diff --git a/apps/common/api.py b/apps/common/api.py
index 6fc788ef1b..da1af95e13 100755
--- a/apps/common/api.py
+++ b/apps/common/api.py
@@ -1,5 +1,11 @@
 import copy
 
+from django.db.utils import DatabaseError
+
+from permissions.utils import has_permission
+from permissions.models import Permission
+
+
 object_navigation = {}
 menu_links = []
 model_list_columns = {}
@@ -38,3 +44,25 @@ def register_model_list_columns(model, columns):
         model_list_columns[model].extend(columns)
     else:
         model_list_columns[model] = copy.copy(columns)
+
+
+def register_permissions(app, permissions):
+    if permissions:
+        for permission in permissions:
+            full_permission_name =  "%s_%s" % (app, permission['name'])
+            try:
+                #if not Permission.objects.filter(codename=full_permission_name):
+                #    Permission(name=unicode(permission['label']), codename=full_permission_name).save()
+                permission_obj, created = Permission.objects.get_or_create(codename=full_permission_name)
+                permission_obj.name=unicode(permission['label'])
+                permission_obj.save()
+            except DatabaseError:
+                #Special case for ./manage.py syncdb
+                pass
+
+
+def check_permissions(object, user, permission_list):
+    temp_role = []
+    for permission in permission_list:
+        if has_permission(object, user, permission):
+            return True
diff --git a/apps/documents/__init__.py b/apps/documents/__init__.py
index bf98678ed6..1e36969cb7 100755
--- a/apps/documents/__init__.py
+++ b/apps/documents/__init__.py
@@ -3,7 +3,8 @@ import tempfile
 from django.utils.translation import ugettext_lazy as _
 from django.core.urlresolvers import reverse
 
-from common.api import register_links, register_menu, register_model_list_columns
+from common.api import register_links, register_menu, \
+    register_model_list_columns, register_permissions
 from common.utils import pretty_size
 
 from models import Document
@@ -33,9 +34,6 @@ register_links(['document_list', 'document_create', 'document_create_multiple',
 register_links(StagingFile, [staging_file_preview, staging_file_delete])
 
 register_model_list_columns(Document, [
-    #{'name':_(u'mimetype'), 'attribute':'file_mimetype'},
-    #{'name':_(u'added'), 'attribute':lambda x: x.date_added.date()},
-    #{'name':_(u'file size'), 'attribute':lambda x: pretty_size(x.file.storage.size(x.file.path)) if x.exists() else '-'},
     {'name':_(u'thumbnail'), 'attribute': 
         lambda x: '<a class="fancybox" href="%s"><img src="%s" /></a>' % (reverse('document_preview', args=[x.id]),
             reverse('document_thumbnail', args=[x.id]))
@@ -53,9 +51,20 @@ register_menu([
 
 TEMPORARY_DIRECTORY = documents_settings.TEMPORARY_DIRECTORY if documents_settings.TEMPORARY_DIRECTORY else tempfile.mkdtemp()
 
-    #','.join([metadata for metadata in document.documentmetadata_set.all()])
-    #    initial.append({
-    #        'metadata_type':metadata.metadata_type,
-    #        'document_type':document.document_type,
-    #        'value':metadata.value,
-    #    })    
+PERMISSION_DOCUMENT_CREATE = 'document_create'
+PERMISSION_DOCUMENT_PROPERTIES_EDIT = 'document_properties_edit'
+PERMISSION_DOCUMENT_METADATA_EDIT = 'document_metadata_edit'
+PERMISSION_DOCUMENT_VIEW = 'document_view'
+PERMISSION_DOCUMENT_DELETE = 'document_delete'
+PERMISSION_DOCUMENT_OCR = 'document_ocr'
+PERMISSION_DOCUMENT_DOWNLOAD = 'document_download'
+
+register_permissions('documents', [
+    {'name':PERMISSION_DOCUMENT_CREATE, 'label':_(u'Create document')},
+    {'name':PERMISSION_DOCUMENT_PROPERTIES_EDIT, 'label':_(u'Edit document properties')},
+    {'name':PERMISSION_DOCUMENT_METADATA_EDIT, 'label':_(u'Edit document metadata')},
+    {'name':PERMISSION_DOCUMENT_VIEW, 'label':_(u'View document')},
+    {'name':PERMISSION_DOCUMENT_DELETE, 'label':_(u'Delete document')},
+    {'name':PERMISSION_DOCUMENT_OCR, 'label':_(u'Submit document for OCR')},
+    {'name':PERMISSION_DOCUMENT_DOWNLOAD, 'label':_(u'Download document')},
+])
diff --git a/apps/documents/views.py b/apps/documents/views.py
index 5468a89e08..ea853cfbca 100755
--- a/apps/documents/views.py
+++ b/apps/documents/views.py
@@ -1,17 +1,17 @@
 from django.utils.translation import ugettext as _
-from django.http import HttpResponse, HttpResponseRedirect
+from django.http import HttpResponse, HttpResponseRedirect, Http404
 from django.shortcuts import render_to_response, get_object_or_404, redirect
 from django.template import RequestContext
 from django.contrib import messages
 from django.views.generic.list_detail import object_detail, object_list
 from django.core.urlresolvers import reverse
 from django.views.generic.create_update import create_object, delete_object, update_object
-#from django.forms.formsets import formset_factory
 from django.core.files.base import File
 from django.conf import settings
 from django.utils.http import urlencode
 from django.template.defaultfilters import slugify
 
+
 from filetransfers.api import serve_file
 from converter.api import convert, in_image_cache, QUALITY_DEFAULT
 from common.utils import pretty_size
@@ -35,6 +35,13 @@ from documents.conf.settings import THUMBNAIL_SIZE
 from documents.conf.settings import GROUP_MAX_RESULTS
 from documents.conf.settings import GROUP_SHOW_EMPTY
 
+from documents import PERMISSION_DOCUMENT_CREATE, \
+    PERMISSION_DOCUMENT_CREATE, PERMISSION_DOCUMENT_PROPERTIES_EDIT, \
+    PERMISSION_DOCUMENT_METADATA_EDIT, PERMISSION_DOCUMENT_VIEW, \
+    PERMISSION_DOCUMENT_DELETE, PERMISSION_DOCUMENT_OCR, \
+    PERMISSION_DOCUMENT_DOWNLOAD
+   
+    
 from utils import save_metadata, save_metadata_list, decode_metadata_from_url
 
 def document_list(request):
@@ -48,6 +55,10 @@ def document_list(request):
     )
 
 def document_create(request, multiple=True):
+    permissions = [PERMISSION_DOCUMENT_CREATE]
+    if not check_permissions(main_object, request.user, permissions):
+        raise Http404
+
     if DocumentType.objects.all().count() == 1:
         wizard = DocumentCreateWizard(
             document_type=DocumentType.objects.all()[0],
diff --git a/docs/TODO b/docs/TODO
index 60c6cadd7a..a294dc8f9f 100755
--- a/docs/TODO
+++ b/docs/TODO
@@ -62,3 +62,4 @@
 * Handle ziped or rar archives
 * Display preferences (Rotation, default zoom)
 * Gallery view for document groups
+* Assign default role to new users
diff --git a/settings.py b/settings.py
index f4f981399e..fe285046ce 100755
--- a/settings.py
+++ b/settings.py
@@ -126,6 +126,7 @@ INSTALLED_APPS = (
     'filetransfers',
     'converter',
     'ocr',
+    'permissions',
 )
 
 TEMPLATE_CONTEXT_PROCESSORS = (