diff --git a/lib/API/JSON/API.php b/lib/API/JSON/API.php
index 8df8eb5855..c7f7304d4a 100644
--- a/lib/API/JSON/API.php
+++ b/lib/API/JSON/API.php
@@ -2,7 +2,6 @@
 namespace MailPoet\API\JSON;
 
 use MailPoet\Config\AccessControl;
-use MailPoet\Config\Env;
 use MailPoet\Util\Helpers;
 use MailPoet\Util\Security;
 use MailPoet\WP\Hooks;
@@ -20,9 +19,11 @@ class API {
   private $_available_api_versions = array(
       'v1'
   );
+  private $access_control;
   const CURRENT_VERSION = 'v1';
 
   function __construct() {
+    $this->access_control = new AccessControl();
     foreach($this->_available_api_versions as $available_api_version) {
       $this->addEndpointNamespace(
         sprintf('%s\%s', __NAMESPACE__, $available_api_version),
@@ -127,7 +128,7 @@ class API {
         throw new \Exception(__('Invalid API endpoint.', 'mailpoet'));
       }
 
-      $endpoint = new $this->_request_endpoint_class();
+      $endpoint = new $this->_request_endpoint_class($this->access_control);
 
       // check the accessibility of the requested endpoint's action
       // by default, an endpoint's action is considered "private"
@@ -148,12 +149,12 @@ class API {
   function validatePermissions($request_method, $permissions) {
     // if method permission is defined, validate it
     if (!empty($permissions['methods'][$request_method])) {
-      return ($permissions['methods'][$request_method] === Access::ALL) ?
+      return ($permissions['methods'][$request_method] === AccessControl::ACCESS_ALL) ?
         true :
-        AccessControl::validatePermission($permissions['methods'][$request_method]);
+        $this->access_control->validatePermission($permissions['methods'][$request_method]);
     }
     // use global permission
-    return AccessControl::validatePermission($permissions['global']);
+    return $this->access_control->validatePermission($permissions['global']);
   }
 
   function checkToken() {
diff --git a/lib/API/JSON/Access.php b/lib/API/JSON/Access.php
deleted file mode 100644
index 28beab513e..0000000000
--- a/lib/API/JSON/Access.php
+++ /dev/null
@@ -1,12 +0,0 @@
-<?php
-namespace MailPoet\API\JSON;
-
-if(!defined('ABSPATH')) exit;
-
-final class Access {
-  const ALL = 'all';
-
-  private function __construct() {
-
-  }
-}
\ No newline at end of file
diff --git a/lib/API/JSON/v1/MP2Migrator.php b/lib/API/JSON/v1/MP2Migrator.php
index aa3bd41d75..dcc3c42b4c 100644
--- a/lib/API/JSON/v1/MP2Migrator.php
+++ b/lib/API/JSON/v1/MP2Migrator.php
@@ -12,8 +12,9 @@ class MP2Migrator extends APIEndpoint {
     'global' => AccessControl::PERMISSION_MANAGE_SETTINGS
   );
 
-  public function __construct() {
-    $this->MP2Migrator = new \MailPoet\Config\MP2Migrator();
+  public function __construct(AccessControl $access_control) {
+    $this->access_control = $access_control;
+    $this->MP2Migrator = new \MailPoet\Config\MP2Migrator($this->access_control);
   }
 
   /**
diff --git a/lib/API/JSON/v1/Setup.php b/lib/API/JSON/v1/Setup.php
index 1bf0647748..8b333b4e8b 100644
--- a/lib/API/JSON/v1/Setup.php
+++ b/lib/API/JSON/v1/Setup.php
@@ -13,10 +13,15 @@ class Setup extends APIEndpoint {
   public $permissions = array(
     'global' => AccessControl::PERMISSION_MANAGE_SETTINGS
   );
+  private $access_control;
+
+  function __construct(AccessControl $access_control) {
+    $this->access_control = $access_control;
+  }
 
   function reset() {
     try {
-      $activator = new Activator();
+      $activator = new Activator($this->access_control);
       $activator->deactivate();
       $activator->activate();
       Hooks::doAction('mailpoet_setup_reset');
diff --git a/lib/API/JSON/v1/Subscribers.php b/lib/API/JSON/v1/Subscribers.php
index e391072855..0631806343 100644
--- a/lib/API/JSON/v1/Subscribers.php
+++ b/lib/API/JSON/v1/Subscribers.php
@@ -2,7 +2,6 @@
 
 namespace MailPoet\API\JSON\v1;
 
