diff --git a/app/WYGIWYH/settings.py b/app/WYGIWYH/settings.py
index 63c142d..68cb1c3 100644
--- a/app/WYGIWYH/settings.py
+++ b/app/WYGIWYH/settings.py
@@ -261,7 +261,10 @@ if DEBUG:
 REST_FRAMEWORK = {
     # Use Django's standard `django.contrib.auth` permissions,
     # or allow read-only access for unauthenticated users.
-    "DEFAULT_PERMISSION_CLASSES": ["rest_framework.permissions.DjangoModelPermissions"],
+    "DEFAULT_PERMISSION_CLASSES": [
+        "apps.api.permissions.NotInDemoMode",
+        "rest_framework.permissions.DjangoModelPermissions",
+    ],
     "DEFAULT_PAGINATION_CLASS": "rest_framework.pagination.PageNumberPagination",
     "PAGE_SIZE": 10,
     "DEFAULT_SCHEMA_CLASS": "drf_spectacular.openapi.AutoSchema",
diff --git a/app/apps/api/permissions.py b/app/apps/api/permissions.py
new file mode 100644
index 0000000..c8e19c5
--- /dev/null
+++ b/app/apps/api/permissions.py
@@ -0,0 +1,10 @@
+from rest_framework.permissions import BasePermission
+from django.conf import settings
+
+
+class NotInDemoMode(BasePermission):
+    def has_permission(self, request, view):
+        if settings.DEMO and not request.user.is_superuser:
+            return False
+        else:
+            return True