diff --git a/src/Umbraco.Web.UI.Client/src/common/directives/components/content/edit.controller.js b/src/Umbraco.Web.UI.Client/src/common/directives/components/content/edit.controller.js
index db5def83d8..7d60a83b89 100644
--- a/src/Umbraco.Web.UI.Client/src/common/directives/components/content/edit.controller.js
+++ b/src/Umbraco.Web.UI.Client/src/common/directives/components/content/edit.controller.js
@@ -211,12 +211,20 @@
         // outwith the initial scoped request. This trick will fix that.
         //  
         var previewWindow = $window.open('preview/?id=' + content.id, 'umbpreview');
-        $scope.save().then(function (data) {
-          // Build the correct path so both /#/ and #/ work.
-          var redirect = Umbraco.Sys.ServerVariables.umbracoSettings.umbracoPath + '/preview/?id=' + data.id;
-          previewWindow.location.href = redirect;
-        });
 
+        // Build the correct path so both /#/ and #/ work.
+        var redirect = Umbraco.Sys.ServerVariables.umbracoSettings.umbracoPath + '/preview/?id=' + content.id;
+
+        //The user cannot save if they don't have access to do that, in which case we just want to preview
+        //and that's it otherwise they'll get an unauthorized access message
+        if (!_.contains(content.allowedActions, "A")) {
+            previewWindow.location.href = redirect;
+        }
+        else {
+            $scope.save().then(function (data) {
+                previewWindow.location.href = redirect;
+            });    
+        }
 
       }
 
diff --git a/src/Umbraco.Web.UI.Client/src/common/services/contenteditinghelper.service.js b/src/Umbraco.Web.UI.Client/src/common/services/contenteditinghelper.service.js
index d1014adc69..b4c1b306c8 100644
--- a/src/Umbraco.Web.UI.Client/src/common/services/contenteditinghelper.service.js
+++ b/src/Umbraco.Web.UI.Client/src/common/services/contenteditinghelper.service.js
@@ -176,13 +176,22 @@ function contentEditingHelper(fileManager, $q, $location, $routeParams, notifica
             var buttonOrder = ["U", "H", "A"];
 
             //Create the first button (primary button)
-            //We cannot have the Save or SaveAndPublish buttons if they don't have create permissions when we are creating a new item.
+            //We cannot have the Save or SaveAndPublish buttons if they don't have create permissions when we are creating a new item.
+            //Another tricky rule is if they only have Create + Browse permissions but not Save but if it's being created then they will
+            // require the Save button in order to create.
+            //So this code is going to create the primary button (either Publish, SendToPublish, Save) if we are not in create mode
+            // or if the user has access to create.
             if (!args.create || _.contains(args.content.allowedActions, "C")) {
                 for (var b in buttonOrder) {
                     if (_.contains(args.content.allowedActions, buttonOrder[b])) {
                         buttons.defaultButton = createButtonDefinition(buttonOrder[b]);
                         break;
                     }
+                }
+                //Here's the special check, if the button still isn't set and we are creating and they have create access
+                //we need to add the Save button
+                if (!buttons.defaultButton && args.create && _.contains(args.content.allowedActions, "C")) {
+                    buttons.defaultButton = createButtonDefinition("A");
                 }
             }
 
diff --git a/src/Umbraco.Web/Editors/ContentPostValidateAttribute.cs b/src/Umbraco.Web/Editors/ContentPostValidateAttribute.cs
index 71715e339a..97472a074f 100644
--- a/src/Umbraco.Web/Editors/ContentPostValidateAttribute.cs
+++ b/src/Umbraco.Web/Editors/ContentPostValidateAttribute.cs
@@ -94,10 +94,10 @@ namespace Umbraco.Web.Editors
                     contentIdToCheck = contentToCheck.Id;
                     break;
                 case ContentSaveAction.SaveNew:
-                    //Save new requires both ActionNew AND ActionUpdate
+                    //Save new requires ActionNew
+
+                    permissionToCheck.Add(ActionNew.Instance.Letter);
 
-                    permissionToCheck.Add(ActionNew.Instance.Letter);
-                    permissionToCheck.Add(ActionUpdate.Instance.Letter);
                     if (contentItem.ParentId != Constants.System.Root)
                     {
                         contentToCheck = ContentService.GetById(contentItem.ParentId);
@@ -109,7 +109,7 @@ namespace Umbraco.Web.Editors
                     }
                     break;
                 case ContentSaveAction.SendPublishNew:
-                    //Send new requires both ActionToPublish AND ActionUpdate
+                    //Send new requires both ActionToPublish AND ActionNew
 
                     permissionToCheck.Add(ActionNew.Instance.Letter);
                     permissionToCheck.Add(ActionToPublish.Instance.Letter);
@@ -125,6 +125,7 @@ namespace Umbraco.Web.Editors
                     break;
                 case ContentSaveAction.PublishNew:
                     //Publish new requires both ActionNew AND ActionPublish
+                    //TODO: Shoudn't publish also require ActionUpdate since it will definitely perform an update to publish but maybe that's just implied
 
                     permissionToCheck.Add(ActionNew.Instance.Letter);
                     permissionToCheck.Add(ActionPublish.Instance.Letter);