-use MailPoet\API\JSON\Access as APIAccess;
 use MailPoet\API\JSON\Endpoint as APIEndpoint;
 use MailPoet\API\JSON\Error as APIError;
 use MailPoet\Config\AccessControl;
@@ -17,7 +16,7 @@ if(!defined('ABSPATH')) exit;
 class Subscribers extends APIEndpoint {
   public $permissions = array(
     'global' => AccessControl::PERMISSION_MANAGE_SUBSCRIBERS,
-    'methods' => array('subscribe' => APIAccess::ALL)
+    'methods' => array('subscribe' => AccessControl::ACCESS_ALL)
   );
 
   function get($data = array()) {
diff --git a/lib/Config/AccessControl.php b/lib/Config/AccessControl.php
index f1c2fb9fa4..c56e43778c 100644
--- a/lib/Config/AccessControl.php
+++ b/lib/Config/AccessControl.php
@@ -8,23 +8,26 @@ if(!defined('ABSPATH')) exit;
 require_once(ABSPATH . 'wp-includes/pluggable.php');
 
 class AccessControl {
-  static $permissions;
   const PERMISSION_ACCESS_PLUGIN = 'access_plugin';
   const PERMISSION_MANAGE_SETTINGS = 'manage_settings';
   const PERMISSION_MANAGE_EMAILS = 'manage_emails';
   const PERMISSION_MANAGE_SUBSCRIBERS = 'manage_subscribers';
   const PERMISSION_MANAGE_FORMS = 'manage_forms';
   const PERMISSION_MANAGE_SEGMENTS = 'manage_segments';
+  const PERMISSION_UPDATE_PLUGIN = 'update_plugin';
+  const ACCESS_ALL = 'All';
 
-  static function init($permissions = array()) {
-    self::setPermissions($permissions);
+  public $permissions;
+  public $current_user_roles;
+  public $user_capabilities;
+
+  function __construct() {
+    $this->permissions = $this->getDefaultPermissions();
+    $this->user_roles = $this->getUserRoles();
+    $this->user_capabilities = $this->getUserCapabilities();
   }
 
-  static function setPermissions($permissions = array()) {
-    self::$permissions = ($permissions) ? $permissions : self::getPermissions();
-  }
-
-  static function getPermissions() {
+  private function getDefaultPermissions() {
     return array(
       self::PERMISSION_ACCESS_PLUGIN => WPHooks::applyFilters(
         'mailpoet_permission_access_plugin',
@@ -63,18 +66,31 @@ class AccessControl {
         array(
           'administrator'
         )
-      )
+      ),
+      self::PERMISSION_UPDATE_PLUGIN => WPHooks::applyFilters(
+        'mailpoet_permission_update_plugin',
+        array(
+          'administrator'
+        )
+      ),
     );
   }
 
-  static function validatePermission($permission) {
-    if(empty(self::$permissions)) self::init();
-    if(empty(self::$permissions[$permission])) return false;
-    $current_user = wp_get_current_user();
-    $current_user_roles = $current_user->roles;
+  function getUserRoles() {
+    $user = wp_get_current_user();
+    return $user->roles;
+  }
+
+  function getUserCapabilities() {
+    $user = wp_get_current_user();
+    return array_keys($user->allcaps);
+  }
+
+  function validatePermission($permission) {
+    if(empty($this->permissions[$permission])) return false;
     $permitted_roles = array_intersect(
-      $current_user_roles,
-      self::$permissions[$permission]
+      $this->user_roles,
+      $this->permissions[$permission]
     );
     return (!empty($permitted_roles));
   }
diff --git a/lib/Config/Activator.php b/lib/Config/Activator.php
index c654e96bf7..c849e4e264 100644
--- a/lib/Config/Activator.php
+++ b/lib/Config/Activator.php
@@ -5,13 +5,16 @@ namespace MailPoet\Config;
 if(!defined('ABSPATH')) exit;
 
 class Activator {
-  const REQUIRED_PERMISSION = AccessControl::PERMISSION_MANAGE_SETTINGS;
+  private $access_control;
 
