diff --git a/pillar/api/projects/hooks.py b/pillar/api/projects/hooks.py
index 0c0b028d..6f2be5b5 100644
--- a/pillar/api/projects/hooks.py
+++ b/pillar/api/projects/hooks.py
@@ -57,22 +57,12 @@ def before_inserting_override_is_private_field(projects):
 
 
 def before_edit_check_permissions(document, original):
-    # Allow admin users to do whatever they want.
-    # TODO: possibly move this into the check_permissions function.
-    if user_has_role(u'admin'):
-        return
-
     check_permissions('projects', original, request.method)
 
 
 def before_delete_project(document):
     """Checks permissions before we allow deletion"""
 
-    # Allow admin users to do whatever they want.
-    # TODO: possibly move this into the check_permissions function.
-    if user_has_role(u'admin'):
-        return
-
     check_permissions('projects', document, request.method)
 
 
diff --git a/pillar/api/utils/authorization.py b/pillar/api/utils/authorization.py
index 4b5a21ff..541a7838 100644
--- a/pillar/api/utils/authorization.py
+++ b/pillar/api/utils/authorization.py
@@ -28,6 +28,10 @@ def check_permissions(collection_name, resource, method, append_allowed_methods=
     :type check_node_type: str
     """
 
+    # Admins can do anything.
+    if user_has_role(u'admin'):
+        return
+
     if not has_permissions(collection_name, resource, method, append_allowed_methods,
                            check_node_type):
         abort(403)