diff --git a/modules/Rss/actions/DeleteAjax.php b/modules/Rss/actions/DeleteAjax.php
index 2a6a40cd7cb3cafa1f84bec55549664241d6e867..623d0e90a08a5019e29f95423a370d2f034c490c 100644
--- a/modules/Rss/actions/DeleteAjax.php
+++ b/modules/Rss/actions/DeleteAjax.php
@@ -10,16 +10,6 @@
 
 class Rss_DeleteAjax_Action extends Vtiger_Delete_Action {
 
-	public function checkPermission(Vtiger_Request $request) {
-		$moduleName = $request->getModule();
-		$record = $request->get('record');
-
-		$currentUserPrivilegesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
-		if(!$currentUserPrivilegesModel->isPermitted($moduleName, 'Delete', $record)) {
-			throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
-		}
-	}
-
 	public function process(Vtiger_Request $request) {
 		$moduleName = $request->getModule();
 		$recordId = $request->get('record');
diff --git a/modules/Rss/actions/GetHtml.php b/modules/Rss/actions/GetHtml.php
index a26f60e89284df2e305bbeaeb0f98d105c05ce7d..59bf4cc16a95bb707849e08b94c7c365a69b4748 100644
--- a/modules/Rss/actions/GetHtml.php
+++ b/modules/Rss/actions/GetHtml.php
@@ -10,16 +10,12 @@
 
 class Rss_GetHtml_Action extends Vtiger_Action_Controller {
 
-	 function checkPermission(Vtiger_Request $request) {
-		$moduleName = $request->getModule();
-		$record = $request->get('record');
-
-		$currentUserPrivilegesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
-		if(!$currentUserPrivilegesModel->isPermitted($moduleName, 'ListView', $record)) {
-			throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
-		}
-	}
-
+	public function requiresPermission(\Vtiger_Request $request) {
+		$permissions = parent::requiresPermission($request);
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView');
+		return $permissions;
+	} 
+	
 	public function process(Vtiger_Request $request) {
 		$module = $request->get('module');
         $url = $request->get('url');
diff --git a/modules/Rss/actions/MakeDefaultAjax.php b/modules/Rss/actions/MakeDefaultAjax.php
index c8cdb30931e56de3cd07a175d12b15b330539c53..e2c639b4ffe3c2e021f5c96696a4b7bcea76fd61 100644
--- a/modules/Rss/actions/MakeDefaultAjax.php
+++ b/modules/Rss/actions/MakeDefaultAjax.php
@@ -10,14 +10,10 @@
 
 class Rss_MakeDefaultAjax_Action extends Vtiger_Action_Controller {
     
-    function checkPermission(Vtiger_Request $request) {
-		$moduleName = $request->getModule();
-		$record = $request->get('record');
-
-		$currentUserPrivilegesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
-		if(!$currentUserPrivilegesModel->isPermitted($moduleName, 'ListView', $record)) {
-			throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
-		}
+    public function requiresPermission(\Vtiger_Request $request) {
+		$permissions = parent::requiresPermission($request);
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView');
+		return $permissions;
 	}
 
 	public function process(Vtiger_Request $request) {
diff --git a/modules/Rss/actions/Save.php b/modules/Rss/actions/Save.php
index d9467f8a11e72ffda33cc1606afd3be887af785a..b8ac615ae1a493f26ec0e98b6ece061a5b823aa5 100644
--- a/modules/Rss/actions/Save.php
+++ b/modules/Rss/actions/Save.php
@@ -11,6 +11,11 @@ require_once('libraries/magpierss/rss_fetch.inc');
 
 class Rss_Save_Action extends Vtiger_Save_Action {
 
+	public function requiresPermission(\Vtiger_Request $request) {
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView');
+		return $permissions;
+	}
+	
 	public function process(Vtiger_Request $request) {
         $response = new Vtiger_Response();
 		$moduleName = $request->getModule();
diff --git a/modules/Rss/models/Record.php b/modules/Rss/models/Record.php
index 8a9973a85f6badf0d3236359de80cf75f414a30d..3dc05eec5f7716fcac500b4212f1a46a2d2cd7e9 100644
--- a/modules/Rss/models/Record.php
+++ b/modules/Rss/models/Record.php
@@ -82,6 +82,8 @@ class Rss_Record_Model extends Vtiger_Record_Model {
         
         $params = array($id, $url, $title);
         $sql = "INSERT INTO vtiger_rss (rssid,rssurl,rsstitle) values (?,?,?)";
+		echo '<pre>';
+		print_r($db->convert2sql($sql, $params));
         $result = $db->pquery($sql, $params);
         
         if($result) {
diff --git a/modules/Rss/views/List.php b/modules/Rss/views/List.php
index 552dfd26752d62b159bdce101bc4d724c5158ee0..0787eb4465cc445a8507a725d485d8f92d2fb1b0 100644
--- a/modules/Rss/views/List.php
+++ b/modules/Rss/views/List.php
@@ -11,16 +11,6 @@
 