-  static function activate() {
-    self::validatePermission();
-    if(!current_user_can(self::PERMISSION_ACTIVATE)) {
-      throw new \Exception('MaiLpoet  ID must be greater than zero');
+  function __construct(AccessControl $access_control) {
+    $this->access_control = $access_control;
+    if(!$this->access_control->validatePermission(AccessControl::PERMISSION_UPDATE_PLUGIN)) {
+      throw new \Exception(__('You do not have permission to activate/deactivate MailPoet plugin.', 'mailpoet'));
     }
+  }
+
+  function activate() {
     $migrator = new Migrator();
     $migrator->up();
 
@@ -21,19 +24,8 @@ class Activator {
     update_option('mailpoet_db_version', Env::$version);
   }
 
-  static function deactivate() {
-    self::validatePermission();
+  function deactivate() {
     $migrator = new Migrator();
     $migrator->down();
   }
-
-  static function validatePermission() {
-    if(AccessControl::validatePermission(self::REQUIRED_PERMISSION)) return;
-    throw new \Exception(
-      sprintf(
-        __('MailPoet can only be activated/deactivated by a user with <strong>%s</strong> capability.', 'mailpoet'),
-        self::REQUIRED_PERMISSION
-      )
-    );
-  }
 }
\ No newline at end of file
diff --git a/lib/Config/Changelog.php b/lib/Config/Changelog.php
index 59295e0beb..29b33f2e55 100644
--- a/lib/Config/Changelog.php
+++ b/lib/Config/Changelog.php
@@ -4,7 +4,10 @@ use MailPoet\Models\Setting;
 use MailPoet\Util\Url;
 
 class Changelog {
-  function __construct() {
+  private $access_control;
+
+  function __construct(AccessControl $access_control) {
+    $this->access_control = $access_control;
   }
 
   function init() {
@@ -34,7 +37,7 @@ class Changelog {
     $version = Setting::getValue('version', null);
     $redirect_url = null;
 
-    $mp2_migrator = new MP2Migrator();
+    $mp2_migrator = new MP2Migrator($this->access_control);
     if(!in_array($_GET['page'], array('mailpoet-migration', 'mailpoet-settings')) && $mp2_migrator->isMigrationStartedAndNotCompleted()) {
       // Force the redirection if the migration has started but is not completed
       $redirect_url = admin_url('admin.php?page=mailpoet-migration');
diff --git a/lib/Config/Initializer.php b/lib/Config/Initializer.php
index 9d4080a559..4e527c548d 100644
--- a/lib/Config/Initializer.php
+++ b/lib/Config/Initializer.php
@@ -13,18 +13,18 @@ if(!defined('ABSPATH')) exit;
 require_once(ABSPATH . 'wp-admin/includes/plugin.php');
 
 class Initializer {
-
   const UNABLE_TO_CONNECT = 'Unable to connect to the database (the database is unable to open a file or folder), the connection is likely not configured correctly. Please read our [link] Knowledge Base article [/link] for steps how to resolve it.';
   const SOLVE_DB_ISSUE_URL = 'http://beta.docs.mailpoet.com/article/200-solving-database-connection-issues';
 
   protected $plugin_initialized = false;
+  private $access_control;
 
   function __construct($params = array(
     'file' => '',
     'version' => '1.0.0'
   )) {
     Env::init($params['file'], $params['version']);
-    AccessControl::init();
+    $this->access_control = new AccessControl();
   }
 
   function init() {
@@ -136,7 +136,8 @@ class Initializer {
 
     // if current db version and plugin version differ
     if(version_compare($current_db_version, Env::$version) !== 0) {
-      Activator::activate();
+      $activator = new Activator($this->access_control);
+      $activator->activate();
     }
   }
 
@@ -186,12 +187,12 @@ class Initializer {
   }
 
   function setupMenu() {
-    $menu = new Menu($this->renderer, Env::$assets_url);
+    $menu = new Menu($this->renderer, Env::$assets_url, $this->access_control);
     $menu->init();
   }
 
   function setupChangelog() {
-    $changelog = new Changelog();
+    $changelog = new Changelog($this->access_control);
     $changelog->init();
   }
 
