {
             if (contentItem == null)
                 return HttpNotFound();
 
-            if (!Services.Authorizer.Authorize(Permissions.EditContent, contentItem, T("Couldn't edit content")))
+            if (!Services.Authorizer.Authorize(Permissions.EditOthersContent, contentItem, T("Couldn't edit content")))
                 return new HttpUnauthorizedResult();
 
             dynamic model = _contentManager.UpdateEditor(contentItem, this);
@@ -293,7 +293,7 @@ namespace Orchard.Core.Contents.Controllers {
         public ActionResult Remove(int id, string returnUrl) {
             var contentItem = _contentManager.Get(id, VersionOptions.Latest);
 
-            if (!Services.Authorizer.Authorize(Permissions.DeleteContent, contentItem, T("Couldn't remove content")))
+            if (!Services.Authorizer.Authorize(Permissions.DeleteOthersContent, contentItem, T("Couldn't remove content")))
                 return new HttpUnauthorizedResult();
 
             if (contentItem != null) {
@@ -315,7 +315,7 @@ namespace Orchard.Core.Contents.Controllers {
             if (contentItem == null)
                 return HttpNotFound();
 
-            if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Couldn't publish content")))
+            if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Couldn't publish content")))
                 return new HttpUnauthorizedResult();
 
             _contentManager.Publish(contentItem);
@@ -334,7 +334,7 @@ namespace Orchard.Core.Contents.Controllers {
             if (contentItem == null)
                 return HttpNotFound();
 
-            if (!Services.Authorizer.Authorize(Permissions.PublishContent, contentItem, T("Couldn't unpublish content")))
+            if (!Services.Authorizer.Authorize(Permissions.PublishOthersContent, contentItem, T("Couldn't unpublish content")))
                 return new HttpUnauthorizedResult();
 
             _contentManager.Unpublish(contentItem);
diff --git a/src/Orchard.Web/Core/Contents/DynamicPermissions.cs b/src/Orchard.Web/Core/Contents/DynamicPermissions.cs
index b1f42d39f..41ab490f7 100644
--- a/src/Orchard.Web/Core/Contents/DynamicPermissions.cs
+++ b/src/Orchard.Web/Core/Contents/DynamicPermissions.cs
@@ -9,19 +9,19 @@ using Orchard.Security.Permissions;
 
 namespace Orchard.Core.Contents {
     public class DynamicPermissions : IPermissionProvider {
-        private static readonly Permission PublishContent = new Permission { Description = "Publish or unpublish {0} for others", Name = "Publish_{0}", ImpliedBy = new[] { Permissions.PublishContent } };
+        private static readonly Permission PublishContent = new Permission { Description = "Publish or unpublish {0} for others", Name = "Publish_{0}", ImpliedBy = new[] { Permissions.PublishOthersContent } };
         private static readonly Permission PublishOwnContent = new Permission { Description = "Publish or unpublish {0}", Name = "PublishOwn_{0}", ImpliedBy = new[] { PublishContent, Permissions.PublishOwnContent } };
-        private static readonly Permission EditContent = new Permission { Description = "Edit {0} for others", Name = "Edit_{0}", ImpliedBy = new[] { PublishContent, Permissions.PublishContent } };
+        private static readonly Permission EditContent = new Permission { Description = "Edit {0} for others", Name = "Edit_{0}", ImpliedBy = new[] { PublishContent, Permissions.PublishOthersContent } };
         private static readonly Permission EditOwnContent = new Permission { Description = "Edit {0}", Name = "EditOwn_{0}", ImpliedBy = new[] { EditContent, PublishOwnContent, Permissions.EditOwnContent } };
-        private static readonly Permission DeleteContent = new Permission { Description = "Delete {0} for others", Name = "Delete_{0}", ImpliedBy = new[] { Permissions.DeleteContent } };
+        private static readonly Permission DeleteContent = new Permission { Description = "Delete {0} for others", Name = "Delete_{0}", ImpliedBy = new[] { Permissions.DeleteOthersContent } };
         private static readonly Permission DeleteOwnContent = new Permission { Description = "Delete {0}", Name = "DeleteOwn_{0}", ImpliedBy = new[] { DeleteContent, Permissions.DeleteOwnContent } };
 
         public static readonly Dictionary<string, Permission> PermissionTemplates = new Dictionary<string, Permission> {
-            {Permissions.PublishContent.Name, PublishContent},
+            {Permissions.PublishOthersContent.Name, PublishContent},
             {Permissions.PublishOwnContent.Name, PublishOwnContent},
-            {Permissions.EditContent.Name, EditContent},
+            {Permissions.EditOthersContent.Name, EditContent},
             {Permissions.EditOwnContent.Name, EditOwnContent},
-            {Permissions.DeleteContent.Name, DeleteContent},
+            {Permissions.DeleteOthersContent.Name, DeleteContent},
             {Permissions.DeleteOwnContent.Name, DeleteOwnContent}
         };
 
diff --git a/src/Orchard.Web/Core/Contents/Permissions.cs b/src/Orchard.Web/Core/Contents/Permissions.cs
index 469c0f84a..139ba1cad 100644
--- a/src/Orchard.Web/Core/Contents/Permissions.cs
+++ b/src/Orchard.Web/Core/Contents/Permissions.cs
@@ -4,12 +4,12 @@ using Orchard.Security.Permissions;
 
 namespace Orchard.Core.Contents {
     public class Permissions : IPermissionProvider {
-        public static readonly Permission PublishContent = new Permission { Description = "Publish or unpublish content for others", Name = "PublishContent" };
-        public static readonly Permission PublishOwnContent = new Permission { Description = "Publish or unpublish content", Name = "PublishOwnContent", ImpliedBy = new[] { PublishContent } };
-        public static readonly Permission EditContent = new Permission { Description = "Edit content for others", Name = "EditContent", ImpliedBy = new[] { PublishContent } };
-        public static readonly Permission EditOwnContent = new Permission { Description = "Edit content", Name = "EditOwnContent", ImpliedBy = new[] { EditContent, PublishOwnContent } };
-        public static readonly Permission DeleteContent = new Permission { Description = "Delete content for others", Name = "DeleteContent" };
-        public static readonly Permission DeleteOwnContent = new Permission { Description = "Delete content", Name = "DeleteOwnContent", ImpliedBy = new[] { DeleteContent } };
+        public static readonly Permission PublishOthersContent = new Permission { Description = "Publish or unpublish content for others", Name = "PublishOthersContent" };
+        public static readonly Permission PublishOwnContent = new Permission { Description = "Publish or unpublish own content", Name = "PublishOwnContent", ImpliedBy = new[] { PublishOthersContent } };
+        public static readonly Permission EditOthersContent = new Permission { Description = "Edit content for others", Name = "EditOthersContent", ImpliedBy = new[] { PublishOthersContent } };
+        public static readonly Permission EditOwnContent = new Permission { Description = "Edit own content", Name = "EditOwnContent", ImpliedBy = new[] { EditOthersContent, PublishOwnContent } };
+        public static readonly Permission DeleteOthersContent = new Permission { Description = "Delete content for others", Name = "DeleteOthersContent" };
+        public static readonly Permission DeleteOwnContent = new Permission { Description = "Delete own content", Name = "DeleteOwnContent", ImpliedBy = new[] { DeleteOthersContent } };
 
         public static readonly Permission MetaListContent = new Permission { ImpliedBy = new[] { EditOwnContent, PublishOwnContent, DeleteOwnContent } };
 
@@ -18,11 +18,11 @@ namespace Orchard.Core.Contents {
         public IEnumerable<Permission> GetPermissions() {
             return new [] {
                 EditOwnContent,
-                EditContent,
+                EditOthersContent,
                 PublishOwnContent,
-                PublishContent,
+                PublishOthersContent,
                 DeleteOwnContent,
-                DeleteContent,
+                DeleteOthersContent,
             };
         }
 
@@ -30,15 +30,14 @@ namespace Orchard.Core.Contents {
             return new[] {
                 new PermissionStereotype {
                     Name = "Administrator",
-                    Permissions = new[] {PublishContent,EditContent,DeleteContent}
+                    Permissions = new[] {PublishOthersContent,EditOthersContent,DeleteOthersContent}
                 },
                 new PermissionStereotype {
                     Name = "Editor",
-                    Permissions = new[] {PublishContent,EditContent,DeleteContent}
+                    Permissions = new[] {PublishOthersContent,EditOthersContent,DeleteOthersContent}
                 },
                 new PermissionStereotype {
                     Name = "Moderator",
-                    //Permissions = new[] {}
                 },
                 new PermissionStereotype {
                     Name = "Author",
diff --git a/src/Orchard.Web/Core/Contents/Security/AuthorizationEventHandler.cs b/src/Orchard.Web/Core/Contents/Security/AuthorizationEventHandler.cs
index 187fbde3f..af03f52eb 100644
--- a/src/Orchard.Web/Core/Contents/Security/AuthorizationEventHandler.cs
+++ b/src/Orchard.Web/Core/Contents/Security/AuthorizationEventHandler.cs
@@ -54,11 +54,11 @@ namespace Orchard.Core.Contents.Security
         }
 
         private static Permission GetOwnerVariation(Permission permission) {
-            if (permission.Name == Permissions.PublishContent.Name)
+            if (permission.Name == Permissions.PublishOthersContent.Name)
                 return Permissions.PublishOwnContent;
-            if (permission.Name == Permissions.EditContent.Name)
+            if (permission.Name == Permissions.EditOthersContent.Name)
                 return Permissions.EditOwnContent;
-            if (permission.Name == Permissions.DeleteContent.Name)
+            if (permission.Name == Permissions.DeleteOthersContent.Name)
                 return Permissions.DeleteOwnContent;
             return null;
         }
diff --git a/src/Orchard.Web/Core/Contents/Views/Content.ControlWrapper.cshtml b/src/Orchard.Web/Core/Contents/Views/Content.ControlWrapper.cshtml
index c34821b5b..ae070a131 100644
--- a/src/Orchard.Web/Core/Contents/Views/Content.ControlWrapper.cshtml
+++ b/src/Orchard.Web/Core/Contents/Views/Content.ControlWrapper.cshtml
@@ -1,6 +1,6 @@
 @using Orchard.ContentManagement;
 @using Orchard.Core.Contents;
-@if (AuthorizedFor(Permissions.EditContent)) {
+@if (AuthorizedFor(Permissions.EditOthersContent)) {
     <div class="content-control">
         <div class="manage-actions">@Html.ItemEditLinkWithReturnUrl(T("Edit").Text, (ContentItem)Model.ContentItem)</div>
     @Display(Model.Child)
diff --git a/src/Orchard.Web/Core/Orchard.Core.csproj b/src/Orchard.Web/Core/Orchard.Core.csproj
index 199359caf..9c545f68a 100644
--- a/src/Orchard.Web/Core/Orchard.Core.csproj
+++ b/src/Orchard.Web/Core/Orchard.Core.csproj
@@ -196,7 +196,6 @@
     <Compile Include="Settings\Metadata\Records\ContentTypeDefinitionRecord.cs" />
     <Compile Include="Settings\Metadata\Records\ContentTypePartDefinitionRecord.cs" />
     <Compile Include="Settings\Models\SiteSettingsPartRecord.cs" />
-    <Compile Include="Settings\Permissions.cs" />
     <Compile Include="Settings\State\Records\ShellFeatureStateRecord.cs" />
     <Compile Include="Settings\State\Records\ShellStateRecord.cs" />
     <Compile Include="Settings\State\ShellStateManager.cs" />
diff --git a/src/Orchard.Web/Core/Settings/AdminMenu.cs b/src/Orchard.Web/Core/Settings/AdminMenu.cs
index 47739af01..ff81c53b3 100644
--- a/src/Orchard.Web/Core/Settings/AdminMenu.cs
+++ b/src/Orchard.Web/Core/Settings/AdminMenu.cs
@@ -1,4 +1,5 @@
 using Orchard.Localization;
+using Orchard.Security;
 using Orchard.UI.Navigation;
 
 namespace Orchard.Core.Settings {
@@ -9,7 +10,7 @@ namespace Orchard.Core.Settings {
         public void GetNavigation(NavigationBuilder builder) {
             builder.Add(T("Configuration"), "50",
                 menu => menu.Add(T("Settings"), "10", item => item.Action("Index", "Admin", new { area = "Settings" })
-                    .Permission(Permissions.ManageSettings)));
+                    .Permission(StandardPermissions.SiteOwner)));
         }
     }
 }
diff --git a/src/Orchard.Web/Core/Settings/Controllers/AdminController.cs b/src/Orchard.Web/Core/Settings/Controllers/AdminController.cs
index 9aa82dfc6..e68c22f4d 100644
--- a/src/Orchard.Web/Core/Settings/Controllers/AdminController.cs
+++ b/src/Orchard.Web/Core/Settings/Controllers/AdminController.cs
@@ -5,6 +5,7 @@ using Orchard.Core.Settings.ViewModels;
 using Orchard.Localization;
 using Orchard.ContentManagement;
 using Orchard.Localization.Services;
+using Orchard.Security;
 using Orchard.Settings;
 using Orchard.UI.Notify;
 
