diff -r e2e952fcaf7c -r fb0041aa74d3 server/python2/django/renkanmanager/permissions.py
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/server/python2/django/renkanmanager/permissions.py	Mon Jan 11 18:24:14 2016 +0100
@@ -0,0 +1,94 @@
+from rest_framework import permissions
+
+
+class CanCreateRenkan(permissions.BasePermission):
+    
+    def has_permission(self, request, view):
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        
+        if (request.method == 'POST') and not request.user.has_perm('add_renkan'):
+            return False
+        
+        return True
+
+
+class CanEditRenkan(permissions.BasePermission):
+    
+    def has_object_permission(self, request, view, obj):
+        if not request.user.has_perm('view_renkan', obj):
+            return False
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        
+        if (request.method == 'PUT') and not request.user.has_perm('change_renkan', obj):
+            return False
+        
+        return True
+
+
+class CanDeleteRenkan(permissions.BasePermission):
+    
+    def has_object_permission(self, request, view, obj):
+        if not request.user.has_perm('view_renkan', obj):
+            return False
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        
+        if (request.method == 'DELETE') and not request.user.has_perm('delete_renkan', obj):
+            return False
+        
+        return True
+
+
+class CanCreateWorkspace(permissions.BasePermission):
+    
+    def has_permission(self, request, view):
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        if (request.method == 'POST') and not request.user.has_perm('add_workspace'):
+            return False
+        
+        return True
+
+
+class CanEditWorkspace(permissions.BasePermission):
+    
+    def has_object_permission(self, request, view, obj):
+        if not request.user.has_perm('view_workspace', obj):
+            return False
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        
+        if (request.method == 'PUT') and not request.user.has_perm('change_workspace', obj):
+            return False
+        
+        return True
+
+
+class CanDeleteWorkspace(permissions.BasePermission):
+    
+    def has_object_permission(self, request, view, obj):
+        if not request.user.has_perm('view_workspace', obj):
+            return False
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        
+        if (request.method == 'DELETE') and not request.user.has_perm('delete_workspace', obj):
+            return False
+        
+        return True
+
+
+class CanDeleteRevision(permissions.BasePermission):
+    
+    def has_object_permission(self, request, view, obj):
+        if not request.user.has_perm('view_revision', obj):
+            return False
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        
+        if (request.method == 'DELETE') and not request.user.has_perm('delete_revision', obj):
+            return False
+        
+        return True
\ No newline at end of file