@@ -247,7 +248,7 @@ class Initializer {
   function handleFailedInitialization($exception) {
     // Check if we are able to add pages at this point
     if(function_exists('wp_get_current_user')) {
-      Menu::addErrorPage();
+      Menu::addErrorPage($this->access_control);
     }
     return WPNotice::displayError($exception);
   }
diff --git a/lib/Config/MP2Migrator.php b/lib/Config/MP2Migrator.php
index 289be0bc66..e75fc6b8c5 100644
--- a/lib/Config/MP2Migrator.php
+++ b/lib/Config/MP2Migrator.php
@@ -19,17 +19,19 @@ class MP2Migrator {
   const CHUNK_SIZE = 10; // To import the data by batch
 
   private $log_file;
+  private $access_control;
   public $log_file_url;
   public $progressbar;
   private $segments_mapping = array(); // Mapping between old and new segment IDs
   private $wp_users_segment;
 
-  public function __construct() {
+  public function __construct(AccessControl $access_control) {
     $this->defineMP2Tables();
     $log_filename = 'mp2migration.log';
     $this->log_file = Env::$temp_path . '/' . $log_filename;
     $this->log_file_url = Env::$temp_url . '/' . $log_filename;
     $this->progressbar = new ProgressBar('mp2migration');
+    $this->access_control = $access_control;
   }
 
   private function defineMP2Tables() {
@@ -187,8 +189,9 @@ class MP2Migrator {
    *
    */
   private function eraseMP3Data() {
-    Activator::deactivate();
-    Activator::activate();
+    $activator = new Activator($this->access_control);
+    $activator->deactivate();
+    $activator->activate();
 
     $this->deleteSegments();
     $this->resetMigrationCounters();
diff --git a/lib/Config/Menu.php b/lib/Config/Menu.php
index ded750dc66..4de7dbb867 100644
--- a/lib/Config/Menu.php
+++ b/lib/Config/Menu.php
@@ -26,9 +26,18 @@ use MailPoet\WP\Readme;
 if(!defined('ABSPATH')) exit;
 
 class Menu {
-  function __construct($renderer, $assets_url) {
+  const MAIN_PAGE_SLUG = 'mailpoet-newsletters';
+
+  public $renderer;
+  public $assets_url;
+  private $access_control;
+  private $subscribers_over_limit;
+
+  function __construct($renderer, $assets_url, AccessControl $access_control) {
     $this->renderer = $renderer;
     $this->assets_url = $assets_url;
+    $this->access_control = $access_control;
+    $this->user_capability = $this->access_control->user_capabilities[0];
     $subscribers_feature = new SubscribersFeature();
     $this->subscribers_over_limit = $subscribers_feature->check();
     $this->checkMailPoetAPIKey();
@@ -46,135 +55,204 @@ class Menu {
   }
 
   function setup() {
-    if(!AccessControl::validatePermission('access_plugin')) return;
+    if(!$this->access_control->validatePermission(AccessControl::PERMISSION_ACCESS_PLUGIN)) return;
     if(self::isOnMailPoetAdminPage()) {
       do_action('mailpoet_conflict_resolver_styles');
       do_action('mailpoet_conflict_resolver_scripts');
     }
 
-    $main_page_slug = 'mailpoet-newsletters';
-
+    // Main page
     add_menu_page(
       'MailPoet',
       'MailPoet',
-      AccessControl::validatePermission(AccessControl::PERMISSION_ACCESS_PLUGIN),
-      $main_page_slug,
+      $this->user_capability,
+      self::MAIN_PAGE_SLUG,
       null,
       $this->assets_url . '/img/menu_icon.png',
       30
     );
 
-    $newsletters_page = add_submenu_page(
-      $main_page_slug,
-      $this->setPageTitle(__('Emails', 'mailpoet')),
-      __('Emails', 'mailpoet'),
-      AccessControl::validatePermission(AccessControl::PERMISSION_MANAGE_EMAILS),
-      $main_page_slug,
-      array(
-        $this,
-        'newsletters'
-      )
-    );
+    // Emails page
+    if ($this->access_control->validatePermission(AccessControl::PERMISSION_MANAGE_EMAILS)) {
+      $newsletters_page = add_submenu_page(
+        self::MAIN_PAGE_SLUG,
+        $this->setPageTitle(__('Emails', 'mailpoet')),
+        __('Emails', 'mailpoet'),
+        $this->user_capability,
+        self::MAIN_PAGE_SLUG,
+        array(
+          $this,
+          'newsletters'
+        )
+      );
 