@@ -28,7 +29,7 @@ namespace Orchard.Core.Settings.Controllers {
         public Localizer T { get; set; }
 
         public ActionResult Index(string tabName) {
-            if (!Services.Authorizer.Authorize(Permissions.ManageSettings, T("Not authorized to manage settings")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to manage settings")))
                 return new HttpUnauthorizedResult();
 
             dynamic model = Services.ContentManager.BuildEditor(_siteService.GetSiteSettings());
@@ -38,7 +39,7 @@ namespace Orchard.Core.Settings.Controllers {
 
         [HttpPost, ActionName("Index")]
         public ActionResult IndexPOST(string tabName) {
-            if (!Services.Authorizer.Authorize(Permissions.ManageSettings, T("Not authorized to manage settings")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to manage settings")))
                 return new HttpUnauthorizedResult();
 
             var site = _siteService.GetSiteSettings();
@@ -56,7 +57,7 @@ namespace Orchard.Core.Settings.Controllers {
 
         public ActionResult Culture() {
             //todo: class and/or method attributes for our auth?
-            if (!Services.Authorizer.Authorize(Permissions.ManageSettings, T("Not authorized to manage settings")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to manage settings")))
                 return new HttpUnauthorizedResult();
 
             var model = new SiteCulturesViewModel {
@@ -72,7 +73,7 @@ namespace Orchard.Core.Settings.Controllers {
 
         [HttpPost]
         public ActionResult AddCulture(string systemCultureName, string cultureName) {
-            if (!Services.Authorizer.Authorize(Permissions.ManageSettings, T("Not authorized to manage settings")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to manage settings")))
                 return new HttpUnauthorizedResult();
 
             cultureName = string.IsNullOrWhiteSpace(cultureName) ? systemCultureName : cultureName;
@@ -85,7 +86,7 @@ namespace Orchard.Core.Settings.Controllers {
 
         [HttpPost]
         public ActionResult DeleteCulture(string cultureName) {
-            if (!Services.Authorizer.Authorize(Permissions.ManageSettings, T("Not authorized to manage settings")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to manage settings")))
                 return new HttpUnauthorizedResult();
 
             _cultureManager.DeleteCulture(cultureName);
diff --git a/src/Orchard.Web/Core/Settings/Permissions.cs b/src/Orchard.Web/Core/Settings/Permissions.cs
deleted file mode 100644
index f587f8748..000000000
--- a/src/Orchard.Web/Core/Settings/Permissions.cs
+++ /dev/null
@@ -1,28 +0,0 @@
-using System.Collections.Generic;
-using Orchard.Environment.Extensions.Models;
-using Orchard.Security.Permissions;
-
-namespace Orchard.Core.Settings {
-    public class Permissions : IPermissionProvider {
-        public static readonly Permission ManageSettings = new Permission { Name = "ManageSettings", Description = "Manage site settings" };
-        public static readonly Permission ChangeSuperuser = new Permission { Name = "ChangeSuperuser", Description = "Change the superuser for the site" };
-
-        public virtual Feature Feature { get; set; }
-
-        public IEnumerable<Permission> GetPermissions() {
-            return new[] {
-                 ManageSettings,
-                 ChangeSuperuser,
-             };
-        }
-
-        public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
-            return new[] {
-                new PermissionStereotype {
-                    Name = "Administrator",
-                    Permissions = new[] {ManageSettings}
-                }
-            };
-        }
-    }
-}
diff --git a/src/Orchard.Web/Core/XmlRpc/Controllers/LiveWriterController.cs b/src/Orchard.Web/Core/XmlRpc/Controllers/LiveWriterController.cs
index 54501817a..439f883a7 100644
--- a/src/Orchard.Web/Core/XmlRpc/Controllers/LiveWriterController.cs
+++ b/src/Orchard.Web/Core/XmlRpc/Controllers/LiveWriterController.cs
@@ -23,6 +23,7 @@ namespace Orchard.Core.XmlRpc.Controllers {
 
             var options = new XElement(
                 XName.Get("options", ManifestUri),
+                new XElement(XName.Get("supportsAutoUpdate", ManifestUri), "Yes"),
                 new XElement(XName.Get("clientType", ManifestUri), "Metaweblog"),
                 new XElement(XName.Get("supportsKeywords", ManifestUri), "No"),
                 new XElement(XName.Get("supportsCategories", ManifestUri), "No"),
diff --git a/src/Orchard.Web/Modules/Orchard.Blogs/AdminMenu.cs b/src/Orchard.Web/Modules/Orchard.Blogs/AdminMenu.cs
index 9443b91ee..d54c11dc2 100644
--- a/src/Orchard.Web/Modules/Orchard.Blogs/AdminMenu.cs
+++ b/src/Orchard.Web/Modules/Orchard.Blogs/AdminMenu.cs
@@ -26,16 +26,16 @@ namespace Orchard.Blogs {
 
             if (blogCount > 0 && singleBlog == null) {
                 menu.Add(T("List"), "3",
-                         item => item.Action("List", "BlogAdmin", new {area = "Orchard.Blogs"}).Permission(Permissions.MetaListBlogs));
+                         item => item.Action("List", "BlogAdmin", new {area = "Orchard.Blogs"}).Permission(Permissions.MetaListOwnBlogs));
             }
             else if (singleBlog != null)
                 menu.Add(T("Manage Blog"), "1.0",
-                    item => item.Action("Item", "BlogAdmin", new { area = "Orchard.Blogs", blogId = singleBlog.Id }).Permission(Permissions.MetaListBlogs));
+                    item => item.Action("Item", "BlogAdmin", new { area = "Orchard.Blogs", blogId = singleBlog.Id }).Permission(Permissions.MetaListOwnBlogs));
 
             if (singleBlog != null)
                 menu.Add(T("Create New Post"), "1.1",
                          item =>
-                         item.Action("Create", "BlogPostAdmin", new { area = "Orchard.Blogs", blogId = singleBlog.Id }).Permission(Permissions.PublishBlogPost));
+                         item.Action("Create", "BlogPostAdmin", new { area = "Orchard.Blogs", blogId = singleBlog.Id }).Permission(Permissions.PublishOwnBlogPost));
 
             menu.Add(T("Create New Blog"), "1.2",
                      item =>
diff --git a/src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogPostAdminController.cs b/src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogPostAdminController.cs
index 6d2ac2168..b91169970 100644
--- a/src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogPostAdminController.cs
+++ b/src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogPostAdminController.cs
@@ -29,7 +29,7 @@ namespace Orchard.Blogs.Controllers {
         public Localizer T { get; set; }
 
         public ActionResult Create() {
-            if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, T("Not allowed to create blog post")))
+            if (!Services.Authorizer.Authorize(Permissions.EditOwnBlogPost, T("Not allowed to create blog post")))
                 return new HttpUnauthorizedResult();
 
             var blogPost = Services.ContentManager.New<BlogPostPart>("BlogPost");
@@ -57,7 +57,7 @@ namespace Orchard.Blogs.Controllers {
         }
 
         public ActionResult CreatePOST(Action<ContentItem> conditionallyPublish) {
-            if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, T("Couldn't create blog post")))
+            if (!Services.Authorizer.Authorize(Permissions.EditOwnBlogPost, T("Couldn't create blog post")))
                 return new HttpUnauthorizedResult();
 
             var blogPost = Services.ContentManager.New<BlogPostPart>("BlogPost");
@@ -81,7 +81,7 @@ namespace Orchard.Blogs.Controllers {
         //todo: the content shape template has extra bits that the core contents module does not (remove draft functionality)
         //todo: - move this extra functionality there or somewhere else that's appropriate?
         public ActionResult Edit(int blogId, int postId) {
-            if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, T("Couldn't edit blog post")))
+            if (!Services.Authorizer.Authorize(Permissions.EditOwnBlogPost, T("Couldn't edit blog post")))
                 return new HttpUnauthorizedResult();
 
             var blog = _blogService.Get(blogId, VersionOptions.Latest);
@@ -113,7 +113,7 @@ namespace Orchard.Blogs.Controllers {
         }
 
         public ActionResult EditPOST(int blogId, int postId, string returnUrl, Action<ContentItem> conditionallyPublish) {
-            if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, T("Couldn't edit blog post")))
+            if (!Services.Authorizer.Authorize(Permissions.EditOwnBlogPost, T("Couldn't edit blog post")))
                 return new HttpUnauthorizedResult();
 
             var blog = _blogService.Get(blogId, VersionOptions.Latest);
@@ -184,7 +184,7 @@ namespace Orchard.Blogs.Controllers {
         [ValidateAntiForgeryTokenOrchard]
         public ActionResult Delete(int blogId, int postId) {
             //refactoring: test PublishBlogPost/PublishOthersBlogPost in addition if published
-            if (!Services.Authorizer.Authorize(Permissions.DeleteBlogPost, T("Couldn't delete blog post")))
+            if (!Services.Authorizer.Authorize(Permissions.DeleteOwnBlogPost, T("Couldn't delete blog post")))
                 return new HttpUnauthorizedResult();
 
             var blog = _blogService.Get(blogId, VersionOptions.Latest);
@@ -203,7 +203,7 @@ namespace Orchard.Blogs.Controllers {
 
         [ValidateAntiForgeryTokenOrchard]
         public ActionResult Publish(int blogId, int postId) {
-            if (!Services.Authorizer.Authorize(Permissions.PublishBlogPost, T("Couldn't publish blog post")))
+            if (!Services.Authorizer.Authorize(Permissions.PublishOwnBlogPost, T("Couldn't publish blog post")))
                 return new HttpUnauthorizedResult();
 
             var blog = _blogService.Get(blogId, VersionOptions.Latest);
@@ -222,7 +222,7 @@ namespace Orchard.Blogs.Controllers {
 
