diff --git a/app/controllers/spotlight/exhibits_controller.rb b/app/controllers/spotlight/exhibits_controller.rb
index c8500e7a6..3e8933eab 100644
--- a/app/controllers/spotlight/exhibits_controller.rb
+++ b/app/controllers/spotlight/exhibits_controller.rb
@@ -20,6 +20,17 @@ def update
     end
   end
 
+  def destroy
+    @exhibit.destroy
+
+    redirect_path = if @exhibit.default?
+      spotlight.exhibit_root_path(exhibit_id: Spotlight::Exhibit.default)
+    else
+      main_app.root_url
+    end
+    redirect_to redirect_path, notice: 'Exhibit was successfully destroyed.'
+  end
+
   protected
 
   def exhibit_params
diff --git a/app/controllers/spotlight/roles_controller.rb b/app/controllers/spotlight/roles_controller.rb
index b59348df0..09711999a 100644
--- a/app/controllers/spotlight/roles_controller.rb
+++ b/app/controllers/spotlight/roles_controller.rb
@@ -5,12 +5,12 @@ class RolesController < Spotlight::ApplicationController
     load_and_authorize_resource through: :exhibit, except: [:update_all]
 
     def index
-      # every admin should at least see themseleves
-      raise CanCan::AccessDenied if @roles.empty?
+      role = @exhibit.roles.build
+      authorize! :edit, role
+      
       add_breadcrumb t(:'spotlight.exhibits.breadcrumb', title: @exhibit.title), @exhibit
       add_breadcrumb t(:'spotlight.administration.sidebar.header'), exhibit_dashboard_path(@exhibit)
       add_breadcrumb t(:'spotlight.administration.sidebar.users'), exhibit_roles_path(@exhibit)
-      @exhibit.roles.build
     end
 
     def update_all
diff --git a/app/models/concerns/spotlight/user.rb b/app/models/concerns/spotlight/user.rb
index 5ac79971a..8d54f5052 100644
--- a/app/models/concerns/spotlight/user.rb
+++ b/app/models/concerns/spotlight/user.rb
@@ -4,6 +4,10 @@ module Spotlight::User
     has_many :roles, class_name: 'Spotlight::Role'
   end
 
+  def superadmin?
+    admin_roles.where(exhibit_id: nil).any?
+  end
+
   def admin_roles
     roles.where(role: 'admin')
   end
diff --git a/app/models/spotlight/ability.rb b/app/models/spotlight/ability.rb
index e191a88bd..492a1ccf2 100644
--- a/app/models/spotlight/ability.rb
+++ b/app/models/spotlight/ability.rb
@@ -4,6 +4,10 @@ module Spotlight::Ability
   def initialize(user)
     user ||= ::User.new
     
+    if user.superadmin?
+      can :manage, :all
+    end
+
     # This is the "right" way to do it. But it doesn't work in rails 4
     # until this PR is merged: https://github.com/ryanb/cancan/pull/917
     # can :create, Spotlight::Exhibit, admin_roles: { id: user.role_ids } 
diff --git a/app/models/spotlight/exhibit.rb b/app/models/spotlight/exhibit.rb
index cc50b6e7d..20e35d680 100644
--- a/app/models/spotlight/exhibit.rb
+++ b/app/models/spotlight/exhibit.rb
@@ -5,19 +5,19 @@ class Spotlight::Exhibit < ActiveRecord::Base
   friendly_id :title, use: [:slugged,:finders]
 