-    // add limit per page to screen options
-    add_action('load-' . $newsletters_page, function() {
-      add_screen_option('per_page', array(
-        'label' => _x(
-          'Number of newsletters per page',
-          'newsletters per page (screen options)',
-          'mailpoet'
-        ),
-        'option' => 'mailpoet_newsletters_per_page'
-      ));
-    });
+      // add limit per page to screen options
+      add_action('load-' . $newsletters_page, function() {
+        add_screen_option('per_page', array(
+          'label' => _x(
+            'Number of newsletters per page',
+            'newsletters per page (screen options)',
+            'mailpoet'
+          ),
+          'option' => 'mailpoet_newsletters_per_page'
+        ));
+      });
 
-    $forms_page = add_submenu_page(
-      $main_page_slug,
-      $this->setPageTitle(__('Forms', 'mailpoet')),
-      __('Forms', 'mailpoet'),
-      AccessControl::validatePermission(AccessControl::PERMISSION_MANAGE_FORMS),
-      'mailpoet-forms',
-      array(
-        $this,
-        'forms'
-      )
-    );
-    // add limit per page to screen options
-    add_action('load-' . $forms_page, function() {
-      add_screen_option('per_page', array(
-        'label' => _x(
-          'Number of forms per page',
-          'forms per page (screen options)',
-          'mailpoet'
-        ),
-        'option' => 'mailpoet_forms_per_page'
-      ));
-    });
+      // newsletter editor
+      add_submenu_page(
+        true,
+        $this->setPageTitle(__('Newsletter', 'mailpoet')),
+        __('Newsletter Editor', 'mailpoet'),
+        $this->user_capability,
+        'mailpoet-newsletter-editor',
+        array(
+          $this,
+          'newletterEditor'
+        )
+      );
+    }
 
-    $subscribers_page = add_submenu_page(
-      $main_page_slug,
-      $this->setPageTitle(__('Subscribers', 'mailpoet')),
-      __('Subscribers', 'mailpoet'),
-      AccessControl::validatePermission(AccessControl::PERMISSION_MANAGE_SUBSCRIBERS),
-      'mailpoet-subscribers',
-      array(
-        $this,
-        'subscribers'
-      )
-    );
-    // add limit per page to screen options
-    add_action('load-' . $subscribers_page, function() {
-      add_screen_option('per_page', array(
-        'label' => _x(
-          'Number of subscribers per page',
-          'subscribers per page (screen options)',
-          'mailpoet'
-        ),
-        'option' => 'mailpoet_subscribers_per_page'
-      ));
-    });
+    // Forms page
+    if($this->access_control->validatePermission(AccessControl::PERMISSION_MANAGE_FORMS)) {
+      $forms_page = add_submenu_page(
+        self::MAIN_PAGE_SLUG,
+        $this->setPageTitle(__('Forms', 'mailpoet')),
+        __('Forms', 'mailpoet'),
+        $this->user_capability,
+        'mailpoet-forms',
+        array(
+          $this,
+          'forms'
+        )
+      );
 
-    $segments_page = add_submenu_page(
-      $main_page_slug,
-      $this->setPageTitle(__('Lists', 'mailpoet')),
-      __('Lists', 'mailpoet'),
-      AccessControl::validatePermission(AccessControl::PERMISSION_MANAGE_SEGMENTS),
-      'mailpoet-segments',
-      array(
-        $this,
-        'segments'
-      )
-    );
+      // add limit per page to screen options
+      add_action('load-' . $forms_page, function() {
+        add_screen_option('per_page', array(
+          'label' => _x(
+            'Number of forms per page',
+            'forms per page (screen options)',
+            'mailpoet'
+          ),
+          'option' => 'mailpoet_forms_per_page'
+        ));
+      });
 
-    // add limit per page to screen options
-    add_action('load-' . $segments_page, function() {
-      add_screen_option('per_page', array(
-        'label' => _x(
-          'Number of segments per page',
-          'segments per page (screen options)',
-          'mailpoet'
-        ),
-        'option' => 'mailpoet_segments_per_page'
-      ));
-    });
+      // form editor
+      add_submenu_page(
+        true,
+        $this->setPageTitle(__('Form Editor', 'mailpoet')),
+        __('Form Editor', 'mailpoet'),
+        $this->user_capability,
+        'mailpoet-form-editor',
+        array(
+          $this,
+          'formEditor'
+        )
+      );
+    }
 