         [ValidateAntiForgeryTokenOrchard]
         public ActionResult Unpublish(int blogId, int postId) {
-            if (!Services.Authorizer.Authorize(Permissions.PublishBlogPost, T("Couldn't unpublish blog post")))
+            if (!Services.Authorizer.Authorize(Permissions.PublishOwnBlogPost, T("Couldn't unpublish blog post")))
                 return new HttpUnauthorizedResult();
 
             var blog = _blogService.Get(blogId, VersionOptions.Latest);
diff --git a/src/Orchard.Web/Modules/Orchard.Blogs/Permissions.cs b/src/Orchard.Web/Modules/Orchard.Blogs/Permissions.cs
index e2cadb39e..3c4b790d8 100644
--- a/src/Orchard.Web/Modules/Orchard.Blogs/Permissions.cs
+++ b/src/Orchard.Web/Modules/Orchard.Blogs/Permissions.cs
@@ -4,28 +4,28 @@ using Orchard.Security.Permissions;
 
 namespace Orchard.Blogs {
     public class Permissions : IPermissionProvider {
-        public static readonly Permission ManageBlogs = new Permission { Description = "Manage blogs", Name = "ManageBlogs" };//q: Should edit_blog be ManageBlogs?
+        public static readonly Permission ManageBlogs = new Permission { Description = "Manage blogs", Name = "ManageBlogs" };
 
         public static readonly Permission PublishOthersBlogPost = new Permission { Description = "Publish or unpublish blog post for others", Name = "PublishOthersBlogPost", ImpliedBy = new[] { ManageBlogs } };
-        public static readonly Permission PublishBlogPost = new Permission { Description = "Publish or unpublish blog post", Name = "PublishBlogPost", ImpliedBy = new[] { PublishOthersBlogPost } };
+        public static readonly Permission PublishOwnBlogPost = new Permission { Description = "Publish or unpublish own blog post", Name = "PublishOwnBlogPost", ImpliedBy = new[] { PublishOthersBlogPost } };
         public static readonly Permission EditOthersBlogPost = new Permission { Description = "Edit any blog posts", Name = "EditOthersBlogPost", ImpliedBy = new[] { PublishOthersBlogPost } };
-        public static readonly Permission EditBlogPost = new Permission { Description = "Edit own blog posts", Name = "EditBlogPost", ImpliedBy = new[] { EditOthersBlogPost, PublishBlogPost } };
+        public static readonly Permission EditOwnBlogPost = new Permission { Description = "Edit own blog posts", Name = "EditOwnBlogPost", ImpliedBy = new[] { EditOthersBlogPost, PublishOwnBlogPost } };
         public static readonly Permission DeleteOthersBlogPost = new Permission { Description = "Delete blog post for others", Name = "DeleteOthersBlogPost", ImpliedBy = new[] { ManageBlogs } };
-        public static readonly Permission DeleteBlogPost = new Permission { Description = "Delete blog post", Name = "DeleteBlogPost", ImpliedBy = new[] { DeleteOthersBlogPost } };
+        public static readonly Permission DeleteOwnBlogPost = new Permission { Description = "Delete own blog post", Name = "DeleteOwnBlogPost", ImpliedBy = new[] { DeleteOthersBlogPost } };
 
         public static readonly Permission MetaListOthersBlogs = new Permission { ImpliedBy = new[] { EditOthersBlogPost, PublishOthersBlogPost, DeleteOthersBlogPost } };
-        public static readonly Permission MetaListBlogs = new Permission { ImpliedBy = new[] { EditBlogPost, PublishBlogPost, DeleteBlogPost } };
+        public static readonly Permission MetaListOwnBlogs = new Permission { ImpliedBy = new[] { EditOwnBlogPost, PublishOwnBlogPost, DeleteOwnBlogPost } };
 
         public virtual Feature Feature { get; set; }
 
         public IEnumerable<Permission> GetPermissions() {
             return new[] {
                 ManageBlogs,
-                EditBlogPost,
+                EditOwnBlogPost,
                 EditOthersBlogPost,
-                PublishBlogPost,
+                PublishOwnBlogPost,
                 PublishOthersBlogPost,
-                DeleteBlogPost,
+                DeleteOwnBlogPost,
                 DeleteOthersBlogPost,
             };
         }
@@ -42,15 +42,14 @@ namespace Orchard.Blogs {
                 },
                 new PermissionStereotype {
                     Name = "Moderator",
-                    //Permissions = new[] {}
                 },
                 new PermissionStereotype {
                     Name = "Author",
-                    Permissions = new[] {PublishBlogPost,EditBlogPost,DeleteBlogPost}
+                    Permissions = new[] {PublishOwnBlogPost,EditOwnBlogPost,DeleteOwnBlogPost}
                 },
                 new PermissionStereotype {
                     Name = "Contributor",
-                    Permissions = new[] {EditBlogPost}
+                    Permissions = new[] {EditOwnBlogPost}
                 },
             };
         }
diff --git a/src/Orchard.Web/Modules/Orchard.Blogs/Services/XmlRpcHandler.cs b/src/Orchard.Web/Modules/Orchard.Blogs/Services/XmlRpcHandler.cs
index f9972c7b9..bd48b5c8a 100644
--- a/src/Orchard.Web/Modules/Orchard.Blogs/Services/XmlRpcHandler.cs
+++ b/src/Orchard.Web/Modules/Orchard.Blogs/Services/XmlRpcHandler.cs
@@ -166,7 +166,7 @@ namespace Orchard.Blogs.Services {
             IEnumerable<IXmlRpcDriver> drivers) {
 
             var user = _membershipService.ValidateUser(userName, password);
-            _authorizationService.CheckAccess(Permissions.EditBlogPost, user, null);
+            _authorizationService.CheckAccess(Permissions.EditOwnBlogPost, user, null);
 
             var blog = _contentManager.Get<BlogPart>(Convert.ToInt32(blogId));
             if (blog == null)
diff --git a/src/Orchard.Web/Modules/Orchard.Comments/Annotations/CommentValidationAttributes.cs b/src/Orchard.Web/Modules/Orchard.Comments/Annotations/CommentValidationAttributes.cs
new file mode 100644
index 000000000..551afb931
--- /dev/null
+++ b/src/Orchard.Web/Modules/Orchard.Comments/Annotations/CommentValidationAttributes.cs
@@ -0,0 +1,39 @@
+using Orchard.Localization;
+
+namespace Orchard.Comments.Annotations {
+    public class RequiredAttribute : System.ComponentModel.DataAnnotations.RequiredAttribute {
+        public RequiredAttribute() {
+            T = NullLocalizer.Instance;
+        }
+
+        public Localizer T { get; set; }
+
+        public override string FormatErrorMessage(string name) {
+            return T("You must provide a {0} in order to comment.", name).Text;
+        }
+    }
+
+    public class CommentRequiredAttribute : System.ComponentModel.DataAnnotations.RequiredAttribute {
+        public CommentRequiredAttribute() {
+            T = NullLocalizer.Instance;
+        }
+
+        public Localizer T { get; set; }
+
+        public override string FormatErrorMessage(string name) {
+            return T("You must provide a Comment.", name).Text;
+        }
+    }
+
+    public class RegularExpressionAttribute : System.ComponentModel.DataAnnotations.RegularExpressionAttribute {
+        public RegularExpressionAttribute(string pattern) : base(pattern) {
+            T = NullLocalizer.Instance;
+        }
+
+        public Localizer T { get; set; }
+
+        public override string FormatErrorMessage(string name) {
+            return T("The {0} is not valid.", name).Text;
+        }
+    }
+}
\ No newline at end of file
diff --git a/src/Orchard.Web/Modules/Orchard.Comments/Controllers/AdminController.cs b/src/Orchard.Web/Modules/Orchard.Comments/Controllers/AdminController.cs
index d77a7362f..c5164d4ad 100644
--- a/src/Orchard.Web/Modules/Orchard.Comments/Controllers/AdminController.cs
+++ b/src/Orchard.Web/Modules/Orchard.Comments/Controllers/AdminController.cs
@@ -231,7 +231,7 @@ namespace Orchard.Comments.Controllers {
         [HttpPost]
         public ActionResult Close(int commentedItemId, string returnUrl) {
             try {
-                if (!Services.Authorizer.Authorize(Permissions.CloseComment, T("Couldn't close comments")))
+                if (!Services.Authorizer.Authorize(Permissions.ManageComments, T("Couldn't close comments")))
                     return new HttpUnauthorizedResult();
                 _commentService.CloseCommentsForCommentedContent(commentedItemId);
                 if (!String.IsNullOrEmpty(returnUrl)) {
@@ -251,7 +251,7 @@ namespace Orchard.Comments.Controllers {
         [HttpPost]
         public ActionResult Enable(int commentedItemId, string returnUrl) {
             try {
-                if (!Services.Authorizer.Authorize(Permissions.EnableComment, T("Couldn't enable comments")))
+                if (!Services.Authorizer.Authorize(Permissions.ManageComments, T("Couldn't enable comments")))
                     return new HttpUnauthorizedResult();
                 _commentService.EnableCommentsForCommentedContent(commentedItemId);
                 if (!String.IsNullOrEmpty(returnUrl)) {
diff --git a/src/Orchard.Web/Modules/Orchard.Comments/Orchard.Comments.csproj b/src/Orchard.Web/Modules/Orchard.Comments/Orchard.Comments.csproj
index 5d05b1683..1e8557652 100644
--- a/src/Orchard.Web/Modules/Orchard.Comments/Orchard.Comments.csproj
+++ b/src/Orchard.Web/Modules/Orchard.Comments/Orchard.Comments.csproj
@@ -65,6 +65,7 @@
     <Compile Include="Drivers\CommentsContainerPartDriver.cs" />
     <Compile Include="Drivers\CommentSettingsPartDriver.cs" />
     <Compile Include="Drivers\CommentsPartDriver.cs" />
+    <Compile Include="Annotations\CommentValidationAttributes.cs" />
     <Compile Include="ResourceManifest.cs" />
     <Compile Include="Shapes.cs" />
     <Compile Include="Models\ClosedCommentsRecord.cs" />
diff --git a/src/Orchard.Web/Modules/Orchard.Comments/Permissions.cs b/src/Orchard.Web/Modules/Orchard.Comments/Permissions.cs
index a5e49a36e..67500ac71 100644
--- a/src/Orchard.Web/Modules/Orchard.Comments/Permissions.cs
+++ b/src/Orchard.Web/Modules/Orchard.Comments/Permissions.cs
@@ -5,22 +5,14 @@ using Orchard.Security.Permissions;
 namespace Orchard.Comments {
     public class Permissions : IPermissionProvider {
         public static readonly Permission AddComment = new Permission { Description = "Add comment", Name = "AddComment" };
-        public static readonly Permission EnableComment = new Permission { Description = "Enabling Comments on content items", Name = "EnableComment" };//refactoring
-        public static readonly Permission CloseComment = new Permission { Description = "Closing Comments", Name = "CloseComment" };//refactoring
-        public static readonly Permission CloseCommentOnOwnItems = new Permission { Description = "Closing Comments on own items", Name = "CloseCommentOnOwnItems" };//refactoring
         public static readonly Permission ManageComments = new Permission { Description = "Manage comments", Name = "ManageComments" };
-        public static readonly Permission ManageOthersComments = new Permission { Description = "Manage comments for others", Name = "ManageOthersComments" };
 
         public virtual Feature Feature { get; set; }
 
         public IEnumerable<Permission> GetPermissions() {
             return new[] {
                 AddComment,
-                EnableComment,
-                CloseComment,
-                CloseCommentOnOwnItems,
                 ManageComments,
-                ManageOthersComments
             };
         }
 
diff --git a/src/Orchard.Web/Modules/Orchard.Comments/ViewModels/CommentsCreateViewModel.cs b/src/Orchard.Web/Modules/Orchard.Comments/ViewModels/CommentsCreateViewModel.cs
index db146acb7..51fb81d4c 100644
--- a/src/Orchard.Web/Modules/Orchard.Comments/ViewModels/CommentsCreateViewModel.cs
+++ b/src/Orchard.Web/Modules/Orchard.Comments/ViewModels/CommentsCreateViewModel.cs
@@ -1,22 +1,23 @@
 using System.ComponentModel.DataAnnotations;
+using Orchard.Comments.Annotations;
 
 namespace Orchard.Comments.ViewModels {
     public class CommentsCreateViewModel {
-        [Required(ErrorMessage="You must provide a Name in order to comment")]
+        [Annotations.Required]
         [StringLength(255)]
         public string Name { get; set; }
 
