Currently, the permission system requires the user to define the "PERMISSIONS" permission for custom portlets for each model resource in the resource actions XML, if the permission system is going to be used for it.
While this makes sense, many people don't notice it and creates unnecessary headaches. This can be easily solved by adding this permission automatically to any resource. If the custom portlet does not use the permission system the user won't ever notice that it's been added automatically, and if it's used then it'll be there already.
Another related issue is that the current code fails in some specific situations if the model does not add a "DEFINE_PERMISSIONS" action too. The reason is that now the permission system throws an exception if there is a check for an action that has not been registered so before checking for that action it should verify that it's been registered for that resource.