+    // Subscribers page
+    if($this->access_control->validatePermission(AccessControl::PERMISSION_MANAGE_SUBSCRIBERS)) {
+      $subscribers_page = add_submenu_page(
+        self::MAIN_PAGE_SLUG,
+        $this->setPageTitle(__('Subscribers', 'mailpoet')),
+        __('Subscribers', 'mailpoet'),
+        $this->user_capability,
+        'mailpoet-subscribers',
+        array(
+          $this,
+          'subscribers'
+        )
+      );
+
+      // add limit per page to screen options
+      add_action('load-' . $subscribers_page, function() {
+        add_screen_option('per_page', array(
+          'label' => _x(
+            'Number of subscribers per page',
+            'subscribers per page (screen options)',
+            'mailpoet'
+          ),
+          'option' => 'mailpoet_subscribers_per_page'
+        ));
+      });
+
+      // import
+      add_submenu_page(
+        'admin.php?page=mailpoet-subscribers',
+        $this->setPageTitle(__('Import', 'mailpoet')),
+        __('Import', 'mailpoet'),
+        $this->user_capability,
+        'mailpoet-import',
+        array(
+          $this,
+          'import'
+        )
+      );
+
+      // export
+      add_submenu_page(
+        true,
+        $this->setPageTitle(__('Export', 'mailpoet')),
+        __('Export', 'mailpoet'),
+        $this->user_capability,
+        'mailpoet-export',
+        array(
+          $this,
+          'export'
+        )
+      );
+    }
+
+    // Segments page
+    if($this->access_control->validatePermission(AccessControl::PERMISSION_MANAGE_SEGMENTS)) {
+      $segments_page = add_submenu_page(
+        self::MAIN_PAGE_SLUG,
+        $this->setPageTitle(__('Lists', 'mailpoet')),
+        __('Lists', 'mailpoet'),
+        $this->user_capability,
+        'mailpoet-segments',
+        array(
+          $this,
+          'segments'
+        )
+      );
+
+      // add limit per page to screen options
+      add_action('load-' . $segments_page, function() {
+        add_screen_option('per_page', array(
+          'label' => _x(
+            'Number of segments per page',
+            'segments per page (screen options)',
+            'mailpoet'
+          ),
+          'option' => 'mailpoet_segments_per_page'
+        ));
+      });
+    }
+
+    // Settings page
+    if($this->access_control->validatePermission(AccessControl::PERMISSION_MANAGE_SETTINGS)) {
+      add_submenu_page(
+        self::MAIN_PAGE_SLUG,
+        $this->setPageTitle(__('Settings', 'mailpoet')),
+        __('Settings', 'mailpoet'),
+        $this->user_capability,
+        'mailpoet-settings',
+        array(
+          $this,
+          'settings'
+        )
+      );
+    }
+
+    // Help page
     add_submenu_page(
-      $main_page_slug,
-      $this->setPageTitle(__('Settings', 'mailpoet')),
-      __('Settings', 'mailpoet'),
-      AccessControl::validatePermission(AccessControl::PERMISSION_MANAGE_SETTINGS),
-      'mailpoet-settings',
-      array(
-        $this,
-        'settings'
-      )
-    );
-
-    add_submenu_page(
-      $main_page_slug,
+      self::MAIN_PAGE_SLUG,
       $this->setPageTitle(__('Help', 'mailpoet')),
       __('Help', 'mailpoet'),
-      AccessControl::validatePermission(AccessControl::PERMISSION_ACCESS_PLUGIN),
+      $this->user_capability,
       'mailpoet-help',
       array(
         $this,
@@ -182,12 +260,13 @@ class Menu {
       )
     );
 
+    // Premium page
     // Only show this page in menu if the Premium plugin is not activated
     add_submenu_page(
-      License::getLicense() ? true : $main_page_slug,
+      License::getLicense() ? true : self::MAIN_PAGE_SLUG,
       $this->setPageTitle(__('Premium', 'mailpoet')),
       __('Premium', 'mailpoet'),
-      AccessControl::validatePermission(AccessControl::PERMISSION_ACCESS_PLUGIN),
+      $this->user_capability,
       'mailpoet-premium',
       array(
         $this,
@@ -195,35 +274,12 @@ class Menu {
       )
     );
 