-        [RegularExpression(@"^[\w-]+@([\w-]+\.)+[\w]{2,4}$", ErrorMessage = "The Email is not valid")]
+        [Annotations.RegularExpression(@"^[\w-]+@([\w-]+\.)+[\w]{2,4}$")]
         [StringLength(255)]
         public string Email { get; set; }
 
         [StringLength(245)]
-        [RegularExpression(@"^(http(s)?://)?([\w-]+\.)+[\S]+$", ErrorMessage = "The Url is not valid")]
+        [Annotations.RegularExpression(@"^(http(s)?://)?([\w-]+\.)+[\S]+$")]
         public string SiteName { get; set; }
-        
-        [Required(ErrorMessage = "You must provide a Comment")]
+
+        [CommentRequired]
         public string CommentText { get; set; }
 
         public int CommentedOn { get; set; }
     }
-}
+}
\ No newline at end of file
diff --git a/src/Orchard.Web/Modules/Orchard.ContentTypes/Controllers/AdminController.cs b/src/Orchard.Web/Modules/Orchard.ContentTypes/Controllers/AdminController.cs
index 518088b48..10654534e 100644
--- a/src/Orchard.Web/Modules/Orchard.ContentTypes/Controllers/AdminController.cs
+++ b/src/Orchard.Web/Modules/Orchard.ContentTypes/Controllers/AdminController.cs
@@ -36,7 +36,7 @@ namespace Orchard.ContentTypes.Controllers {
         }
 
         public ActionResult Create() {
-            if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to create a content type.")))
+            if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to create a content type.")))
                 return new HttpUnauthorizedResult();
 
             return View(new CreateTypeViewModel());
@@ -44,7 +44,7 @@ namespace Orchard.ContentTypes.Controllers {
 
         [HttpPost, ActionName("Create")]
         public ActionResult CreatePOST(CreateTypeViewModel viewModel) {
-            if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to create a content type.")))
+            if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to create a content type.")))
                 return new HttpUnauthorizedResult();
 
             viewModel.DisplayName = viewModel.DisplayName ?? String.Empty;
@@ -81,7 +81,7 @@ namespace Orchard.ContentTypes.Controllers {
         }
 
         public ActionResult Edit(string id) {
-            if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content type.")))
+            if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content type.")))
                 return new HttpUnauthorizedResult();
 
             var typeViewModel = _contentDefinitionService.GetType(id);
@@ -94,7 +94,7 @@ namespace Orchard.ContentTypes.Controllers {
 
         [HttpPost, ActionName("Edit")]
         public ActionResult EditPOST(string id) {
-            if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content type.")))
+            if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content type.")))
                 return new HttpUnauthorizedResult();
 
             var typeViewModel = _contentDefinitionService.GetType(id);
@@ -131,7 +131,7 @@ namespace Orchard.ContentTypes.Controllers {
         }
 
         public ActionResult AddPartsTo(string id) {
-            if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content type.")))
+            if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content type.")))
                 return new HttpUnauthorizedResult();
 
             var typeViewModel = _contentDefinitionService.GetType(id);
@@ -151,7 +151,7 @@ namespace Orchard.ContentTypes.Controllers {
 
         [HttpPost, ActionName("AddPartsTo")]
         public ActionResult AddPartsToPOST(string id) {
-            if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content type.")))
+            if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content type.")))
                 return new HttpUnauthorizedResult();
 
             var typeViewModel = _contentDefinitionService.GetType(id);
@@ -178,7 +178,7 @@ namespace Orchard.ContentTypes.Controllers {
         }
 
         public ActionResult RemovePartFrom(string id) {
-            if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content type.")))
+            if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content type.")))
                 return new HttpUnauthorizedResult();
 
             var typeViewModel = _contentDefinitionService.GetType(id);
@@ -195,7 +195,7 @@ namespace Orchard.ContentTypes.Controllers {
 
         [HttpPost, ActionName("RemovePartFrom")]
         public ActionResult RemovePartFromPOST(string id) {
-            if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content type.")))
+            if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content type.")))
                 return new HttpUnauthorizedResult();
 
             var typeViewModel = _contentDefinitionService.GetType(id);
@@ -231,7 +231,7 @@ namespace Orchard.ContentTypes.Controllers {
         }
 
         public ActionResult CreatePart() {
-            if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to create a content part.")))
+            if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to create a content part.")))
                 return new HttpUnauthorizedResult();
 
             return View(new CreatePartViewModel());
@@ -239,7 +239,7 @@ namespace Orchard.ContentTypes.Controllers {
 
         [HttpPost, ActionName("CreatePart")]
         public ActionResult CreatePartPOST(CreatePartViewModel viewModel) {
-            if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to create a content part.")))
+            if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to create a content part.")))
                 return new HttpUnauthorizedResult();
 
             if (!ModelState.IsValid)
@@ -257,7 +257,7 @@ namespace Orchard.ContentTypes.Controllers {
         }
 
         public ActionResult EditPart(string id) {
-            if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content part.")))
+            if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content part.")))
                 return new HttpUnauthorizedResult();
 
             var partViewModel = _contentDefinitionService.GetPart(id);
@@ -270,7 +270,7 @@ namespace Orchard.ContentTypes.Controllers {
 
         [HttpPost, ActionName("EditPart")]
         public ActionResult EditPartPOST(string id) {
-            if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content part.")))
+            if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content part.")))
                 return new HttpUnauthorizedResult();
 
             var partViewModel = _contentDefinitionService.GetPart(id);
@@ -294,7 +294,7 @@ namespace Orchard.ContentTypes.Controllers {
         }
 
         public ActionResult AddFieldTo(string id) {
-            if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content part.")))
+            if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content part.")))
                 return new HttpUnauthorizedResult();
 
             var partViewModel = _contentDefinitionService.GetPart(id);
@@ -318,7 +318,7 @@ namespace Orchard.ContentTypes.Controllers {
 
         [HttpPost, ActionName("AddFieldTo")]
         public ActionResult AddFieldToPOST(string id) {
-            if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content part.")))
+            if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content part.")))
                 return new HttpUnauthorizedResult();
 
             var partViewModel = _contentDefinitionService.GetPart(id);
@@ -365,7 +365,7 @@ namespace Orchard.ContentTypes.Controllers {
 
 
         public ActionResult RemoveFieldFrom(string id) {
-            if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content part.")))
+            if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content part.")))
                 return new HttpUnauthorizedResult();
 
             var partViewModel = _contentDefinitionService.GetPart(id);
@@ -382,7 +382,7 @@ namespace Orchard.ContentTypes.Controllers {
 
         [HttpPost, ActionName("RemoveFieldFrom")]
         public ActionResult RemoveFieldFromPOST(string id) {
-            if (!Services.Authorizer.Authorize(Permissions.CreateContentTypes, T("Not allowed to edit a content part.")))
+            if (!Services.Authorizer.Authorize(Permissions.EditContentTypes, T("Not allowed to edit a content part.")))
                 return new HttpUnauthorizedResult();
 
             var partViewModel = _contentDefinitionService.GetPart(id);
diff --git a/src/Orchard.Web/Modules/Orchard.ContentTypes/Permissions.cs b/src/Orchard.Web/Modules/Orchard.ContentTypes/Permissions.cs
index aa1aeaf26..af64cccc7 100644
--- a/src/Orchard.Web/Modules/Orchard.ContentTypes/Permissions.cs
+++ b/src/Orchard.Web/Modules/Orchard.ContentTypes/Permissions.cs
@@ -4,14 +4,12 @@ using Orchard.Security.Permissions;
 
 namespace Orchard.ContentTypes {
     public class Permissions : IPermissionProvider {
-        public static readonly Permission CreateContentTypes = new Permission { Name = "CreateContentTypes", Description = "Create custom content types." };
         public static readonly Permission EditContentTypes = new Permission { Name = "EditContentTypes", Description = "Edit content types." };
 
         public virtual Feature Feature { get; set; }
 
         public IEnumerable<Permission> GetPermissions() {
             return new [] {
-                CreateContentTypes,
                 EditContentTypes,
             };
         }
diff --git a/src/Orchard.Web/Modules/Orchard.Localization/Views/Parts/Localization.ContentTranslations.Summary.cshtml b/src/Orchard.Web/Modules/Orchard.Localization/Views/Parts/Localization.ContentTranslations.Summary.cshtml
index e11e22c17..2b6cb48f0 100644
--- a/src/Orchard.Web/Modules/Orchard.Localization/Views/Parts/Localization.ContentTranslations.Summary.cshtml
+++ b/src/Orchard.Web/Modules/Orchard.Localization/Views/Parts/Localization.ContentTranslations.Summary.cshtml
@@ -1,6 +1,6 @@
 @using Orchard.Core.Contents;
 @using Orchard.Localization.Models;
-@if (AuthorizedFor(Permissions.PublishContent)) {
+@if (AuthorizedFor(Permissions.PublishOthersContent)) {
 Style.Require("LocalizationAdmin");
 IEnumerable<LocalizationPart> localizations  = Model.Localizations;
 var localizationLinks = Html.UnorderedList(localizations, (c, i) => Html.ItemEditLink(c.Culture.Culture, c), "localizations");
diff --git a/src/Orchard.Web/Modules/Orchard.Localization/Views/Parts/Localization.ContentTranslations.SummaryAdmin.cshtml b/src/Orchard.Web/Modules/Orchard.Localization/Views/Parts/Localization.ContentTranslations.SummaryAdmin.cshtml
index ed47211d7..c5e2fd5f2 100644
--- a/src/Orchard.Web/Modules/Orchard.Localization/Views/Parts/Localization.ContentTranslations.SummaryAdmin.cshtml
+++ b/src/Orchard.Web/Modules/Orchard.Localization/Views/Parts/Localization.ContentTranslations.SummaryAdmin.cshtml
@@ -1,6 +1,6 @@
 @using Orchard.Core.Contents;
 @using Orchard.Localization.Models;
-@if (AuthorizedFor(Permissions.PublishContent)) {
+@if (AuthorizedFor(Permissions.PublishOthersContent)) {
 Style.Require("LocalizationAdmin");
 IEnumerable<LocalizationPart> localizations  = Model.Localizations;
 var localizationLinks = Html.UnorderedList(localizations, (c, i) => Html.ItemEditLink(c.Culture.Culture, c), "localizations");
diff --git a/src/Orchard.Web/Modules/Orchard.Media/AdminMenu.cs b/src/Orchard.Web/Modules/Orchard.Media/AdminMenu.cs
index 38a9ac151..463fca6e2 100644
--- a/src/Orchard.Web/Modules/Orchard.Media/AdminMenu.cs
+++ b/src/Orchard.Web/Modules/Orchard.Media/AdminMenu.cs
@@ -14,7 +14,7 @@ namespace Orchard.Media {
         public void GetNavigation(NavigationBuilder builder) {
             builder.Add(T("Media"), "6",
                 menu => menu.Add(T("Media"), "0", item => item.Action("Index", "Admin", new { area = "Orchard.Media" })
-                    .Permission(Permissions.ManageMediaFiles)));
+                    .Permission(Permissions.ManageMedia)));
         }
     }
 }
\ No newline at end of file
diff --git a/src/Orchard.Web/Modules/Orchard.Media/Controllers/AdminController.cs b/src/Orchard.Web/Modules/Orchard.Media/Controllers/AdminController.cs
index a8c7552b2..3b12b610e 100644
--- a/src/Orchard.Web/Modules/Orchard.Media/Controllers/AdminController.cs
+++ b/src/Orchard.Web/Modules/Orchard.Media/Controllers/AdminController.cs
@@ -55,7 +55,7 @@ namespace Orchard.Media.Controllers {
 
