diff --git a/tests/security/GroupTest.php b/tests/security/GroupTest.php
index 281de849a..8667dafff 100644
--- a/tests/security/GroupTest.php
+++ b/tests/security/GroupTest.php
@@ -77,6 +77,15 @@ class GroupTest extends FunctionalTest {
 	      // Test adding child group
 
 	   }
+	
+	function testDelete() {
+		$adminGroup = $this->objFromFixture('Group', 'admingroup');
+		
+		$adminGroup->delete();
+		
+		$this->assertNull(DataObject::get('Group', "ID={$adminGroup->ID}"), 'Group is removed');
+		$this->assertNull(DataObject::get('Permission',"GroupID={$adminGroup->ID}"), 'Permissions removed along with the group');
+	}
 }
 
 class GroupTest_Member extends Member implements TestOnly {
diff --git a/tests/security/PermissionCheckboxSetFieldTest.php b/tests/security/PermissionCheckboxSetFieldTest.php
index 8deff75a4..87e8e71c2 100644
--- a/tests/security/PermissionCheckboxSetFieldTest.php
+++ b/tests/security/PermissionCheckboxSetFieldTest.php
@@ -4,6 +4,8 @@
  * @subpackage tests
  */
 class PermissionCheckboxSetFieldTest extends SapphireTest {
+	static $fixture_file = 'sapphire/tests/security/PermissionCheckboxSetFieldTest.yml';
+	
 	function testHiddenPermissions() {
 		$f = new PermissionCheckboxSetField(
 			'Permissions',
@@ -21,4 +23,65 @@ class PermissionCheckboxSetFieldTest extends SapphireTest {
 		$this->assertContains('CMS_ACCESS_CMSMain', $f->Field());
 		$this->assertNotContains('CMS_ACCESS_ReportAdmin', $f->Field());
 	}
+	
+	function testSaveInto() {
+		$group = $this->objFromFixture('Group', 'group');  // tested group
+		$untouchable = $this->objFromFixture('Group', 'untouchable');  // group that should not change
+		
+		$field = new PermissionCheckboxSetField(
+			'Permissions',
+			'Permissions',
+			'Permission',
+			'GroupID',
+			$group
+		);
+
+		// get the number of permissions before we start
+		$baseCount = DataObject::get('Permission')->Count();
+		
+		// there are currently no permissions, save empty checkbox
+		$field->saveInto($group);
+		$group->flushCache();
+		$untouchable->flushCache();
+		$this->assertEquals($group->Permissions()->Count(), 0, 'The tested group has no permissions');
+
+		$this->assertEquals($untouchable->Permissions()->Count(), 1, 'The other group has one permission');
+		$this->assertEquals($untouchable->Permissions("Code='ADMIN'")->Count(), 1, 'The other group has ADMIN permission');
+
+		$this->assertEquals(DataObject::get('Permission')->Count(), $baseCount, 'There are no orphaned permissions');
+				
+		// add some permissions
+		$field->setValue(array(
+			'ADMIN'=>true,
+			'CMS_ACCESS_AssetAdmin'=>true
+		));
+
+		$field->saveInto($group);
+		$group->flushCache();
+		$untouchable->flushCache();
+		$this->assertEquals($group->Permissions()->Count(), 2, 'The tested group has two permissions permission');
+		$this->assertEquals($group->Permissions("Code='ADMIN'")->Count(), 1, 'The tested group has ADMIN permission');
+		$this->assertEquals($group->Permissions("Code='CMS_ACCESS_AssetAdmin'")->Count(), 1, 'The tested group has CMS_ACCESS_AssetAdmin permission');
+
+		$this->assertEquals($untouchable->Permissions()->Count(), 1, 'The other group has one permission');
+		$this->assertEquals($untouchable->Permissions("Code='ADMIN'")->Count(), 1, 'The other group has ADMIN permission');
+
+		$this->assertEquals(DataObject::get('Permission')->Count(), $baseCount+2, 'There are no orphaned permissions');
+		
+		// remove permission
+		$field->setValue(array(
+			'ADMIN'=>true,
+		));
+
+		$field->saveInto($group);
+		$group->flushCache();
+		$untouchable->flushCache();
+		$this->assertEquals($group->Permissions()->Count(), 1, 'The tested group has 1 permission');
+		$this->assertEquals($group->Permissions("Code='ADMIN'")->Count(), 1, 'The tested group has ADMIN permission');
+
+		$this->assertEquals($untouchable->Permissions()->Count(), 1, 'The other group has one permission');
+		$this->assertEquals($untouchable->Permissions("Code='ADMIN'")->Count(), 1, 'The other group has ADMIN permission');
+
+		$this->assertEquals(DataObject::get('Permission')->Count(), $baseCount+1, 'There are no orphaned permissions');
+	}
 }
\ No newline at end of file
diff --git a/tests/security/PermissionCheckboxSetFieldTest.yml b/tests/security/PermissionCheckboxSetFieldTest.yml
new file mode 100644
index 000000000..f7df7d52e
--- /dev/null
+++ b/tests/security/PermissionCheckboxSetFieldTest.yml
@@ -0,0 +1,10 @@
+Group:
+    group:
+        Code: group
+    untouchable:
+        Code: untouchable
+
+Permission:
+    perm1:
+        Code: ADMIN
+        Group: =>Group.untouchable
diff --git a/tests/security/PermissionRoleTest.php b/tests/security/PermissionRoleTest.php
new file mode 100644
index 000000000..a335133f4
--- /dev/null
+++ b/tests/security/PermissionRoleTest.php
@@ -0,0 +1,17 @@
+<?php
+/**
+ * @package sapphire
+ * @subpackage tests
+ */
+class PermissionRoleTest extends FunctionalTest {
+	static $fixture_file = 'sapphire/tests/security/PermissionRoleTest.yml';
+	
+	function testDelete() {
+		$role = $this->objFromFixture('PermissionRole', 'role');
+		
+		$role->delete();
+		
+		$this->assertNull(DataObject::get('PermissionRole', "ID={$role->ID}"), 'Role is removed');
+		$this->assertNull(DataObject::get('PermissionRoleCode',"RoleID={$role->ID}"), 'Permissions removed along with the role');
+	}
+}
diff --git a/tests/security/PermissionRoleTest.yml b/tests/security/PermissionRoleTest.yml
new file mode 100644
index 000000000..2fba04ced
--- /dev/null
+++ b/tests/security/PermissionRoleTest.yml
@@ -0,0 +1,7 @@
+PermissionRole:
+   role:
+      Title: role
+PermissionRoleCode:
+   code:
+      Code: ADMIN
+      Role: =>PermissionRole.role
\ No newline at end of file