diff --git a/core/modules/user/lib/Drupal/user/Form/UserAdminPermissionsForm.php b/core/modules/user/lib/Drupal/user/Form/UserAdminPermissionsForm.php
new file mode 100644
index 0000000..1753aaf
--- /dev/null
+++ b/core/modules/user/lib/Drupal/user/Form/UserAdminPermissionsForm.php
@@ -0,0 +1,165 @@
+<?php
+
+/**
+ * @file
+ * Contains \Drupal\user\Form\UserAdminPermissionsForm.
+ */
+
+namespace Drupal\user\Form;
+
+use Drupal\Component\Utility\String;
+use Drupal\Core\Cache\Cache;
+use Drupal\Core\Controller\ControllerInterface;
+use Drupal\Core\Database\Connection;
+use Drupal\Core\Extension\ModuleHandlerInterface;
+use Drupal\Core\Form\FormInterface;
+use Symfony\Component\DependencyInjection\ContainerInterface;
+
+/**
+ * Provides the user permissions administration form.
+ */
+class UserAdminPermissionsForm implements FormInterface, ControllerInterface {
+
+  /**
+   * The database connection.
+   *
+   * @var \Drupal\Core\Database\Connection
+   */
+  protected $database;
+
+  /**
+   * The module handler.
+   *
+   * @var \Drupal\Core\Extension\ModuleHandlerInterface
+   */
+  protected $moduleHandler;
+
+  /**
+   * Constructs a new UserAdminPermissionForm.
+   *
+   * @param \Drupal\Core\Database\Connection $database
+   *   The database connection.
+   * @param \Drupal\Core\Extension\ModuleHandlerInterface $module_handler
+   *   The module handler.
+   */
+  public function __construct(Connection $database, ModuleHandlerInterface $module_handler) {
+    $this->database = $database;
+    $this->moduleHandler = $module_handler;
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  public static function create(ContainerInterface $container) {
+    return new static(
+      $container->get('database'),
+      $container->get('module_handler')
+    );
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  public function getFormID() {
+    return 'user_admin_permissions';
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  public function buildForm(array $form, array &$form_state, $role_name = NULL) {
+    // Retrieve role names for columns.
+    $role_names = user_role_names();
+    if (isset($role_name)) {
+      $role_names = array($role_name => $role_names[$role_name]);
+    }
+    // Fetch permissions for all roles or the one selected role.
+    $role_permissions = user_role_permissions(array_keys($role_names));
+
+    // Store $role_names for use when saving the data.
+    $form['role_names'] = array(
+      '#type' => 'value',
+      '#value' => $role_names,
+    );
+    // Render role/permission overview:
+    $options = array();
+    $module_info = system_get_info('module');
+    $hide_descriptions = system_admin_compact_mode();
+
+    // Get a list of all the modules implementing a hook_permission() and sort by
+    // display name.
+    $modules = array();
+    foreach ($this->moduleHandler->getImplementations('permission') as $module) {
+      $modules[$module] = $module_info[$module]['name'];
+    }
+    asort($modules);
+
+    foreach ($modules as $module => $display_name) {
+      if ($permissions = $this->moduleHandler->invoke($module, 'permission')) {
+        $form['permission'][] = array(
+          '#markup' => $module_info[$module]['name'],
+          '#id' => $module,
+        );
+        foreach ($permissions as $perm => $perm_item) {
+          // Fill in default values for the permission.
+          $perm_item += array(
+            'description' => '',
+            'restrict access' => FALSE,
+            'warning' => !empty($perm_item['restrict access']) ? t('Warning: Give to trusted roles only; this permission has security implications.') : '',
+          );
+          $options[$perm] = '';
+          $form['permission'][$perm] = array(
+            '#type' => 'item',
+            '#markup' => $perm_item['title'],
+            '#description' => theme('user_permission_description', array('permission_item' => $perm_item, 'hide' => $hide_descriptions)),
+          );
+          foreach ($role_names as $role_name => $name) {
+            // Builds arrays for checked boxes for each role
+            if (isset($role_permissions[$role_name][$perm])) {
+              $status[$role_name][] = $perm;
+            }
+          }
+        }
+      }
+    }
+
+    // Have to build checkboxes here after checkbox arrays are built
+    foreach ($role_names as $role_name => $name) {
+      $form['checkboxes'][$role_name] = array(
+        '#type' => 'checkboxes',
+        '#options' => $options,
+        '#default_value' => isset($status[$role_name]) ? $status[$role_name] : array(),
+        '#attributes' => array('class' => array('role_name-' . $role_name)),
+      );
+      $form['role_names'][$role_name] = array('#markup' => String::checkPlain($name), '#tree' => TRUE);
+    }
+
+    $form['actions'] = array('#type' => 'actions');
+    $form['actions']['submit'] = array('#type' => 'submit', '#value' => t('Save permissions'));
+
+    $form['#attached']['library'][] = array('user', 'drupal.user.permissions');
+
+    return $form;
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  public function validateForm(array &$form, array &$form_state) {
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  function submitForm(array &$form, array &$form_state) {
+    foreach ($form_state['values']['role_names'] as $role_name => $name) {
+      user_role_change_permissions($role_name, $form_state['values'][$role_name]);
+    }
+
+    drupal_set_message(t('The changes have been saved.'));
+
+    // Clear the cached pages and blocks.