         [HttpPost]
         public ActionResult Create() {
-            if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't create media folder")))
+            if (!Services.Authorizer.Authorize(Permissions.ManageMedia, T("Couldn't create media folder")))
                 return new HttpUnauthorizedResult();
 
             var viewModel = new MediaFolderCreateViewModel();
@@ -87,7 +87,7 @@ namespace Orchard.Media.Controllers {
                     if (key.StartsWith("Checkbox.File.") && input[key] == "true") {
                         string fileName = key.Substring("Checkbox.File.".Length);
                         string folderName = input[fileName];
-                        if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't delete media file")))
+                        if (!Services.Authorizer.Authorize(Permissions.ManageMedia, T("Couldn't delete media file")))
                             return new HttpUnauthorizedResult();
                         _mediaService.DeleteFile(fileName, folderName);
 
@@ -96,7 +96,7 @@ namespace Orchard.Media.Controllers {
                     else if (key.StartsWith("Checkbox.Folder.") && input[key] == "true") {
                         string folderName = key.Substring("Checkbox.Folder.".Length);
                         string folderPath = input[folderName];
-                        if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't delete media folder")))
+                        if (!Services.Authorizer.Authorize(Permissions.ManageMedia, T("Couldn't delete media folder")))
                             return new HttpUnauthorizedResult();
                         _mediaService.DeleteFolder(folderPath);
 
@@ -119,7 +119,7 @@ namespace Orchard.Media.Controllers {
         [HttpPost, ActionName("EditProperties")]
         [FormValueRequired("submit.Delete")]
         public ActionResult EditPropertiesDeletePOST() {
-            if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't delete media folder")))
+            if (!Services.Authorizer.Authorize(Permissions.ManageMedia, T("Couldn't delete media folder")))
                 return new HttpUnauthorizedResult();
 
             var viewModel = new MediaFolderEditPropertiesViewModel();
@@ -140,7 +140,7 @@ namespace Orchard.Media.Controllers {
         [HttpPost, ActionName("EditProperties")]
         [FormValueRequired("submit.Save")]
         public ActionResult EditProperties() {
-            if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't rename media folder")))
+            if (!Services.Authorizer.Authorize(Permissions.ManageMedia, T("Couldn't rename media folder")))
                 return new HttpUnauthorizedResult();
 
             var viewModel = new MediaFolderEditPropertiesViewModel();
@@ -164,7 +164,7 @@ namespace Orchard.Media.Controllers {
 
         [HttpPost]
         public ActionResult Add() {
-            if (!Services.Authorizer.Authorize(Permissions.UploadMediaFiles, T("Couldn't upload media file")))
+            if (!Services.Authorizer.Authorize(Permissions.ManageMedia, T("Couldn't upload media file")))
                 return new HttpUnauthorizedResult();
 
             var viewModel = new MediaItemAddViewModel();
@@ -203,7 +203,7 @@ namespace Orchard.Media.Controllers {
 
         [HttpPost]
         public ContentResult AddFromClient() {
-            if (!Services.Authorizer.Authorize(Permissions.UploadMediaFiles))
+            if (!Services.Authorizer.Authorize(Permissions.ManageMedia))
                 return Content(string.Format("<script type=\"text/javascript\">var result = {{ error: \"{0}\" }};</script>", T("ERROR: You don't have permission to upload media files")));
 
             var viewModel = new MediaItemAddViewModel();
@@ -247,7 +247,7 @@ namespace Orchard.Media.Controllers {
         [HttpPost, ActionName("EditMedia")]
         [FormValueRequired("submit.Delete")]
         public ActionResult EditMediaDeletePOST(FormCollection input) {
-            if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't delete media file")))
+            if (!Services.Authorizer.Authorize(Permissions.ManageMedia, T("Couldn't delete media file")))
                 return new HttpUnauthorizedResult();
 
             var viewModel = new MediaItemEditViewModel();
@@ -267,7 +267,7 @@ namespace Orchard.Media.Controllers {
         [HttpPost, ActionName("EditMedia")]
         [FormValueRequired("submit.Save")]
         public ActionResult EditMedia(FormCollection input) {
-            if (!Services.Authorizer.Authorize(Permissions.ManageMediaFiles, T("Couldn't modify media file")))
+            if (!Services.Authorizer.Authorize(Permissions.ManageMedia, T("Couldn't modify media file")))
                 return new HttpUnauthorizedResult();
 
             var viewModel = new MediaItemEditViewModel();
diff --git a/src/Orchard.Web/Modules/Orchard.Media/Permissions.cs b/src/Orchard.Web/Modules/Orchard.Media/Permissions.cs
index 76fb3f4c7..de64e7f96 100644
--- a/src/Orchard.Web/Modules/Orchard.Media/Permissions.cs
+++ b/src/Orchard.Web/Modules/Orchard.Media/Permissions.cs
@@ -4,15 +4,13 @@ using Orchard.Security.Permissions;
 
 namespace Orchard.Media {
     public class Permissions : IPermissionProvider {
-        public static readonly Permission ManageMediaFiles = new Permission { Description = "Modifying Media Files", Name = "ManageMediaFiles" };
-        public static readonly Permission UploadMediaFiles = new Permission { Description = "Uploading Media Files", Name = "UploadMediaFiles", ImpliedBy = new[] { ManageMediaFiles } };
+        public static readonly Permission ManageMedia = new Permission { Description = "Managing Media Files", Name = "ManageMedia" };
 
         public virtual Feature Feature { get; set; }
 
         public IEnumerable<Permission> GetPermissions() {
             return new[] {
-                ManageMediaFiles,
-                UploadMediaFiles,
+                ManageMedia,
             };
         }
 
@@ -20,23 +18,21 @@ namespace Orchard.Media {
             return new[] {
                 new PermissionStereotype {
                     Name = "Administrator",
-                    Permissions = new[] {ManageMediaFiles}
+                    Permissions = new[] {ManageMedia}
                 },
                 new PermissionStereotype {
                     Name = "Editor",
-                    Permissions = new[] {ManageMediaFiles}
+                    Permissions = new[] {ManageMedia}
                 },
                 new PermissionStereotype {
                     Name = "Moderator",
-                    //Permissions = new[] {}
                 },
                 new PermissionStereotype {
                     Name = "Author",
-                    Permissions = new[] {ManageMediaFiles}
+                    Permissions = new[] {ManageMedia}
                 },
                 new PermissionStereotype {
                     Name = "Contributor",
-                    Permissions = new[] {UploadMediaFiles}
                 },
             };
         }
diff --git a/src/Orchard.Web/Modules/Orchard.Media/Services/XmlRpcHandler.cs b/src/Orchard.Web/Modules/Orchard.Media/Services/XmlRpcHandler.cs
index cdeb7974f..f035619d2 100644
--- a/src/Orchard.Web/Modules/Orchard.Media/Services/XmlRpcHandler.cs
+++ b/src/Orchard.Web/Modules/Orchard.Media/Services/XmlRpcHandler.cs
@@ -49,7 +49,7 @@ namespace Orchard.Media.Services {
             XRpcStruct file) {
 
             var user = _membershipService.ValidateUser(userName, password);
-            if (!_authorizationService.TryCheckAccess(Permissions.UploadMediaFiles, user, null)) {
+            if (!_authorizationService.TryCheckAccess(Permissions.ManageMedia, user, null)) {
                 //TEMP: return appropriate access-denied response for user
                 throw new ApplicationException("Access denied");
             }
diff --git a/src/Orchard.Web/Modules/Orchard.MultiTenancy/AdminMenu.cs b/src/Orchard.Web/Modules/Orchard.MultiTenancy/AdminMenu.cs
index 738be1b6a..d87f54f1d 100644
--- a/src/Orchard.Web/Modules/Orchard.MultiTenancy/AdminMenu.cs
+++ b/src/Orchard.Web/Modules/Orchard.MultiTenancy/AdminMenu.cs
@@ -1,5 +1,6 @@
 using Orchard.Environment.Configuration;
 using Orchard.Localization;
+using Orchard.Security;
 using Orchard.UI.Navigation;
 
 namespace Orchard.MultiTenancy {
@@ -20,7 +21,7 @@ namespace Orchard.MultiTenancy {
 
             builder.Add(T("Tenants"), "100",
                 menu => menu.Add(T("List"), "0", item => item.Action("Index", "Admin", new { area = "Orchard.MultiTenancy" })
-                    .Permission(Permissions.ManageTenants)));
+                    .Permission(StandardPermissions.SiteOwner)));
         }
     }
 }
diff --git a/src/Orchard.Web/Modules/Orchard.MultiTenancy/Controllers/AdminController.cs b/src/Orchard.Web/Modules/Orchard.MultiTenancy/Controllers/AdminController.cs
index 4881ef86a..a7952c512 100644
--- a/src/Orchard.Web/Modules/Orchard.MultiTenancy/Controllers/AdminController.cs
+++ b/src/Orchard.Web/Modules/Orchard.MultiTenancy/Controllers/AdminController.cs
@@ -5,6 +5,7 @@ using Orchard.Environment.Configuration;
 using Orchard.Localization;
 using Orchard.MultiTenancy.Services;
 using Orchard.MultiTenancy.ViewModels;
+using Orchard.Security;
 using Orchard.UI.Notify;
 
 namespace Orchard.MultiTenancy.Controllers {
@@ -29,7 +30,7 @@ namespace Orchard.MultiTenancy.Controllers {
         }
 
         public ActionResult Add() {
-            if (!Services.Authorizer.Authorize(Permissions.ManageTenants, T("Cannot create tenant")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Cannot create tenant")))
                 return new HttpUnauthorizedResult();
 
             if ( !EnsureDefaultTenant() )
@@ -41,7 +42,7 @@ namespace Orchard.MultiTenancy.Controllers {
         [HttpPost, ActionName("Add")]
         public ActionResult AddPOST(TenantAddViewModel viewModel) {
             try {
-                if (!Services.Authorizer.Authorize(Permissions.ManageTenants, T("Couldn't create tenant")))
+                if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Couldn't create tenant")))
                     return new HttpUnauthorizedResult();
 
                 if ( !EnsureDefaultTenant() )
@@ -67,7 +68,7 @@ namespace Orchard.MultiTenancy.Controllers {
         }
 
         public ActionResult Edit(string name) {
-            if (!Services.Authorizer.Authorize(Permissions.ManageTenants, T("Cannot edit tenant")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Cannot edit tenant")))
                 return new HttpUnauthorizedResult();
 
             if ( !EnsureDefaultTenant() )
@@ -91,7 +92,7 @@ namespace Orchard.MultiTenancy.Controllers {
         [HttpPost, ActionName("Edit")]
         public ActionResult EditPost(TenantEditViewModel viewModel) {
             try {
-                if (!Services.Authorizer.Authorize(Permissions.ManageTenants, T("Couldn't edit tenant")))
+                if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Couldn't edit tenant")))
                     return new HttpUnauthorizedResult();
 
                 if ( !EnsureDefaultTenant() )
@@ -122,7 +123,7 @@ namespace Orchard.MultiTenancy.Controllers {
 
         [HttpPost]
         public ActionResult Disable(string name) {
-            if (!Services.Authorizer.Authorize(Permissions.ManageTenants, T("Couldn't disable tenant")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Couldn't disable tenant")))
                 return new HttpUnauthorizedResult();
 
             if ( !EnsureDefaultTenant() )
@@ -140,7 +141,7 @@ namespace Orchard.MultiTenancy.Controllers {
 
