diff --git a/app/models/ability.rb b/app/models/ability.rb
index 54d477bc..e4838493 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -61,6 +61,8 @@ class Ability
 
     can :point, Site
 
+    cannot :create, Site
+
     can :manage, Membership
 
     cannot :change_role, Membership do |membership|
diff --git a/app/views/admin/current_site/edit.html.haml b/app/views/admin/current_site/edit.html.haml
index 7e5f7143..5cbb6dc4 100644
--- a/app/views/admin/current_site/edit.html.haml
+++ b/app/views/admin/current_site/edit.html.haml
@@ -3,10 +3,11 @@
 - content_for :submenu do
   = render_cell 'admin/settings_menu', :show
 
-- if can?(:manage, @site)
-  - content_for :buttons do
+- content_for :buttons do
+  - if can?(:manage, @site)
     = admin_button_tag :export, new_admin_export_url, :class => 'new'
     = admin_button_tag :import, new_admin_import_url, :class => 'new'
+  - if can?(:create, Account)
     = admin_button_tag t('.new_membership'), new_admin_membership_url, :class => 'new'
 
 %p!= t('.help')
diff --git a/app/views/admin/my_account/edit.html.haml b/app/views/admin/my_account/edit.html.haml
index 1755b3e0..7484bac1 100644
--- a/app/views/admin/my_account/edit.html.haml
+++ b/app/views/admin/my_account/edit.html.haml
@@ -8,7 +8,7 @@
 
 - if multi_sites?
   - content_for :buttons do
-    = admin_button_tag t('.new_site'), new_admin_site_url, :class => 'new' if can?(:manage, Site)
+    = admin_button_tag t('.new_site'), new_admin_site_url, :class => 'new' if can?(:create, Site)
 
 %p= t('.help')
 
diff --git a/app/views/admin/theme_assets/_asset.html.haml b/app/views/admin/theme_assets/_asset.html.haml
index 99f0e080..23a81e03 100644
--- a/app/views/admin/theme_assets/_asset.html.haml
+++ b/app/views/admin/theme_assets/_asset.html.haml
@@ -9,5 +9,5 @@
     %span!= t('.updated_at')
     %span.date= l asset.updated_at, :format => :short
 
-    - if edit
+    - if edit && can?(:destroy, asset)
       = link_to image_tag('admin/list/icons/trash.png'), admin_theme_asset_path(asset), :class => 'remove', :confirm => t('admin.messages.confirm'), :method => :delete
diff --git a/features/admin/authorization/account_settings.feature b/features/admin/authorization/account_settings.feature
new file mode 100644
index 00000000..51e475ae
--- /dev/null
+++ b/features/admin/authorization/account_settings.feature
@@ -0,0 +1,28 @@
+Feature: Account Settings
+  In order to ensure sites are not tampered with
+  As an admin, designer or author
+  I will be restricted based on my role
+
+Background:
+  Given I have the site: "test site" set up
+  And I have a designer and an author
+
+  Scenario: As an unauthenticated user
+    Given I am not authenticated
+    When I go to account settings
+    Then I should see "Log in"
+
+  Scenario: Accessing site settings as an Admin
+    Given I am an authenticated "admin"
+    When I go to account settings
+    Then I should see "new site"
+
+  Scenario: Accessing site settings as a Designer
+    Given I am an authenticated "designer"
+    When I go to account settings
+    Then I should not see "new site"
+
+  Scenario: Accessing site settings as an Author
+    Given I am an authenticated "author"
+    When I go to account settings
+    Then I should not see "new site"
diff --git a/features/admin/authorization/current_site.feature b/features/admin/authorization/current_site.feature
index ce61e589..591b6f6b 100644
--- a/features/admin/authorization/current_site.feature
+++ b/features/admin/authorization/current_site.feature
@@ -30,7 +30,7 @@ Background:
     Given I am an authenticated "designer"
     When I go to site settings
     Then I should see "import"
-    And I should see "add account"
+    And I should not see "add account"
     And I should see "SEO settings"
     And I should see "Access points"
     And I should not see the role dropdown on myself
diff --git a/features/admin/authorization/theme_assets.feature b/features/admin/authorization/theme_assets.feature
index 1adccf01..cc0011ef 100644
--- a/features/admin/authorization/theme_assets.feature
+++ b/features/admin/authorization/theme_assets.feature
@@ -6,6 +6,7 @@ Feature: Theme Assets
 Background:
   Given I have the site: "test site" set up
   And I have a designer and an author
+  And I have an image theme asset named "dog.png"
 
   Scenario: As an unauthenticated user
     Given I am not authenticated
@@ -20,6 +21,8 @@ Background:
     And I should see "Snippets"
     And I should see "Style and javascript"
     And I should see "Images"
+    And I should see "dog.png"
+    And I should see a delete image button
 
   Scenario: Accessing theme assets as a Designer
     Given I am an authenticated "designer"
@@ -29,6 +32,8 @@ Background:
     And I should see "Snippets"
     And I should see "Style and javascript"
     And I should see "Images"
+    And I should see "dog.png"
+    And I should see a delete image button
 