-    add_submenu_page(
-      'admin.php?page=mailpoet-subscribers',
-      $this->setPageTitle(__('Import', 'mailpoet')),
-      __('Import', 'mailpoet'),
-      AccessControl::validatePermission(AccessControl::PERMISSION_MANAGE_SUBSCRIBERS),
-      'mailpoet-import',
-      array(
-        $this,
-        'import'
-      )
-    );
-
-    add_submenu_page(
-      true,
-      $this->setPageTitle(__('Export', 'mailpoet')),
-      __('Export', 'mailpoet'),
-      AccessControl::validatePermission(AccessControl::PERMISSION_MANAGE_SUBSCRIBERS),
-      'mailpoet-export',
-      array(
-        $this,
-        'export'
-      )
-    );
-
+    // Welcome page
     add_submenu_page(
       true,
       $this->setPageTitle(__('Welcome', 'mailpoet')),
       __('Welcome', 'mailpoet'),
-      AccessControl::validatePermission(AccessControl::PERMISSION_ACCESS_PLUGIN),
+      $this->user_capability,
       'mailpoet-welcome',
       array(
         $this,
@@ -231,11 +287,12 @@ class Menu {
       )
     );
 
+    // Update page
     add_submenu_page(
       true,
       $this->setPageTitle(__('Update', 'mailpoet')),
       __('Update', 'mailpoet'),
-      AccessControl::validatePermission(AccessControl::PERMISSION_ACCESS_PLUGIN),
+      $this->user_capability,
       'mailpoet-update',
       array(
         $this,
@@ -243,41 +300,18 @@ class Menu {
       )
     );
 
+    // Migration page
     add_submenu_page(
       true,
       $this->setPageTitle(__('Migration', 'mailpoet')),
       '',
-      AccessControl::validatePermission(AccessControl::PERMISSION_MANAGE_SETTINGS),
+      $this->user_capability,
       'mailpoet-migration',
       array(
         $this,
         'migration'
       )
     );
-
-    add_submenu_page(
-      true,
-      $this->setPageTitle(__('Form Editor', 'mailpoet')),
-      __('Form Editor', 'mailpoet'),
-      AccessControl::validatePermission(AccessControl::PERMISSION_MANAGE_FORMS),
-      'mailpoet-form-editor',
-      array(
-        $this,
-        'formEditor'
-      )
-    );
-
-    add_submenu_page(
-      true,
-      $this->setPageTitle(__('Newsletter', 'mailpoet')),
-      __('Newsletter Editor', 'mailpoet'),
-      AccessControl::validatePermission(AccessControl::PERMISSION_MANAGE_EMAILS),
-      'mailpoet-newsletter-editor',
-      array(
-        $this,
-        'newletterEditor'
-      )
-    );
   }
 
   function welcome() {
@@ -295,20 +329,20 @@ class Menu {
       or
       strpos($redirect_url, 'mailpoet') === false
     ) {
-      $redirect_url = admin_url('admin.php?page=mailpoet-newsletters');
+      $redirect_url = admin_url('admin.php?page=' . self::MAIN_PAGE_SLUG);
     }
 
     $data = array(
       'settings' => Setting::getAll(),
       'current_user' => wp_get_current_user(),
       'redirect_url' => $redirect_url,
-      'sub_menu' => 'mailpoet-newsletters'
+      'sub_menu' => self::MAIN_PAGE_SLUG
     );
     $this->displayPage('welcome.html', $data);
   }
 
   function migration() {
-    $mp2_migrator = new MP2Migrator();
+    $mp2_migrator = new MP2Migrator($this->access_control);
     $mp2_migrator->init();
     $data = array(
       'log_file_url' => $mp2_migrator->log_file_url,
@@ -330,14 +364,14 @@ class Menu {
       or
       strpos($redirect_url, 'mailpoet') === false
     ) {
-      $redirect_url = admin_url('admin.php?page=mailpoet-newsletters');
+      $redirect_url = admin_url('admin.php?page=' . self::MAIN_PAGE_SLUG);
     }
 
     $data = array(
       'settings' => Setting::getAll(),
       'current_user' => wp_get_current_user(),
       'redirect_url' => $redirect_url,
-      'sub_menu' => 'mailpoet-newsletters'
+      'sub_menu' => self::MAIN_PAGE_SLUG
     );
 
