diff --git a/data/model.py b/data/model.py
index 07e2dc4ce..6e7b65e48 100644
--- a/data/model.py
+++ b/data/model.py
@@ -200,3 +200,37 @@ def get_user_repo_permissions(user, repository):
   select = RepositoryPermission.select()
   return select.where(RepositoryPermission.user == user,
                       RepositoryPermission.repository == repository)
+
+
+def get_user_reponame_permission(user_obj, namespace_name, repository_name):
+  repo = Repository.get(Repository.name == repository_name,
+                        Repository.namespace == namespace_name)
+  perm = RepositoryPermission.get(RepositoryPermission.user == user_obj,
+                                  RepositoryPermission.repository == repo)
+  return perm
+
+
+def set_user_repo_permission(user_obj, namespace_name, repository_name,
+                             role_name):
+  repo = Repository.get(Repository.name == repository_name,
+                        Repository.namespace == namespace_name)
+  new_role = Role.get(Role.name == role_name)
+
+  # Fetch any existing permission for this user on the repo
+  try:
+    perm = RepositoryPermission.get(RepositoryPermission.user == user_obj,
+                                    RepositoryPermission.repository == repo)
+    perm.role = new_role
+    perm.save()
+    return perm
+  except RepositoryPermission.DoesNotExist:
+    new_perm = RepositoryPermission.create(repository=repo, user=user_obj,
+                                           role=new_role)
+    return new_perm
+
+def delete_user_permission(user_obj, namespace_name, repository_name):
+  repo = Repository.get(Repository.name == repository_name,
+                        Repository.namespace == namespace_name)
+  perm = RepositoryPermission.get(RepositoryPermission.user == user_obj,
+                                  RepositoryPermission.repository == repo)
+  perm.delete_instance()
diff --git a/endpoints/api.py b/endpoints/api.py
index 5cb455da1..c4fc34f33 100644
--- a/endpoints/api.py
+++ b/endpoints/api.py
@@ -80,6 +80,7 @@ def update_repo_api(namespace, repository):
 @login_required
 @parse_repository_name
 def get_repo_api(namespace, repository):
+  logger.debug('Get repo: %s/%s' % (namespace, repository))
   def image_view(image):
     return {
       'id': image.image_id,
@@ -104,18 +105,26 @@ def get_repo_api(namespace, repository):
       tags = model.list_repository_tags(namespace, repository)
       tag_dict = {tag.name: tag_view(tag) for tag in tags}
       can_write = ModifyRepositoryPermission(namespace, repository).can()
+      can_admin = AdministerRepositoryPermission(namespace, repository).can()
       return jsonify({
         'namespace': namespace,
         'name': repository,
         'description': repo.description,
         'tags': tag_dict,
         'can_write': can_write,
+        'can_admin': can_admin,
       })
 
     abort(404)  # Not fount
   abort(403)  # Permission denied
 
 
+def role_view(repo_perm_obj):
+  return {
+    'role': repo_perm_obj.role.name
+  }
+
+
 @app.route('/api/repository/<path:repository>/permissions/', methods=['GET'])
 @login_required
 @parse_repository_name
@@ -125,14 +134,31 @@ def list_repo_permissions(namespace, repository):
     repo_perms = model.get_all_repo_users(namespace, repository)
 
     return jsonify({
-      'permissions': {repo_perm.user.username: repo_perm.role.name 
+      'permissions': {repo_perm.user.username: role_view(repo_perm) 
                       for repo_perm in repo_perms}
     })
 
   abort(403)  # Permission denied
 
+
 @app.route('/api/repository/<path:repository>/permissions/<username>',
-           methods=['PUT'])
+           methods=['GET'])
+@login_required
+@parse_repository_name
+def get_permissions(namespace, repository, username):
+  logger.debug('Get repo: %s/%s permissions for user %s' %
+               (namespace, repository, username))
+  permission = AdministerRepositoryPermission(namespace, repository)
+  if permission.can():
+    user = current_user.db_user
+    perm = model.get_user_reponame_permission(user, namespace, repository)
+    return jsonify(role_view(perm))
+
+  abort(403)  # Permission denied
+
+
+@app.route('/api/repository/<path:repository>/permissions/<username>',
+           methods=['PUT', 'POST'])
 @login_required
 @parse_repository_name
 def change_permissions(namespace, repository, username):
@@ -140,8 +166,27 @@ def change_permissions(namespace, repository, username):
   if permission.can():
     new_permission = request.get_json()
 
-    return jsonify({
-      'setting_permission_to': [permission_view(repo_perm) for repo_perm in repo_perms]
-    })
+    user = current_user.db_user
+    logger.debug('Setting permission to: %s for user %s' %
+                 (new_permission['role'], username))
+    perm = model.set_user_repo_permission(user, namespace, repository,
+                                          new_permission['role'])
 
-  abort(403)  # Permission denied
\ No newline at end of file
+    resp = jsonify(role_view(perm))
+    if request.method == 'POST':
+      resp.status_code = 201
+    return resp
+
+  abort(403)  # Permission denied
+
+@app.route('/api/repository/<path:repository>/permissions/<username>',
+           methods=['DELETE'])
+@login_required
+@parse_repository_name
+def delete_permissions(namespace, repository, username):
+  permission = AdministerRepositoryPermission(namespace, repository)
+  if permission.can():
+    model.delete_user_permission(current_user.db_user, namespace, repository)
+    return make_response('Deleted', 204)
+
+  abort(403)  # Permission denied