   Scenario: Accessing theme assets as an Author
     Given I am an authenticated "author"
@@ -38,3 +43,5 @@ Background:
     And I should not see "Snippets"
     And I should not see "Style and javascript"
     And I should see "Images"
+    And I should see "dog.png"
+    And I should not see a delete image button
diff --git a/features/engine/tablerow.feature b/features/engine/tablerow.feature
new file mode 100644
index 00000000..098eb792
--- /dev/null
+++ b/features/engine/tablerow.feature
@@ -0,0 +1,42 @@
+Feature: TableRow liquid tags
+  As a designer
+  I want to be able to use the tablerow liquid tag with locomotive contents
+
+Background:
+  Given I have the site: "test site" set up
+  And I have a custom model named "Projects" with
+    | label         | kind      | required  |
+    | Name          | string    | true      |
+  And I have entries for "Projects" with
+    | name        |
+    | Project 1   |
+    | Project 2   |
+    | Project 3   |
+
+Scenario: Use the tablerow tag
+  Given a page named "project-table" with the template:
+    """
+    <h1>Projects</h1>
+    <table>
+    {% tablerow project in contents.projects cols: 2 %}
+    {{ project.name }}
+    {% endtablerow %}
+    </table>
+    """
+  When I view the rendered page at "/project-table"
+  Then the rendered output should look like:
+    """
+    <h1>Projects</h1>
+    <table>
+    <tr class="row1">
+    <td class="col1">
+    Project 1
+    </td><td class="col2">
+    Project 2
+    </td></tr>
+    <tr class="row2"><td class="col1">
+    Project 3
+    </td></tr>
+
+    </table>
+    """
diff --git a/features/step_definitions/theme_asset_steps.rb b/features/step_definitions/theme_asset_steps.rb
index 0db95683..894234af 100644
--- a/features/step_definitions/theme_asset_steps.rb
+++ b/features/step_definitions/theme_asset_steps.rb
@@ -24,8 +24,23 @@ Given /^a stylesheet asset named "([^"]*)"$/ do |name|
   @asset = create_plain_text_asset(name, 'stylesheet')
 end
 
+Given /^I have an image theme asset named "([^"]*)"$/ do |name|
+  @asset = FactoryGirl.create(:theme_asset, :site => @site, :source => File.open(Rails.root.join('spec', 'fixtures', 'assets', '5k.png')))
+  @asset.source_filename = name
+  @asset.save!
+end
+
+
 # other stuff
 
 Then /^I should see "([^"]*)" as theme asset code$/ do |code|
   find(:css, "#theme_asset_plain_text").text.should == code
-end
\ No newline at end of file
+end
+
+Then /^I should see a delete image button$/ do
+  page.has_css?("ul.theme-assets li .more a.remove").should be_true
+end
+
+Then /^I should not see a delete image button$/ do
+  page.has_css?("ul.theme-assets li .more a.remove").should be_false
+end
diff --git a/lib/locomotive/liquid/drops/contents.rb b/lib/locomotive/liquid/drops/contents.rb
index 26714749..691e5c9f 100644
--- a/lib/locomotive/liquid/drops/contents.rb
+++ b/lib/locomotive/liquid/drops/contents.rb
@@ -29,10 +29,16 @@ module Locomotive
           self.collection.each(&block)
         end
 
+        def each_with_index(&block)
+          self.collection.each_with_index(&block)
+        end
+
         def size
           self.collection.size
         end
 
+        alias :length :size
+
         def empty?
           self.collection.empty?
         end
diff --git a/spec/lib/locomotive/liquid/drops/contents_spec.rb b/spec/lib/locomotive/liquid/drops/contents_spec.rb
index 3a8170d5..d5cc077b 100644
--- a/spec/lib/locomotive/liquid/drops/contents_spec.rb
+++ b/spec/lib/locomotive/liquid/drops/contents_spec.rb
@@ -3,6 +3,9 @@ require 'spec_helper'
 describe Locomotive::Liquid::Drops::Contents do
 
   before(:each) do
+    # Reload the file (needed for spork)
+    load File.join(Rails.root, 'lib', 'locomotive', 'liquid', 'drops', 'contents.rb')
+
     @site = Factory.build(:site)
     @content_type = Factory.build(:content_type, :site => @site, :slug => 'projects')
   end
@@ -22,6 +25,26 @@ describe Locomotive::Liquid::Drops::Contents do
 
   end
 
+  describe Locomotive::Liquid::Drops::ProxyCollection do
+
+    before(:each) do
+      populate_content_type
+      @proxy_collection = Locomotive::Liquid::Drops::ProxyCollection.new(@content_type)
+      @proxy_collection.context = {}
+    end
+
+    it 'provides its size like an Array' do
+      @proxy_collection.size.should == @proxy_collection.length
+    end
+
+    it 'can be enumerated using each_with_index' do
+      @proxy_collection.each_with_index do |item, index|
+        item._slug.should == "item#{index + 1}"
+      end
+    end
+
+  end
+
   def render_template(template = '', assigns = {})
     assigns = {
       'contents' => Locomotive::Liquid::Drops::Contents.new
@@ -30,4 +53,11 @@ describe Locomotive::Liquid::Drops::Contents do
     Liquid::Template.parse(template).render(::Liquid::Context.new({}, assigns, { :site => @site }))
   end
 
+  def populate_content_type
+    @content_type.order_by = :_slug
+    @content_type.contents.build(:_slug => 'item1')
+    @content_type.contents.build(:_slug => 'item2')
+    @content_type.contents.build(:_slug => 'item3')
+  end
+
 end