+    Cache::invalidateTags(array('content' => TRUE));
+  }
+
+}
diff --git a/core/modules/user/user.admin.inc b/core/modules/user/user.admin.inc
index 95a0382..3b446bc 100644
--- a/core/modules/user/user.admin.inc
+++ b/core/modules/user/user.admin.inc
@@ -89,105 +89,6 @@ function user_admin_account() {
 }
 
 /**
- * Menu callback: administer permissions.
- *
- * @ingroup forms
- * @see user_admin_permissions_submit()
- * @see theme_user_admin_permissions()
- */
-function user_admin_permissions($form, $form_state, $rid = NULL) {
-
-  // Retrieve role names for columns.
-  $role_names = user_role_names();
-  if (isset($rid)) {
-    $role_names = array($rid => $role_names[$rid]);
-  }
-  // Fetch permissions for all roles or the one selected role.
-  $role_permissions = user_role_permissions(array_keys($role_names));
-
-  // Store $role_names for use when saving the data.
-  $form['role_names'] = array(
-    '#type' => 'value',
-    '#value' => $role_names,
-  );
-  // Render role/permission overview:
-  $options = array();
-  $module_info = system_get_info('module');
-  $hide_descriptions = system_admin_compact_mode();
-
-  // Get a list of all the modules implementing a hook_permission() and sort by
-  // display name.
-  $modules = array();
-  foreach (module_implements('permission') as $module) {
-    $modules[$module] = $module_info[$module]['name'];
-  }
-  asort($modules);
-
-  foreach ($modules as $module => $display_name) {
-    if ($permissions = module_invoke($module, 'permission')) {
-      $form['permission'][] = array(
-        '#markup' => $module_info[$module]['name'],
-        '#id' => $module,
-      );
-      foreach ($permissions as $perm => $perm_item) {
-        // Fill in default values for the permission.
-        $perm_item += array(
-          'description' => '',
-          'restrict access' => FALSE,
-          'warning' => !empty($perm_item['restrict access']) ? t('Warning: Give to trusted roles only; this permission has security implications.') : '',
-        );
-        $options[$perm] = '';
-        $form['permission'][$perm] = array(
-          '#type' => 'item',
-          '#markup' => $perm_item['title'],
-          '#description' => theme('user_permission_description', array('permission_item' => $perm_item, 'hide' => $hide_descriptions)),
-        );
-        foreach ($role_names as $rid => $name) {
-          // Builds arrays for checked boxes for each role
-          if (isset($role_permissions[$rid][$perm])) {
-            $status[$rid][] = $perm;
-          }
-        }
-      }
-    }
-  }
-
-  // Have to build checkboxes here after checkbox arrays are built
-  foreach ($role_names as $rid => $name) {
-    $form['checkboxes'][$rid] = array(
-      '#type' => 'checkboxes',
-      '#options' => $options,
-      '#default_value' => isset($status[$rid]) ? $status[$rid] : array(),
-      '#attributes' => array('class' => array('rid-' . $rid)),
-    );
-    $form['role_names'][$rid] = array('#markup' => check_plain($name), '#tree' => TRUE);
-  }
-
-  $form['actions'] = array('#type' => 'actions');
-  $form['actions']['submit'] = array('#type' => 'submit', '#value' => t('Save permissions'));
-
-  $form['#attached']['library'][] = array('user', 'drupal.user.permissions');
-
-  return $form;
-}
-
-/**
- * Save permissions selected on the administer permissions page.
- *
- * @see user_admin_permissions()
- */
-function user_admin_permissions_submit($form, &$form_state) {
-  foreach ($form_state['values']['role_names'] as $rid => $name) {
-    user_role_change_permissions($rid, $form_state['values'][$rid]);
-  }
-
-  drupal_set_message(t('The changes have been saved.'));
-
-  // Clear the cached pages and blocks.
-  cache_invalidate_tags(array('content' => TRUE));
-}
-
-/**
  * Returns HTML for the administer permissions page.
  *
  * @param $variables
diff --git a/core/modules/user/user.module b/core/modules/user/user.module
index e0ef6e6..5ba3f72 100644
--- a/core/modules/user/user.module
+++ b/core/modules/user/user.module
@@ -916,10 +916,7 @@ function user_menu() {
   $items['admin/people/permissions'] = array(
     'title' => 'Permissions',
     'description' => 'Determine access to features by selecting permissions for roles.',
-    'page callback' => 'drupal_get_form',
-    'page arguments' => array('user_admin_permissions'),
-    'access arguments' => array('administer permissions'),
-    'file' => 'user.admin.inc',
+    'route_name' => 'user_admin_permissions',
     'type' => MENU_LOCAL_TASK,
   );
   $items['admin/people/roles'] = array(
diff --git a/core/modules/user/user.routing.yml b/core/modules/user/user.routing.yml
index a4c5983..6226574 100644
--- a/core/modules/user/user.routing.yml
+++ b/core/modules/user/user.routing.yml
@@ -67,3 +67,11 @@ user_role_delete:
     _entity_form: user_role.delete
   requirements:
     _entity_access: user_role.delete
+
+user_admin_permissions:
+  pattern: '/admin/people/permissions/{role_name}'
+  defaults:
+    _form: '\Drupal\user\Form\UserAdminPermissionsForm'
+    role_name: ~
+  requirements:
+    _permission: 'administer permissions'