   DEFAULT = 'default'.freeze
-  has_many :roles
-  has_many :searches
-  has_many :pages
+  has_many :roles, dependent: :delete_all
+  has_many :searches, dependent: :delete_all
+  has_many :pages, dependent: :delete_all
   has_many :about_pages
   has_many :feature_pages
   has_one :home_page
   has_many :home_pages
   has_many :users, through: :roles, class_name: '::User'
-  has_many :custom_fields
-  has_many :contacts       # These are the contacts who appear in the sidebar
-  has_many :contact_emails # These are the contacts who get "Contact us" emails 
-  has_many :attachments
-  has_one :blacklight_configuration, class_name: Spotlight::BlacklightConfiguration
+  has_many :custom_fields, dependent: :delete_all
+  has_many :contacts, dependent: :delete_all       # These are the contacts who appear in the sidebar
+  has_many :contact_emails, dependent: :delete_all # These are the contacts who get "Contact us" emails 
+  has_many :attachments, dependent: :destroy
+  has_one :blacklight_configuration, class_name: Spotlight::BlacklightConfiguration, dependent: :delete
 
   accepts_nested_attributes_for :blacklight_configuration
   accepts_nested_attributes_for :searches
@@ -56,6 +56,10 @@ def to_s
     title
   end
 
+  def default?
+    name == DEFAULT
+  end
+
   protected
 
   def initialize_config
diff --git a/app/views/spotlight/exhibits/edit.html.erb b/app/views/spotlight/exhibits/edit.html.erb
index ee90551f4..9198aa1b6 100644
--- a/app/views/spotlight/exhibits/edit.html.erb
+++ b/app/views/spotlight/exhibits/edit.html.erb
@@ -14,6 +14,7 @@
     <% end %>
 
     <div class="form-actions">
+      <%= delete_link @exhibit, class: 'btn btn-danger' %>
       <div class="primary-actions">
         <%= f.submit nil, class: 'btn btn-primary' %>
       </div>
@@ -21,4 +22,3 @@
   </div>
 <% end %>
 </div>
-
diff --git a/config/routes.rb b/config/routes.rb
index 3ccbdc06e..b2665d5bb 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -3,7 +3,7 @@
   devise_for :contact_email, class_name: "Spotlight::ContactEmail", only: [:confirmations]
   get '/:exhibit_id' => 'home_pages#show', as: :exhibit_root
 
-  resources :exhibits, path: '/', only: [:edit, :update] do
+  resources :exhibits, path: '/', only: [:edit, :update, :destroy] do
     resources :attachments, only: :create
     resource :contact_form, path: "contact", only: [:new, :create]
     resource :blacklight_configuration, only: [:update]
diff --git a/lib/tasks/spotlight_tasks.rake b/lib/tasks/spotlight_tasks.rake
index a33a95760..5c6a8acd9 100644
--- a/lib/tasks/spotlight_tasks.rake
+++ b/lib/tasks/spotlight_tasks.rake
@@ -6,6 +6,7 @@ namespace :spotlight do
     email = $stdin.gets.chomp
     password = prompt_password
     u = User.create!(email: email, password: password)
+    Spotlight::Role.create(user: u, exhibit: nil, role: 'admin')
     Spotlight::Role.create(user: u, exhibit: Spotlight::Exhibit.default, role: 'admin')
     puts "User created."
   end
diff --git a/spec/controllers/spotlight/exhibits_controller_spec.rb b/spec/controllers/spotlight/exhibits_controller_spec.rb
index a5c299db9..ddd7a5358 100644
--- a/spec/controllers/spotlight/exhibits_controller_spec.rb
+++ b/spec/controllers/spotlight/exhibits_controller_spec.rb
@@ -31,6 +31,12 @@
       end
     end
 
+    describe "#destroy" do
+      it "should not be allowed" do
+        delete :destroy, id: exhibit 
+        expect(response).to redirect_to main_app.new_user_session_path
+      end
+    end
   end
 
   describe "when signed in" do
@@ -61,5 +67,14 @@
         end
       end
     end
+
+    describe "#destroy" do
+      it "should be successful" do
+        delete :destroy, id: exhibit
+        expect(Spotlight::Exhibit.exists?(exhibit.id)).to be_false
+        expect(flash[:notice]).to eq "Exhibit was successfully destroyed."
+        expect(response).to redirect_to exhibit_root_path(Spotlight::Exhibit.default)
+      end
+    end
   end
 end