     $readme_file = Env::$path . '/readme.txt';
@@ -354,7 +388,7 @@ class Menu {
   function premium() {
     $data = array(
       'subscriber_count' => Subscriber::getTotalSubscribers(),
-      'sub_menu' => 'mailpoet-newsletters'
+      'sub_menu' => self::MAIN_PAGE_SLUG
     );
 
     $this->displayPage('premium.html', $data);
@@ -507,7 +541,7 @@ class Menu {
       'shortcodes' => ShortcodesHelper::getShortcodes(),
       'settings' => Setting::getAll(),
       'current_wp_user' => Subscriber::getCurrentWPUser(),
-      'sub_menu' => 'mailpoet-newsletters'
+      'sub_menu' => self::MAIN_PAGE_SLUG
     );
     wp_enqueue_media();
     wp_enqueue_script('tinymce-wplink', includes_url('js/tinymce/plugins/wplink/plugin.js'));
@@ -599,13 +633,13 @@ class Menu {
    * This error page is used when the initialization is failed
    * to display admin notices only
    */
-  static function addErrorPage() {
+  static function addErrorPage(AccessControl $access_control) {
     if(!self::isOnMailPoetAdminPage()) {
       return false;
     }
     // Check if page already exists
     if(get_plugin_page_hook($_REQUEST['page'], '')
-      || get_plugin_page_hook($_REQUEST['page'], 'mailpoet-newsletters')
+      || get_plugin_page_hook($_REQUEST['page'], self::MAIN_PAGE_SLUG)
     ) {
       return false;
     }
@@ -613,7 +647,7 @@ class Menu {
       true,
       'MailPoet',
       'MailPoet',
-      Env::$use_plugin_permission,
+      $access_control->user_capabilities[0],
       $_REQUEST['page'],
       array(
         __CLASS__,
@@ -629,7 +663,7 @@ class Menu {
   function checkMailPoetAPIKey(ServicesChecker $checker = null) {
     if(self::isOnMailPoetAdminPage()) {
       $show_notices = isset($_REQUEST['page'])
-        && stripos($_REQUEST['page'], 'mailpoet-newsletters') === false;
+        && stripos($_REQUEST['page'], self::MAIN_PAGE_SLUG) === false;
       $checker = $checker ?: new ServicesChecker();
       $this->mp_api_key_valid = $checker->isMailPoetAPIKeyValid($show_notices);
     }
@@ -638,7 +672,7 @@ class Menu {
   function checkPremiumKey(ServicesChecker $checker = null) {
     if(self::isOnMailPoetAdminPage()) {
       $show_notices = isset($_REQUEST['page'])
-        && stripos($_REQUEST['page'], 'mailpoet-newsletters') === false;
+        && stripos($_REQUEST['page'], self::MAIN_PAGE_SLUG) === false;
       $checker = $checker ?: new ServicesChecker();
       $this->premium_key_valid = $checker->isPremiumKeyValid($show_notices);
     }
diff --git a/lib/Router/Endpoints/ViewInBrowser.php b/lib/Router/Endpoints/ViewInBrowser.php
index 1229d1a68a..87d257c5e9 100644
--- a/lib/Router/Endpoints/ViewInBrowser.php
+++ b/lib/Router/Endpoints/ViewInBrowser.php
@@ -1,6 +1,7 @@
 <?php
 namespace MailPoet\Router\Endpoints;
 
+use MailPoet\Config\AccessControl;
 use MailPoet\Config\Env;
 use MailPoet\Models\Newsletter;
 use MailPoet\Models\SendingQueue;
@@ -20,6 +21,7 @@ class ViewInBrowser {
 
   function __construct($data) {
     $this->data = $this->_processBrowserPreviewData($data);
+    $this->access_control = new AccessControl();
   }
 
   function view() {
@@ -69,8 +71,8 @@ class ViewInBrowser {
       $data->queue = false;
     }
 
-    // allow users with 'manage_options' permission to preview any newsletter
-    if(!empty($data->preview) && current_user_can(Env::$required_permission)
+    // allow users with permission to manage emails to preview any newsletter
+    if(!empty($data->preview) && $this->access_control->validatePermission(AccessControl::PERMISSION_MANAGE_EMAILS)
     ) return $data;
 
     // allow others to preview newsletters only when newsletter hash is defined