         [HttpPost]
         public ActionResult Enable(string name) {
-            if (!Services.Authorizer.Authorize(Permissions.ManageTenants, T("Couldn't enable tenant")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Couldn't enable tenant")))
                 return new HttpUnauthorizedResult();
 
             if ( !EnsureDefaultTenant() )
diff --git a/src/Orchard.Web/Modules/Orchard.MultiTenancy/Orchard.MultiTenancy.csproj b/src/Orchard.Web/Modules/Orchard.MultiTenancy/Orchard.MultiTenancy.csproj
index 350a06865..9a3a7520e 100644
--- a/src/Orchard.Web/Modules/Orchard.MultiTenancy/Orchard.MultiTenancy.csproj
+++ b/src/Orchard.Web/Modules/Orchard.MultiTenancy/Orchard.MultiTenancy.csproj
@@ -63,7 +63,6 @@
     <Compile Include="ViewModels\TenantEditViewModel.cs" />
     <Compile Include="ViewModels\TenantAddViewModel.cs" />
     <Compile Include="ViewModels\TenantsIndexViewModel.cs" />
-    <Compile Include="Permissions.cs" />
     <Compile Include="Properties\AssemblyInfo.cs" />
   </ItemGroup>
   <ItemGroup>
diff --git a/src/Orchard.Web/Modules/Orchard.MultiTenancy/Permissions.cs b/src/Orchard.Web/Modules/Orchard.MultiTenancy/Permissions.cs
deleted file mode 100644
index 74cbb8fad..000000000
--- a/src/Orchard.Web/Modules/Orchard.MultiTenancy/Permissions.cs
+++ /dev/null
@@ -1,27 +0,0 @@
-using System.Collections.Generic;
-using Orchard.Environment.Extensions.Models;
-using Orchard.Security.Permissions;
-
-namespace Orchard.MultiTenancy {
-    public class Permissions : IPermissionProvider {
-        public static readonly Permission ManageTenants = new Permission { Description = "Modifying Tenants of a Site", Name = "ManageTenants" };
-
-        public virtual Feature Feature { get; set; }
-
-        public IEnumerable<Permission> GetPermissions() {
-            return new[] {
-                ManageTenants
-            };
-        }
-
-        public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
-            return new[] {
-                new PermissionStereotype {
-                    Name = "Administrator",
-                    Permissions = new[] {ManageTenants}
-                },
-            };
-        }
-
-    }
-}
\ No newline at end of file
diff --git a/src/Orchard.Web/Modules/Orchard.Roles/AdminMenu.cs b/src/Orchard.Web/Modules/Orchard.Roles/AdminMenu.cs
index 323fc7f73..c1fde8b66 100644
--- a/src/Orchard.Web/Modules/Orchard.Roles/AdminMenu.cs
+++ b/src/Orchard.Web/Modules/Orchard.Roles/AdminMenu.cs
@@ -1,5 +1,6 @@
 using Orchard.Localization;
 using Orchard.UI.Navigation;
+using Orchard.Security;
 
 namespace Orchard.Roles {
     public class AdminMenu : INavigationProvider {
@@ -9,7 +10,7 @@ namespace Orchard.Roles {
         public void GetNavigation(NavigationBuilder builder) {
             builder.Add(T("Users"), "40",
                 menu => menu.Add(T("Roles"), "2.0", item => item.Action("Index", "Admin", new { area = "Orchard.Roles" })
-                    .Permission(Permissions.ManageRoles)));
+                    .Permission(StandardPermissions.SiteOwner)));
         }
     }
 }
diff --git a/src/Orchard.Web/Modules/Orchard.Roles/Controllers/AdminController.cs b/src/Orchard.Web/Modules/Orchard.Roles/Controllers/AdminController.cs
index 63bfadd5b..f81140e6b 100644
--- a/src/Orchard.Web/Modules/Orchard.Roles/Controllers/AdminController.cs
+++ b/src/Orchard.Web/Modules/Orchard.Roles/Controllers/AdminController.cs
@@ -32,7 +32,7 @@ namespace Orchard.Roles.Controllers {
 
 
         public ActionResult Index() {
-            if (!Services.Authorizer.Authorize(Permissions.ManageRoles, T("Not authorized to manage roles")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to manage roles")))
                 return new HttpUnauthorizedResult();
 
             var model = new RolesIndexViewModel { Rows = _roleService.GetRoles().ToList() };
@@ -42,7 +42,7 @@ namespace Orchard.Roles.Controllers {
 
         [HttpPost, ActionName("Index")]
         public ActionResult IndexPOST() {
-            if (!Services.Authorizer.Authorize(Permissions.ManageRoles, T("Not authorized to manage roles")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to manage roles")))
                 return new HttpUnauthorizedResult();
 
             try {
@@ -61,7 +61,7 @@ namespace Orchard.Roles.Controllers {
         }
 
         public ActionResult Create() {
-            if (!Services.Authorizer.Authorize(Permissions.ManageRoles, T("Not authorized to manage roles")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to manage roles")))
                 return new HttpUnauthorizedResult();
 
             var model = new RoleCreateViewModel { FeaturePermissions = _roleService.GetInstalledPermissions() };
@@ -70,7 +70,7 @@ namespace Orchard.Roles.Controllers {
 
         [HttpPost, ActionName("Create")]
         public ActionResult CreatePOST() {
-            if (!Services.Authorizer.Authorize(Permissions.ManageRoles, T("Not authorized to manage roles")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to manage roles")))
                 return new HttpUnauthorizedResult();
 
             var viewModel = new RoleCreateViewModel();
@@ -93,7 +93,7 @@ namespace Orchard.Roles.Controllers {
         }
 
         public ActionResult Edit(int id) {
-            if (!Services.Authorizer.Authorize(Permissions.ManageRoles, T("Not authorized to manage roles")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to manage roles")))
                 return new HttpUnauthorizedResult();
 
             var role = _roleService.GetRole(id);
@@ -119,7 +119,7 @@ namespace Orchard.Roles.Controllers {
         [HttpPost, ActionName("Edit")]
         [FormValueRequired("submit.Save")]
         public ActionResult EditSavePOST(int id) {
-            if (!Services.Authorizer.Authorize(Permissions.ManageRoles, T("Not authorized to manage roles")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to manage roles")))
                 return new HttpUnauthorizedResult();
 
             var viewModel = new RoleEditViewModel();
@@ -152,7 +152,7 @@ namespace Orchard.Roles.Controllers {
 
         [HttpPost]
         public ActionResult Delete(int id, string returnUrl) {
-            if (!Services.Authorizer.Authorize(Permissions.ManageRoles, T("Not authorized to manage roles")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to manage roles")))
                 return new HttpUnauthorizedResult();
 
             try {
diff --git a/src/Orchard.Web/Modules/Orchard.Roles/Drivers/UserRolesPartDriver.cs b/src/Orchard.Web/Modules/Orchard.Roles/Drivers/UserRolesPartDriver.cs
index cedc19a43..f0deee611 100644
--- a/src/Orchard.Web/Modules/Orchard.Roles/Drivers/UserRolesPartDriver.cs
+++ b/src/Orchard.Web/Modules/Orchard.Roles/Drivers/UserRolesPartDriver.cs
@@ -44,7 +44,7 @@ namespace Orchard.Roles.Drivers {
 
         protected override DriverResult Editor(UserRolesPart userRolesPart, dynamic shapeHelper) {
             // don't show editor without apply roles permission
-            if (!_authorizationService.TryCheckAccess(Permissions.ApplyRoles, _authenticationService.GetAuthenticatedUser(), userRolesPart))
+            if (!_authorizationService.TryCheckAccess(StandardPermissions.SiteOwner, _authenticationService.GetAuthenticatedUser(), userRolesPart))
                 return null;
 
             return ContentShape("Parts_Roles_UserRoles_Edit",
@@ -64,7 +64,7 @@ namespace Orchard.Roles.Drivers {
 
         protected override DriverResult Editor(UserRolesPart userRolesPart, IUpdateModel updater, dynamic shapeHelper) {
             // don't apply editor without apply roles permission
-            if (!_authorizationService.TryCheckAccess(Permissions.ApplyRoles, _authenticationService.GetAuthenticatedUser(), userRolesPart))
+            if (!_authorizationService.TryCheckAccess(StandardPermissions.SiteOwner, _authenticationService.GetAuthenticatedUser(), userRolesPart))
                 return null;
 
             var model = BuildEditorViewModel(userRolesPart);
diff --git a/src/Orchard.Web/Modules/Orchard.Roles/Orchard.Roles.csproj b/src/Orchard.Web/Modules/Orchard.Roles/Orchard.Roles.csproj
index 5e9f933d3..7dd2d65f1 100644
--- a/src/Orchard.Web/Modules/Orchard.Roles/Orchard.Roles.csproj
+++ b/src/Orchard.Web/Modules/Orchard.Roles/Orchard.Roles.csproj
@@ -56,7 +56,6 @@
     <Compile Include="DefaultRoleUpdater.cs" />
     <Compile Include="Models\IUserRoles.cs" />
     <Compile Include="Models\UserSimulation.cs" />
-    <Compile Include="Permissions.cs" />
     <Compile Include="Models\PermissionRecord.cs" />
     <Compile Include="Models\RoleRecord.cs" />
     <Compile Include="Models\UserRolesPart.cs" />
diff --git a/src/Orchard.Web/Modules/Orchard.Roles/Permissions.cs b/src/Orchard.Web/Modules/Orchard.Roles/Permissions.cs
deleted file mode 100644
index d55947cac..000000000
--- a/src/Orchard.Web/Modules/Orchard.Roles/Permissions.cs
+++ /dev/null
@@ -1,30 +0,0 @@
-using System.Collections.Generic;
-using JetBrains.Annotations;
-using Orchard.Environment.Extensions.Models;
-using Orchard.Security.Permissions;
-
-namespace Orchard.Roles {
-    [UsedImplicitly]
-    public class Permissions : IPermissionProvider {
-        public static readonly Permission ManageRoles = new Permission { Description = "Create and manage roles", Name = "ManageRoles" };
-        public static readonly Permission ApplyRoles = new Permission { Description = "Assign users to roles", Name = "AssignUsersToRoles", ImpliedBy = new[] { ManageRoles } };
-
-        public virtual Feature Feature { get; set; }
-
-        public IEnumerable<Permission> GetPermissions() {
-            return new[] {
-                ManageRoles,
-                ApplyRoles,
-            };
-        }
-
-        public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
-            return new[] {
-                new PermissionStereotype {
-                    Name = "Administrator",
-                    Permissions = new[] {ManageRoles, ApplyRoles}
-                }
-            };
-        }
-    }
-}
diff --git a/src/Orchard.Web/Modules/Orchard.Roles/Services/RolesBasedAuthorizationService.cs b/src/Orchard.Web/Modules/Orchard.Roles/Services/RolesBasedAuthorizationService.cs
index 1f8d67b2b..60ede71b2 100644
--- a/src/Orchard.Web/Modules/Orchard.Roles/Services/RolesBasedAuthorizationService.cs
+++ b/src/Orchard.Web/Modules/Orchard.Roles/Services/RolesBasedAuthorizationService.cs
@@ -114,6 +114,8 @@ namespace Orchard.Roles.Services {
                     }
                 }
             }
+
+            yield return StandardPermissions.SiteOwner.Name;
         }
 
