diff --git a/database/migrations/2017_02_15_101322_create_permissions_table.php b/database/migrations/2017_02_15_101322_create_permissions_table.php
new file mode 100644
index 0000000..fb3ba73
--- /dev/null
+++ b/database/migrations/2017_02_15_101322_create_permissions_table.php
@@ -0,0 +1,35 @@
+<?php
+
+use Illuminate\Support\Facades\Schema;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class CreatePermissionsTable extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::create('permissions', function ($table) {
+            $table->increments('id');
+            $table->string('section');
+            $table->string('description');
+            $table->boolean('is_default');
+
+            $table->timestamps();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::dropIfExists('permissions');
+    }
+}
diff --git a/database/migrations/2017_02_15_101328_create_album_group_permissions_table.php b/database/migrations/2017_02_15_101328_create_album_group_permissions_table.php
new file mode 100644
index 0000000..1f8934c
--- /dev/null
+++ b/database/migrations/2017_02_15_101328_create_album_group_permissions_table.php
@@ -0,0 +1,44 @@
+<?php
+
+use Illuminate\Support\Facades\Schema;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class CreateAlbumGroupPermissionsTable extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::create('album_group_permissions', function ($table) {
+            $table->unsignedInteger('album_id');
+            $table->unsignedInteger('group_id');
+            $table->unsignedInteger('permission_id');
+
+            $table->foreign('album_id')
+                ->references('id')->on('albums')
+                ->onDelete('cascade');
+            $table->foreign('group_id')
+                ->references('id')->on('groups')
+                ->onDelete('cascade');
+            $table->foreign('permission_id')
+                ->references('id')->on('permissions')
+                ->onDelete('no action');
+
+            $table->timestamps();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::dropIfExists('album_group_permissions');
+    }
+}
diff --git a/database/migrations/2017_02_15_101334_create_album_user_permissions_table.php b/database/migrations/2017_02_15_101334_create_album_user_permissions_table.php
new file mode 100644
index 0000000..44c2214
--- /dev/null
+++ b/database/migrations/2017_02_15_101334_create_album_user_permissions_table.php
@@ -0,0 +1,44 @@
+<?php
+
+use Illuminate\Support\Facades\Schema;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class CreateAlbumUserPermissionsTable extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::create('album_user_permissions', function ($table) {
+            $table->unsignedInteger('album_id');
+            $table->unsignedInteger('user_id');
+            $table->unsignedInteger('permission_id');
+
+            $table->foreign('album_id')
+                ->references('id')->on('albums')
+                ->onDelete('cascade');
+            $table->foreign('user_id')
+                ->references('id')->on('users')
+                ->onDelete('cascade');
+            $table->foreign('permission_id')
+                ->references('id')->on('permissions')
+                ->onDelete('no action');
+
+            $table->timestamps();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::dropIfExists('album_user_permissions');
+    }
+}
diff --git a/database/seeds/PermissionsSeeder.php b/database/seeds/PermissionsSeeder.php
new file mode 100644
index 0000000..299c7bf
--- /dev/null
+++ b/database/seeds/PermissionsSeeder.php
@@ -0,0 +1,28 @@
+<?php
+
+use Illuminate\Database\Seeder;
+
+class PermissionsSeeder extends Seeder
+{
+    /**
+     * Run the database seeds.
+     *
+     * @return void
+     */
+    public function run()
+    {
+        // album:list-gallery = controls if the album is visible in the gallery
+        DatabaseSeeder::createOrUpdate('permissions', [
+            'section' => 'album',
+            'description' => 'list-gallery',
+            'is_default' => true
+        ]);
+
+        // album:view = controls if the album can be viewed
+        DatabaseSeeder::createOrUpdate('permissions', [
+            'section' => 'album',
+            'description' => 'view',
+            'is_default' => true
+        ]);
+    }
+}
diff --git a/resources/views/themes/base/admin/show_album.blade.php b/resources/views/themes/base/admin/show_album.blade.php
index ac81ac8..733788e 100644
--- a/resources/views/themes/base/admin/show_album.blade.php
+++ b/resources/views/themes/base/admin/show_album.blade.php
@@ -190,7 +190,7 @@
                                                 </div>
                                                 <div id="collapse-{{ $group->id }}" class="panel-collapse collapse" role="tabpanel" aria-labelledby="heading-{{ $group->id }}">
                                                     <div class="panel-body">
-                                                        <p style="margin-bottom: 20px;"><a href="">Select All</a> &middot; <a href="">Select None</a></p>
+                                                        <p style="margin-bottom: 20px;"><a class="select-all" href="#">Select All</a> &middot; <a class="select-none" href="">Select None</a></p>
 
                                                         @foreach ($all_permissions as $permission)
                                                             <div class="checkbox">
@@ -405,6 +405,16 @@
             });
         }
 
+        {{-- Select All/None links on the permissions tab --}}
+        $('a.select-all').click(function() {
+            $('input:checkbox', $(this).closest('.panel-body')).prop('checked', true);
+            return false;
+        });
+        $('a.select-none').click(function() {
+            $('input:checkbox', $(this).closest('.panel-body')).prop('checked', false);
+            return false;
+        });
+
         // Bind the view models to the relevant tab
         ko.applyBindings(editViewModel, document.getElementById('photos-tab'));
         ko.applyBindings(viewModel, document.getElementById('upload-tab'));