diff --git a/src/Orchard.Web/Core/Orchard.Core.csproj b/src/Orchard.Web/Core/Orchard.Core.csproj
index acfc5ebd3..13ce3aa62 100644
--- a/src/Orchard.Web/Core/Orchard.Core.csproj
+++ b/src/Orchard.Web/Core/Orchard.Core.csproj
@@ -88,6 +88,7 @@
     <Compile Include="Themes\Models\Theme.cs" />
     <Compile Include="Themes\Models\ThemeSiteSettings.cs" />
     <Compile Include="Themes\Models\ThemeSiteSettingsHandler.cs" />
+    <Compile Include="Themes\Permissions.cs" />
     <Compile Include="Themes\Records\ThemeRecord.cs" />
     <Compile Include="Themes\Records\ThemeSiteSettingsRecord.cs" />
     <Compile Include="Themes\Services\ThemeService.cs" />
diff --git a/src/Orchard.Web/Core/Themes/Controllers/AdminController.cs b/src/Orchard.Web/Core/Themes/Controllers/AdminController.cs
index 170c0b58a..a3ad751ca 100644
--- a/src/Orchard.Web/Core/Themes/Controllers/AdminController.cs
+++ b/src/Orchard.Web/Core/Themes/Controllers/AdminController.cs
@@ -3,6 +3,7 @@ using System.Web;
 using System.Web.Mvc;
 using Orchard.Core.Themes.ViewModels;
 using Orchard.Localization;
+using Orchard.Security;
 using Orchard.Themes;
 using Orchard.UI.Notify;
 using Orchard.Mvc.ViewModels;
@@ -11,15 +12,18 @@ namespace Orchard.Core.Themes.Controllers {
     [ValidateInput(false)]
     public class AdminController : Controller {
         private readonly IThemeService _themeService;
+        private readonly IAuthorizer _authorizer;
         private readonly INotifier _notifier;
 
-        public AdminController(IThemeService themeService, INotifier notifier) {
+        public AdminController(IThemeService themeService, IAuthorizer authorizer, INotifier notifier) {
             _themeService = themeService;
+            _authorizer = authorizer;
             _notifier = notifier;
             T = NullLocalizer.Instance;
         }
 
         public Localizer T { get; set; }
+        public IUser CurrentUser { get; set; }
 
         public ActionResult Index() {
             try {
@@ -36,6 +40,8 @@ namespace Orchard.Core.Themes.Controllers {
 
         public ActionResult Activate(string themeName) {
             try {
+                if (!_authorizer.Authorize(Permissions.SetCurrentTheme, T("Couldn't set the current theme")))
+                    return new HttpUnauthorizedResult();
                 _themeService.SetCurrentTheme(themeName);
                 return RedirectToAction("Index");
             }
@@ -52,6 +58,8 @@ namespace Orchard.Core.Themes.Controllers {
         [AcceptVerbs(HttpVerbs.Post)]
         public ActionResult Install(FormCollection input) {
             try {
+                if (!_authorizer.Authorize(Permissions.InstallUninstallTheme, T("Couldn't install theme")))
+                    return new HttpUnauthorizedResult();
                 foreach (string fileName in Request.Files) {
                     HttpPostedFileBase file = Request.Files[fileName];
                     _themeService.InstallTheme(file);
diff --git a/src/Orchard.Web/Core/Themes/Permissions.cs b/src/Orchard.Web/Core/Themes/Permissions.cs
new file mode 100644
index 000000000..beb39281b
--- /dev/null
+++ b/src/Orchard.Web/Core/Themes/Permissions.cs
@@ -0,0 +1,22 @@
+using System.Collections.Generic;
+using Orchard.Security.Permissions;
+
+namespace Orchard.Core.Themes {
+    public class Permissions : IPermissionProvider {
+        public static readonly Permission InstallUninstallTheme = new Permission { Description = "Installing or Uninstalling Themes", Name = "InstallUninstallTheme" };
+        public static readonly Permission SetCurrentTheme = new Permission { Description = "Setting the Current Theme", Name = "SetCurrentTheme" };
+
+        public string PackageName {
+            get {
+                return "Themes";
+            }
+        }
+
+        public IEnumerable<Permission> GetPermissions() {
+            return new List<Permission> {
+                SetCurrentTheme,
+                InstallUninstallTheme
+            };
+        }
+    }
+}
\ No newline at end of file