     }
diff --git a/src/Orchard.Web/Modules/Orchard.Setup/Annotations/SetupValidationAttributes.cs b/src/Orchard.Web/Modules/Orchard.Setup/Annotations/SetupValidationAttributes.cs
new file mode 100644
index 000000000..3f91ed9de
--- /dev/null
+++ b/src/Orchard.Web/Modules/Orchard.Setup/Annotations/SetupValidationAttributes.cs
@@ -0,0 +1,88 @@
+using Orchard.Localization;
+
+namespace Orchard.Setup.Annotations {
+    public class SiteNameValidAttribute : System.ComponentModel.DataAnnotations.RangeAttribute {
+        private string _value;
+
+        public SiteNameValidAttribute(int maximumLength)
+            : base(1, maximumLength) {
+            T = NullLocalizer.Instance;
+        }
+
+        public Localizer T { get; set; }
+
+        public override bool IsValid(object value) {
+            _value = (value as string) ?? "";
+            return base.IsValid(_value.Trim().Length);
+        }
+
+        public override string FormatErrorMessage(string name) {
+            if (string.IsNullOrWhiteSpace(_value))
+                return T("Site name is required.").Text;
+
+            return T("Site name can be no longer than {0} characters.", Maximum).Text;
+        }
+    }
+
+    public class UserNameValidAttribute : System.ComponentModel.DataAnnotations.RangeAttribute {
+        private string _value;
+
+        public UserNameValidAttribute(int minimumLength, int maximumLength)
+            : base(minimumLength, maximumLength) {
+            T = NullLocalizer.Instance;
+        }
+
+        public Localizer T { get; set; }
+
+        public override bool IsValid(object value) {
+            _value = (value as string) ?? "";
+            return base.IsValid(_value.Trim().Length);
+        }
+
+        public override string FormatErrorMessage(string name) {
+            if (string.IsNullOrEmpty(_value))
+                return T("User name is required.").Text;
+
+            return _value.Length < (int)Minimum
+                ? T("User name must be longer than {0} characters.", Minimum).Text
+                : T("User name can be no longer than {0} characters.", Maximum).Text;
+        }
+    }
+
+    public class PasswordValidAttribute : System.ComponentModel.DataAnnotations.RangeAttribute {
+        private string _value;
+
+        public PasswordValidAttribute(int minimumLength, int maximumLength)
+            : base(minimumLength, maximumLength) {
+            T = NullLocalizer.Instance;
+        }
+
+        public Localizer T { get; set; }
+
+        public override bool IsValid(object value) {
+            _value = (value as string) ?? "";
+            return base.IsValid(_value.Trim().Length);
+        }
+
+        public override string FormatErrorMessage(string name) {
+            if (string.IsNullOrEmpty(_value))
+                return T("Password is required.").Text;
+
+            return _value.Length < (int)Minimum
+                ? T("Password must be longer than {0} characters.", Minimum).Text
+                : T("Password can be no longer than {0} characters.", Maximum).Text;
+        }
+    }
+
+    public class PasswordConfirmationRequiredAttribute : System.ComponentModel.DataAnnotations.RequiredAttribute {
+        public PasswordConfirmationRequiredAttribute() {
+            T = NullLocalizer.Instance;
+        }
+
+        public Localizer T { get; set; }
+
+        public override string FormatErrorMessage(string name) {
+            return T("Password confirmation is required.").Text;
+        }
+    }
+}
\ No newline at end of file
diff --git a/src/Orchard.Web/Modules/Orchard.Setup/Orchard.Setup.csproj b/src/Orchard.Web/Modules/Orchard.Setup/Orchard.Setup.csproj
index 9a3f09c68..12269923f 100644
--- a/src/Orchard.Web/Modules/Orchard.Setup/Orchard.Setup.csproj
+++ b/src/Orchard.Web/Modules/Orchard.Setup/Orchard.Setup.csproj
@@ -61,6 +61,7 @@
     <Reference Include="System.Xml" />
   </ItemGroup>
   <ItemGroup>
+    <Compile Include="Annotations\SetupValidationAttributes.cs" />
     <Compile Include="Annotations\SqlDatabaseConnectionStringAttribute.cs" />
     <Compile Include="Annotations\StringLengthMin.cs" />
     <Compile Include="Commands\SetupCommand.cs" />
diff --git a/src/Orchard.Web/Modules/Orchard.Setup/ViewModels/SetupViewModel.cs b/src/Orchard.Web/Modules/Orchard.Setup/ViewModels/SetupViewModel.cs
index 44bd91ce8..6bd99e684 100644
--- a/src/Orchard.Web/Modules/Orchard.Setup/ViewModels/SetupViewModel.cs
+++ b/src/Orchard.Web/Modules/Orchard.Setup/ViewModels/SetupViewModel.cs
@@ -1,4 +1,3 @@
-using System.ComponentModel.DataAnnotations;
 using Orchard.Setup.Annotations;
 
 namespace Orchard.Setup.ViewModels {
@@ -7,13 +6,13 @@ namespace Orchard.Setup.ViewModels {
             DatabaseOptions = true;
         }
 
-        [Required(ErrorMessage = "Site name is required."), StringLength(70, ErrorMessage = "Site name can be no longer than 70 characters.")]
+        [SiteNameValid(maximumLength: 70)]
         public string SiteName { get; set; }
-        [Required(ErrorMessage = "User name is required."), StringLengthMin(3, ErrorMessage = "User name must be longer than 3 characters."), StringLength(25, ErrorMessage = "User name can be no longer than 25 characters.")]
+        [UserNameValid(minimumLength: 3, maximumLength: 25)]
         public string AdminUsername { get; set; }
-        [Required(ErrorMessage = "Password is required."), StringLengthMin(6, ErrorMessage = "Password must be longer than 6 characters."), StringLength(50, ErrorMessage = "Password can be no longer than 50 characters.")]
+        [PasswordValid(minimumLength: 6, maximumLength: 50)]
         public string AdminPassword { get; set; }
-        [Required(ErrorMessage = "Password confirmation is required.")]
+        [PasswordConfirmationRequired]
         public string ConfirmPassword { get; set; }
         public bool DatabaseOptions { get; set; }
         [SqlDatabaseConnectionString]
diff --git a/src/Orchard.Web/Modules/Orchard.Tags/Controllers/AdminController.cs b/src/Orchard.Web/Modules/Orchard.Tags/Controllers/AdminController.cs
index 7c8a31c11..8043121ce 100644
--- a/src/Orchard.Web/Modules/Orchard.Tags/Controllers/AdminController.cs
+++ b/src/Orchard.Web/Modules/Orchard.Tags/Controllers/AdminController.cs
@@ -70,9 +70,6 @@ namespace Orchard.Tags.Controllers {
                 ViewData["CreateTag"] = viewModel;
                 return Index();
             }
-
-            if (!Services.Authorizer.Authorize(Permissions.CreateTag, T("Couldn't create tag")))
-                return new HttpUnauthorizedResult();
             
             _tagService.CreateTag(viewModel.TagName);
             
diff --git a/src/Orchard.Web/Modules/Orchard.Tags/Drivers/TagsPartDriver.cs b/src/Orchard.Web/Modules/Orchard.Tags/Drivers/TagsPartDriver.cs
index b3a4821c0..046e21e42 100644
--- a/src/Orchard.Web/Modules/Orchard.Tags/Drivers/TagsPartDriver.cs
+++ b/src/Orchard.Web/Modules/Orchard.Tags/Drivers/TagsPartDriver.cs
@@ -34,17 +34,11 @@ namespace Orchard.Tags.Drivers {
         }
 
         protected override DriverResult Editor(TagsPart part, dynamic shapeHelper) {
-            if (!_authorizationService.TryCheckAccess(Permissions.ApplyTag, _orchardServices.WorkContext.CurrentUser, part))
-                return null;
-
             return ContentShape("Parts_Tags_Edit",
                     () => shapeHelper.EditorTemplate(TemplateName: TemplateName, Model: BuildEditorViewModel(part), Prefix: Prefix));
         }
 
         protected override DriverResult Editor(TagsPart part, IUpdateModel updater, dynamic shapeHelper) {
-            if (!_authorizationService.TryCheckAccess(Permissions.ApplyTag, _orchardServices.WorkContext.CurrentUser, part))
-                return null;
-
             var model = new EditTagsViewModel();
             updater.TryUpdateModel(model, Prefix, null, null);
 
diff --git a/src/Orchard.Web/Modules/Orchard.Tags/Permissions.cs b/src/Orchard.Web/Modules/Orchard.Tags/Permissions.cs
index 0c2a704de..acb896945 100644
--- a/src/Orchard.Web/Modules/Orchard.Tags/Permissions.cs
+++ b/src/Orchard.Web/Modules/Orchard.Tags/Permissions.cs
@@ -5,16 +5,12 @@ using Orchard.Security.Permissions;
 namespace Orchard.Tags {
     public class Permissions : IPermissionProvider {
         public static readonly Permission ManageTags = new Permission { Description = "Manage tags", Name = "ManageTags" };
-        public static readonly Permission CreateTag = new Permission { Description = "Create tag", Name = "CreateTag", ImpliedBy = new[] { ManageTags } };
-        public static readonly Permission ApplyTag = new Permission { Description = "Applying a Tag", Name = "ApplyTag", ImpliedBy = new[] { ManageTags, CreateTag } };
 
         public virtual Feature Feature { get; set; }
 
         public IEnumerable<Permission> GetPermissions() {
             return new[] {
                 ManageTags,
-                CreateTag,
-                ApplyTag,
             };
         }
 
@@ -34,11 +30,9 @@ namespace Orchard.Tags {
                 },
                 new PermissionStereotype {
                     Name = "Author",
-                    Permissions = new[] {CreateTag, ApplyTag}
                 },
                 new PermissionStereotype {
                     Name = "Contributor",
-                    Permissions = new[] {ApplyTag}
                 },
             };
         }
diff --git a/src/Orchard.Web/Modules/Orchard.Tags/Services/TagService.cs b/src/Orchard.Web/Modules/Orchard.Tags/Services/TagService.cs
index 7f545feb9..53f91f57d 100644
--- a/src/Orchard.Web/Modules/Orchard.Tags/Services/TagService.cs
+++ b/src/Orchard.Web/Modules/Orchard.Tags/Services/TagService.cs
@@ -51,7 +51,6 @@ namespace Orchard.Tags.Services {
         public TagRecord CreateTag(string tagName) {
             var result = _tagRepository.Get(x => x.TagName == tagName);
             if (result == null) {
-                _authorizationService.CheckAccess(Permissions.CreateTag, _orchardServices.WorkContext.CurrentUser, null);
                 result = new TagRecord { TagName = tagName };
                 _tagRepository.Create(result);
             }
@@ -151,14 +150,12 @@ namespace Orchard.Tags.Services {
             if (contentItem.Id == 0)
                 throw new OrchardException(T("Error adding tag to content item: the content item has not been created yet."));
 
