diff --git a/djangoldp/serializers.py b/djangoldp/serializers.py
index bcb5f119535086de2e89955205a5d7d75fa2dcb0..e3573f0075e1f81804e8bb7758f97f8b5eb86e41 100644
--- a/djangoldp/serializers.py
+++ b/djangoldp/serializers.py
@@ -29,7 +29,7 @@ from rest_framework.utils.serializer_helpers import ReturnDict, BindingDict
from djangoldp.fields import LDPUrlField, IdURLField
from djangoldp.models import Model
-
+from djangoldp.permissions import DEFAULT_DJANGOLDP_PERMISSIONS
# defaults for various DjangoLDP settings (see documentation)
MAX_RECORDS_SERIALIZER_CACHE = getattr(settings, 'MAX_RECORDS_SERIALIZER_CACHE', 10000)
@@ -80,6 +80,11 @@ class RDFSerializerMixin:
'''takes a set or list of permissions and returns them in the JSON-LD format'''
if self.parent and not settings.LDP_INCLUDE_INNER_PERMS: #Don't serialize permissions on nested objects
return data
+
+ if user.is_superuser:
+ data['permissions'] = getattr(settings, 'DJANGOLDP_PERMISSIONS', DEFAULT_DJANGOLDP_PERMISSIONS)
+ return data
+
permission_classes = getattr(model._meta, 'permission_classes', [])
if not permission_classes:
return data
diff --git a/djangoldp/views.py b/djangoldp/views.py
index dc009632bd8f95a9f6a9460ff301ed6448884f10..27f0400a4cd62f84ee0ab7614e402d151c172a50 100644
--- a/djangoldp/views.py
+++ b/djangoldp/views.py
@@ -420,6 +420,21 @@ class LDPViewSet(LDPViewSetGenerator):
if None in self.filter_backends:
self.filter_backends.remove(None)
+ def filter_queryset(self, queryset):
+ if self.request.user.is_superuser:
+ return queryset
+ return super().filter_queryset(queryset)
+
+ def check_permissions(self, request):
+ if request.user.is_superuser:
+ return True
+ return super().check_permissions(request)
+
+ def check_object_permissions(self, request, obj):
+ if request.user.is_superuser:
+ return True
+ return super().check_object_permissions(request, obj)
+
def get_depth(self) -> int:
if getattr(self, 'force_depth', None):
#TODO: this exception on depth for writing should be handled by the serializer itself