 class Rss_List_View extends Vtiger_Index_View {
 
-	function checkPermission(Vtiger_Request $request) {
-		$moduleName = $request->getModule();
-		$moduleModel = Vtiger_Module_Model::getInstance($moduleName);
-
-		$currentUserPriviligesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
-		if(!$currentUserPriviligesModel->hasModulePermission($moduleModel->getId())) {
-			throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
-		}
-	}
-
 	function preProcess(Vtiger_Request $request, $display=true) {
 		parent::preProcess($request);
 	}
diff --git a/modules/Vtiger/actions/Delete.php b/modules/Vtiger/actions/Delete.php
index b51e8d7f744dece8c0f32c5cb45c679dde76a0b7..00b1c0290c1f81d5dc3a9742c17eb1b883642e80 100644
--- a/modules/Vtiger/actions/Delete.php
+++ b/modules/Vtiger/actions/Delete.php
@@ -12,6 +12,7 @@ class Vtiger_Delete_Action extends Vtiger_Action_Controller {
 
 	public function requiresPermission(\Vtiger_Request $request) {
 		$permissions = parent::requiresPermission($request);
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView', 'record_parameter' => 'record');
 		$permissions[] = array('module_parameter' => 'module', 'action' => 'Delete', 'record_parameter' => 'record');
 		return $permissions;
 	}
@@ -22,7 +23,7 @@ class Vtiger_Delete_Action extends Vtiger_Action_Controller {
 
 		parent::checkPermission($request);
 
-		$nonEntityModules = array('Users', 'Events', 'Calendar', 'Portal', 'Reports');
+		$nonEntityModules = array('Users', 'Events', 'Calendar', 'Portal', 'Reports', 'Rss');
 		if ($record && !in_array($moduleName, $nonEntityModules)) {
 			$recordEntityName = getSalesEntityType($record);
 			if ($recordEntityName !== $moduleName) {
diff --git a/modules/Vtiger/actions/Save.php b/modules/Vtiger/actions/Save.php
index 767f88edcf312fa0ea53ca48dc35ccbe564b0ff2..98bfde8017f0f293d772c0906ae9a4fdb6fe86b8 100644
--- a/modules/Vtiger/actions/Save.php
+++ b/modules/Vtiger/actions/Save.php
@@ -35,7 +35,7 @@ class Vtiger_Save_Action extends Vtiger_Action_Controller {
 		$moduleName = $request->getModule();
 		$record = $request->get('record');
 
-		$nonEntityModules = array('Users', 'Events', 'Calendar', 'Portal', 'Reports');
+		$nonEntityModules = array('Users', 'Events', 'Calendar', 'Portal', 'Reports', 'Rss');
 		if ($record && !in_array($moduleName, $nonEntityModules)) {
 			$recordEntityName = getSalesEntityType($record);
 			if ($recordEntityName !== $moduleName) {
diff --git a/modules/Vtiger/views/Detail.php b/modules/Vtiger/views/Detail.php
index dfcdbef25eb51464cecf4b3c2d4c00775cb9a8fb..940912466bd9e866c11e8e99fa4bf8b9672e311f 100644
--- a/modules/Vtiger/views/Detail.php
+++ b/modules/Vtiger/views/Detail.php
@@ -61,7 +61,7 @@ class Vtiger_Detail_View extends Vtiger_Index_View {
 		$moduleName = $request->getModule();
 		$recordId = $request->get('record');
 
-		$nonEntityModules = array('Users', 'Events', 'Calendar');
+		$nonEntityModules = array('Users', 'Events', 'Calendar', 'Portal', 'Reports', 'Rss');
 		if ($recordId && !in_array($moduleName, $nonEntityModules)) {
 			$recordEntityName = getSalesEntityType($recordId);
 			if ($recordEntityName !== $moduleName) {
diff --git a/modules/Vtiger/views/Edit.php b/modules/Vtiger/views/Edit.php
index e7246224fb4e8b397597bb8e23732e10e64aa91e..fb653ee02eb89de3dca96fcb27b657869d1c4056 100644
--- a/modules/Vtiger/views/Edit.php
+++ b/modules/Vtiger/views/Edit.php
@@ -29,7 +29,7 @@ Class Vtiger_Edit_View extends Vtiger_Index_View {
 		$moduleName = $request->getModule();
 		$record = $request->get('record');
 
-		$nonEntityModules = array('Users', 'Events', 'Calendar', 'Reports');
+		$nonEntityModules = array('Users', 'Events', 'Calendar', 'Portal', 'Reports', 'Rss');
 		if ($record && !in_array($moduleName, $nonEntityModules)) {
 			$recordEntityName = getSalesEntityType($record);
 			if ($recordEntityName !== $moduleName) {
diff --git a/modules/Vtiger/views/ListViewQuickPreview.php b/modules/Vtiger/views/ListViewQuickPreview.php
index b8f556527a14e9aee4720940734c877ea6232f0a..3010a2f35ffe3be18547ef06616beea4dcc6dbce 100644
--- a/modules/Vtiger/views/ListViewQuickPreview.php
+++ b/modules/Vtiger/views/ListViewQuickPreview.php
@@ -28,7 +28,7 @@ class Vtiger_ListViewQuickPreview_View extends Vtiger_Index_View {
 
 		parent::checkPermission($request);
 
-		$nonEntityModules = array('Users', 'Events', 'Calendar', 'Portal', 'Reports');
+		$nonEntityModules = array('Users', 'Events', 'Calendar', 'Portal', 'Reports', 'Rss');
 		if ($recordId && !in_array($moduleName, $nonEntityModules)) {
 			$recordEntityName = getSalesEntityType($recordId);
 			if ($recordEntityName !== $moduleName) {