-            var tags = tagNamesForContentItem.Select(name => CreateTag(name));
+            var tags = tagNamesForContentItem.Select(CreateTag);
             var newTagsForContentItem = new List<TagRecord>(tags);
             var currentTagsForContentItem = _contentTagRepository.Fetch(x => x.TagsPartRecord.Id == contentItem.Id);
 
             foreach (var tagContentItem in currentTagsForContentItem) {
                 if (!newTagsForContentItem.Contains(tagContentItem.TagRecord)) {
-                    _authorizationService.CheckAccess(Permissions.ApplyTag, _orchardServices.WorkContext.CurrentUser, null);
-
                     _contentTagRepository.Delete(tagContentItem);
                 }
                 else {
@@ -167,8 +164,6 @@ namespace Orchard.Tags.Services {
             }
 
             foreach (var newTagForContentItem in newTagsForContentItem) {
-                _authorizationService.CheckAccess(Permissions.ApplyTag, _orchardServices.WorkContext.CurrentUser, null);
-
                 _contentTagRepository.Create(new ContentTagRecord { TagsPartRecord = contentItem.As<TagsPart>().Record, TagRecord = newTagForContentItem });
             }
         }
diff --git a/src/Orchard.Web/Modules/Orchard.Tags/Services/XmlRpcHandler.cs b/src/Orchard.Web/Modules/Orchard.Tags/Services/XmlRpcHandler.cs
index 2654e623c..6084761b9 100644
--- a/src/Orchard.Web/Modules/Orchard.Tags/Services/XmlRpcHandler.cs
+++ b/src/Orchard.Web/Modules/Orchard.Tags/Services/XmlRpcHandler.cs
@@ -141,7 +141,6 @@ namespace Orchard.Tags.Services {
 
         private void MetaWeblogUpdateTags(int contentItemId, string appKey, string userName, string password, XRpcStruct content, bool publish, ICollection<IXmlRpcDriver> drivers) {
             var user = _membershipService.ValidateUser(userName, password);
-            _authorizationService.CheckAccess(Permissions.ApplyTag, user, null);
 
             var rawTags = content.Optional<string>("mt_keywords");
             if (string.IsNullOrWhiteSpace(rawTags))
diff --git a/src/Orchard.Web/Modules/Orchard.Themes/AdminMenu.cs b/src/Orchard.Web/Modules/Orchard.Themes/AdminMenu.cs
index 7ff662f9e..9e4f962f1 100644
--- a/src/Orchard.Web/Modules/Orchard.Themes/AdminMenu.cs
+++ b/src/Orchard.Web/Modules/Orchard.Themes/AdminMenu.cs
@@ -9,7 +9,6 @@ namespace Orchard.Themes {
         public void GetNavigation(NavigationBuilder builder) {
             builder.Add(T("Themes"), "25",
                 menu => menu.Add(T("List"), "0", item => item.Action("Index", "Admin", new { area = "Orchard.Themes" })
-                    .Permission(Permissions.ManageThemes)
                     .Permission(Permissions.ApplyTheme)));
         }
     }
diff --git a/src/Orchard.Web/Modules/Orchard.Themes/Controllers/AdminController.cs b/src/Orchard.Web/Modules/Orchard.Themes/Controllers/AdminController.cs
index b5834ddd6..a9ca18d18 100644
--- a/src/Orchard.Web/Modules/Orchard.Themes/Controllers/AdminController.cs
+++ b/src/Orchard.Web/Modules/Orchard.Themes/Controllers/AdminController.cs
@@ -9,6 +9,7 @@ using Orchard.Environment.Extensions.Models;
 using Orchard.Environment.Features;
 using Orchard.Localization;
 using Orchard.Reports.Services;
+using Orchard.Security;
 using Orchard.Themes.Preview;
 using Orchard.Themes.Services;
 using Orchard.Themes.ViewModels;
@@ -164,7 +165,7 @@ namespace Orchard.Themes.Controllers {
 
         [HttpPost]
         public ActionResult Update(string themeName) {
-            if (!Services.Authorizer.Authorize(Permissions.ManageThemes, T("Couldn't update theme")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Couldn't update theme")))
                 return new HttpUnauthorizedResult();
 
             if (string.IsNullOrEmpty(themeName))
diff --git a/src/Orchard.Web/Modules/Orchard.Themes/Permissions.cs b/src/Orchard.Web/Modules/Orchard.Themes/Permissions.cs
index 867e0b7c5..e597ad7fa 100644
--- a/src/Orchard.Web/Modules/Orchard.Themes/Permissions.cs
+++ b/src/Orchard.Web/Modules/Orchard.Themes/Permissions.cs
@@ -4,14 +4,12 @@ using Orchard.Security.Permissions;
 
 namespace Orchard.Themes {
     public class Permissions : IPermissionProvider {
-        public static readonly Permission ManageThemes = new Permission { Description = "Manage Themes", Name = "ManageThemes" };
         public static readonly Permission ApplyTheme = new Permission { Description = "Apply a Theme", Name = "ApplyTheme" };
 
         public virtual Feature Feature { get; set; }
 
         public IEnumerable<Permission> GetPermissions() {
             return new[] {
-                                        ManageThemes,
                                         ApplyTheme,
                                     };
         }
@@ -20,7 +18,7 @@ namespace Orchard.Themes {
             return new[] {
                              new PermissionStereotype {
                                                           Name = "Administrator",
-                                                          Permissions = new[] {ManageThemes, ApplyTheme}
+                                                          Permissions = new[] {ApplyTheme}
                                                       },
                          };
         }
diff --git a/src/Orchard.Web/Modules/Orchard.Users/AdminMenu.cs b/src/Orchard.Web/Modules/Orchard.Users/AdminMenu.cs
index 61fd94b74..bb70a843e 100644
--- a/src/Orchard.Web/Modules/Orchard.Users/AdminMenu.cs
+++ b/src/Orchard.Web/Modules/Orchard.Users/AdminMenu.cs
@@ -1,4 +1,5 @@
 using Orchard.Localization;
+using Orchard.Security;
 using Orchard.UI.Navigation;
 
 namespace Orchard.Users {
@@ -9,7 +10,7 @@ namespace Orchard.Users {
         public void GetNavigation(NavigationBuilder builder) {
             builder.Add(T("Users"), "40",
                 menu => menu.Add(T("Users"), "1.0", item => item.Action("Index", "Admin", new { area = "Orchard.Users" })
-                    .Permission(Permissions.ManageUsers)));
+                    .Permission(StandardPermissions.SiteOwner)));
         }
     }
 }
diff --git a/src/Orchard.Web/Modules/Orchard.Users/Controllers/AdminController.cs b/src/Orchard.Web/Modules/Orchard.Users/Controllers/AdminController.cs
index bdc1f9adc..20f91fa65 100644
--- a/src/Orchard.Web/Modules/Orchard.Users/Controllers/AdminController.cs
+++ b/src/Orchard.Web/Modules/Orchard.Users/Controllers/AdminController.cs
@@ -40,7 +40,7 @@ namespace Orchard.Users.Controllers {
         public Localizer T { get; set; }
 
         public ActionResult Index() {
-            if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to list users")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to list users")))
                 return new HttpUnauthorizedResult();
 
             var users = Services.ContentManager
@@ -58,7 +58,7 @@ namespace Orchard.Users.Controllers {
         }
 
         public ActionResult Create() {
-            if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to manage users")))
                 return new HttpUnauthorizedResult();
 
             var user = Services.ContentManager.New<IUser>("User");
@@ -73,7 +73,7 @@ namespace Orchard.Users.Controllers {
 
         [HttpPost, ActionName("Create")]
         public ActionResult CreatePOST(UserCreateViewModel createModel) {
-            if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to manage users")))
                 return new HttpUnauthorizedResult();
 
             if (!string.IsNullOrEmpty(createModel.UserName)) {
@@ -114,7 +114,7 @@ namespace Orchard.Users.Controllers {
         }
 
         public ActionResult Edit(int id) {
-            if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to manage users")))
                 return new HttpUnauthorizedResult();
 
             var user = Services.ContentManager.Get<UserPart>(id);
@@ -129,7 +129,7 @@ namespace Orchard.Users.Controllers {
 
         [HttpPost, ActionName("Edit")]
         public ActionResult EditPOST(int id) {
-            if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to manage users")))
                 return new HttpUnauthorizedResult();
 
             var user = Services.ContentManager.Get<UserPart>(id);
@@ -169,7 +169,7 @@ namespace Orchard.Users.Controllers {
         }
 
         public ActionResult Delete(int id) {
-            if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")))
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to manage users")))
                 return new HttpUnauthorizedResult();
 
             var user = Services.ContentManager.Get<IUser>(id);
@@ -191,7 +191,7 @@ namespace Orchard.Users.Controllers {
         }
 
         public ActionResult SendChallengeEmail(int id) {
-            if ( !Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")) )
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to manage users")))
                 return new HttpUnauthorizedResult();
 
             var user = Services.ContentManager.Get(id);
@@ -206,7 +206,7 @@ namespace Orchard.Users.Controllers {
         }
 
         public ActionResult Approve(int id) {
-            if ( !Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")) )
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to manage users")))
                 return new HttpUnauthorizedResult();
 
             var user = Services.ContentManager.Get(id);
@@ -220,7 +220,7 @@ namespace Orchard.Users.Controllers {
         }
 
         public ActionResult Moderate(int id) {
-            if ( !Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")) )
+            if (!Services.Authorizer.Authorize(StandardPermissions.SiteOwner, T("Not authorized to manage users")))
                 return new HttpUnauthorizedResult();
 
             var user = Services.ContentManager.Get<IUser>(id);
diff --git a/src/Orchard.Web/Modules/Orchard.Users/Orchard.Users.csproj b/src/Orchard.Web/Modules/Orchard.Users/Orchard.Users.csproj
index a61a69717..ebd7505ae 100644
--- a/src/Orchard.Web/Modules/Orchard.Users/Orchard.Users.csproj
+++ b/src/Orchard.Web/Modules/Orchard.Users/Orchard.Users.csproj
@@ -69,7 +69,6 @@
     <Compile Include="Handlers\UserPartHandler.cs" />
     <Compile Include="Models\UserPartRecord.cs" />
     <Compile Include="Models\UserStatus.cs" />
-    <Compile Include="Permissions.cs" />
     <Compile Include="Properties\AssemblyInfo.cs" />
     <Compile Include="Services\IUserService.cs" />
     <Compile Include="Services\MembershipService.cs" />
diff --git a/src/Orchard.Web/Modules/Orchard.Users/Permissions.cs b/src/Orchard.Web/Modules/Orchard.Users/Permissions.cs
deleted file mode 100644
index 9b58052d2..000000000
--- a/src/Orchard.Web/Modules/Orchard.Users/Permissions.cs
+++ /dev/null
@@ -1,29 +0,0 @@
-using System.Collections.Generic;
-using JetBrains.Annotations;
-using Orchard.Environment.Extensions.Models;
-using Orchard.Security.Permissions;
-
-namespace Orchard.Users {
-    [UsedImplicitly]
-    public class Permissions : IPermissionProvider {
-        public static readonly Permission ManageUsers = new Permission { Description = "Manage users", Name = "ManageUsers" };
-
-        public virtual Feature Feature { get; set; }
-
-        public IEnumerable<Permission> GetPermissions() {
-            return new[] {
-                ManageUsers,
-            };
-        }
-
-        public IEnumerable<PermissionStereotype> GetDefaultStereotypes() {
-            return new[] {
-                new PermissionStereotype {
-                    Name = "Administrator",
-                    Permissions = new[] {ManageUsers}
-                }
-            };
-        }
-
-    }
-}
diff --git a/src/Orchard/Security/StandardPermissions.cs b/src/Orchard/Security/StandardPermissions.cs
index f4123fe6d..f6a862d06 100644
--- a/src/Orchard/Security/StandardPermissions.cs
+++ b/src/Orchard/Security/StandardPermissions.cs
@@ -8,6 +8,7 @@ namespace Orchard.Security {
     public class StandardPermissions : IPermissionProvider {
         public static readonly Permission AccessAdminPanel = new Permission { Name = "AccessAdminPanel", Description = "Access admin panel" };
         public static readonly Permission AccessFrontEnd = new Permission { Name = "AccessFrontEnd", Description = "Access site front-end" };
+        public static readonly Permission SiteOwner = new Permission { Name = "SiteOwner", Description = "Site Owners Permission" }; 
 
         public Feature Feature {
             get {
@@ -31,6 +32,7 @@ namespace Orchard.Security {
             return new[] {
                 AccessAdminPanel,
                 AccessFrontEnd,
+                SiteOwner
             };
         }
 
@@ -38,7 +40,7 @@ namespace Orchard.Security {
             return new[] {
                 new PermissionStereotype {
                     Name = "Administrator",
-                    Permissions = new[] {AccessAdminPanel}
+                    Permissions = new[] {SiteOwner, AccessAdminPanel}
                 },
                 new PermissionStereotype {
                     Name = "Anonymous",