diff --git a/djangoldp/serializers.py b/djangoldp/serializers.py
index eed039260aea9bf8f28825fe48e11eaf0a3c2bce..1135c75c5aea4e24e4c7d14862b9a9934ff48231 100644
--- a/djangoldp/serializers.py
+++ b/djangoldp/serializers.py
@@ -6,6 +6,7 @@ from rest_framework.relations import HyperlinkedRelatedField, ManyRelatedField,
 from rest_framework.serializers import HyperlinkedModelSerializer, ListSerializer
 from rest_framework.utils.serializer_helpers import ReturnDict
 from rest_framework.utils.field_mapping import get_nested_relation_kwargs
+from guardian.shortcuts import get_perms
 
 class ContainerSerializer(ListSerializer):
     def to_representation(self, data):
@@ -76,6 +77,7 @@ class LDPSerializer(HyperlinkedModelSerializer):
         data = super().to_representation(obj)
         if hasattr(obj._meta, 'rdf_type'):
             data['@type'] = obj._meta.rdf_type
+        data['permissions'] = [{'mode': name.split('_')[0]} for name in get_perms(self.context['request'].user, obj)]
         return data
     
     def build_nested_field(self, field_name, relation_info, nested_depth):
diff --git a/djangoldp/views.py b/djangoldp/views.py
index 47bbcf892dc4d3a982cb3131f26ca5b9c9287600..b3e68f58bd99dce96348b713d544eeb195dd6237 100644
--- a/djangoldp/views.py
+++ b/djangoldp/views.py
@@ -9,6 +9,7 @@ from django.utils.decorators import classonlymethod
 from rest_framework.authentication import SessionAuthentication
 from rest_framework.renderers import JSONRenderer
 from rest_framework.parsers import JSONParser
+from rest_framework.permissions import DjangoObjectPermissions
 from rest_framework.viewsets import ModelViewSet
 from .serializers import LDPSerializer
 
@@ -28,6 +29,17 @@ class NoCSRFAuthentication(SessionAuthentication):
     def enforce_csrf(self, request):
         return
 
+class WACPermissions(DjangoObjectPermissions):
+    perms_map = {
+        'GET': ['%(app_label)s.view_%(model_name)s'],
+        'OPTIONS': ['%(app_label)s.view_%(model_name)s'],
+        'HEAD': ['%(app_label)s.view_%(model_name)s'],
+        'POST': ['%(app_label)s.add_%(model_name)s'],
+        'PUT': ['%(app_label)s.change_%(model_name)s'],
+        'PATCH': ['%(app_label)s.change_%(model_name)s'],
+        'DELETE': ['%(app_label)s.delete_%(model_name)s'],
+    }
+
 class LDPViewSetGenerator(ModelViewSet):
     """An extension of ModelViewSet that generates automatically URLs for the model"""
     model = None
@@ -80,6 +92,7 @@ class LDPViewSet(LDPViewSetGenerator):
     renderer_classes = (JSONLDRenderer, )
     parser_classes = (JSONLDParser, )
     authentication_classes = (NoCSRFAuthentication,)
+    permission_classes = (WACPermissions,)
     
     def __init__(self, **kwargs):
         super().__init__(**kwargs)