diff --git a/.gitignore b/.gitignore
index 1ccba37f3..93fc5717f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,4 +4,7 @@ dist
 *.egg-info
 *.pot
 .DS_store
-fabfile.py
\ No newline at end of file
+fabfile.py
+.settings/
+.project
+.pydevproject
diff --git a/AUTHORS b/AUTHORS
index ca797aa05..3962112f2 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -3,3 +3,4 @@ Axel Swoboda <axel@vonautomatisch.at>
 Klemens Mantzos <klemens@fetzig.at>
 Vaclav Mikolasek <vaclav.mikolasek@gmail.com>
 Tim Graham <timograham@gmail.com>
+Antonio Angelino <angelino.antonio@gmail.com>
\ No newline at end of file
diff --git a/filebrowser/permissions.py b/filebrowser/permissions.py
new file mode 100644
index 000000000..84275d848
--- /dev/null
+++ b/filebrowser/permissions.py
@@ -0,0 +1,25 @@
+from django.db import models
+from django.contrib.auth.models import Permission
+from django.contrib.contenttypes.models import ContentType
+
+
+class FileBrowserPermissionManager(models.Manager):
+    def get_queryset(self):
+        return super(FileBrowserPermissionManager, self).\
+            get_queryset().filter(content_type__name='filebrowser_permission')
+
+
+class FileBrowserPermission(Permission):
+    """Permission for the file browser, not attached to a model"""
+
+    objects = FileBrowserPermissionManager()
+
+    class Meta:
+        proxy = True
+
+    def save(self, *args, **kwargs):
+        ct, created = ContentType.objects.get_or_create(
+            name="filebrowser", app_label=self._meta.app_label
+        )
+        self.content_type = ct
+        super(FileBrowserPermission, self).save(*args, **kwargs)
diff --git a/filebrowser/sites.py b/filebrowser/sites.py
index 0fe683cdc..5571debdb 100644
--- a/filebrowser/sites.py
+++ b/filebrowser/sites.py
@@ -13,6 +13,7 @@
 from django.template import RequestContext as Context
 from django.http import HttpResponseRedirect, HttpResponseBadRequest
 from django.contrib.admin.views.decorators import staff_member_required
+from django.core.exceptions import PermissionDenied
 from django.views.decorators.cache import never_cache
 from django.utils.translation import ugettext as _
 from django import forms
@@ -283,6 +284,10 @@ def urls(self):
 
     def browse(self, request):
         "Browse Files/Directories."
+        
+        if not request.user.has_perm('filebrowser.can_list_files'):
+            raise PermissionDenied
+        
         filter_re = []
         for exp in EXCLUDE:
             filter_re.append(re.compile(exp))
@@ -360,6 +365,10 @@ def filter_browse(item):
 
     def createdir(self, request):
         "Create Directory"
+        
+        if not request.user.has_perm('filebrowser.can_add_directories'):
+            raise PermissionDenied
+        
         from filebrowser.forms import CreateDirForm
         query = request.GET
         path = u'%s' % os.path.join(self.directory, query.get('dir', ''))
@@ -396,6 +405,10 @@ def createdir(self, request):
 
     def upload(self, request):
         "Multipe File Upload."
+        
+        if not request.user.has_perm('filebrowser.can_add_files'):
+            raise PermissionDenied
+        
         query = request.GET
 
         return render_to_response('filebrowser/upload.html', {
@@ -409,6 +422,10 @@ def upload(self, request):
 
     def delete_confirm(self, request):
         "Delete existing File/Directory."
+        
+        if not request.user.has_perm('filebrowser.can_delete_files'):
+            raise PermissionDenied
+        
         query = request.GET
         path = u'%s' % os.path.join(self.directory, query.get('dir', ''))
         fileobject = FileObject(os.path.join(path, query.get('filename', '')), site=self)
@@ -442,6 +459,10 @@ def delete_confirm(self, request):
 
     def delete(self, request):
         "Delete existing File/Directory."
+
+        if not request.user.has_perm('filebrowser.can_delete_files'):
+            raise PermissionDenied
+        
         query = request.GET
         path = u'%s' % os.path.join(self.directory, query.get('dir', ''))
         fileobject = FileObject(os.path.join(path, query.get('filename', '')), site=self)
@@ -464,6 +485,10 @@ def detail(self, request):
         Show detail page for a file.
         Rename existing File/Directory (deletes existing Image Versions/Thumbnails).
         """
+        
+        if not request.user.has_perm('filebrowser.can_view_files'):
+            raise PermissionDenied
+        
         from filebrowser.forms import ChangeForm
         query = request.GET
         path = u'%s' % os.path.join(self.directory, query.get('dir', ''))
@@ -477,6 +502,8 @@ def detail(self, request):
                 try:
                     action_response = None
                     if action_name:
+                        if not request.user.has_perm('filebrowser.can_edit_files'):
+                            raise PermissionDenied
                         action = self.get_action(action_name)
                         # Pre-action signal
                         signals.filebrowser_actions_pre_apply.send(sender=request, action_name=action_name, fileobject=[fileobject], site=self)
@@ -484,12 +511,16 @@ def detail(self, request):
                         action_response = action(request=request, fileobjects=[fileobject])
                         # Post-action signal
                         signals.filebrowser_actions_post_apply.send(sender=request, action_name=action_name, fileobject=[fileobject], result=action_response, site=self)
+                        
                     if new_name != fileobject.filename:
+                        if not request.user.has_perm('filebrowser.can_rename_files'):
+                            raise PermissionDenied
                         signals.filebrowser_pre_rename.send(sender=request, path=fileobject.path, name=fileobject.filename, new_name=new_name, site=self)
                         fileobject.delete_versions()
                         self.storage.move(fileobject.path, os.path.join(fileobject.head, new_name))
                         signals.filebrowser_post_rename.send(sender=request, path=fileobject.path, name=fileobject.filename, new_name=new_name, site=self)
                         messages.add_message(request, messages.SUCCESS, _('Renaming was successful.'))
+                        
                     if isinstance(action_response, HttpResponse):
                         return action_response
                     if "_continue" in request.POST:
@@ -594,3 +625,18 @@ def _upload_file(self, request):
 site.add_action(rotate_90_clockwise)
 site.add_action(rotate_90_counterclockwise)
 site.add_action(rotate_180)
+
+#Load default permissions
+from filebrowser.permissions import FileBrowserPermission
+from django.db.utils import IntegrityError
+try:
+    FileBrowserPermission.objects.create(codename="can_list_files", name="Can List Files") #OK
+    FileBrowserPermission.objects.create(codename="can_view_files", name="Can View Files") #OK
+    FileBrowserPermission.objects.create(codename="can_add_files", name="Can Add Files") #OK
+    FileBrowserPermission.objects.create(codename="can_edit_files", name="Can Edit Files") #OK
+    FileBrowserPermission.objects.create(codename="can_rename_files", name="Can Rename Files") #OK
+    FileBrowserPermission.objects.create(codename="can_delete_files", name="Can Delete Files") #OK
+    FileBrowserPermission.objects.create(codename="can_add_directories", name="Can Add Directories") #OK
+except IntegrityError:
+    #Ok, they are still there!
+    pass