diff --git a/glance/api/v1/images.py b/glance/api/v1/images.py
index 91b26142f8..bc2f37e7ca 100644
--- a/glance/api/v1/images.py
+++ b/glance/api/v1/images.py
@@ -821,6 +821,12 @@ def delete(self, req, id):
                                 request=req,
                                 content_type="text/plain")
 
+        if image['status'] == 'deleted':
+            msg = _("Forbidden to delete a deleted image.")
+            LOG.debug(msg)
+            raise HTTPForbidden(explanation=msg, request=req,
+                                content_type="text/plain")
+
         status = 'deleted'
         try:
             # The image's location field may be None in the case
diff --git a/glance/tests/unit/v1/test_api.py b/glance/tests/unit/v1/test_api.py
index 691d42d65d..1996b0f33c 100644
--- a/glance/tests/unit/v1/test_api.py
+++ b/glance/tests/unit/v1/test_api.py
@@ -198,6 +198,38 @@ def test_show_invalid(self):
         res = req.get_response(self.api)
         self.assertEquals(res.status_int, 404)
 
+    def test_show_deleted_image_as_admin(self):
+        """
+        Tests that the /images/<id> registry API endpoint
+        returns a 200 for deleted image to admin user.
+        """
+        # Delete image #2
+        req = webob.Request.blank('/images/%s' % UUID2)
+        req.method = 'DELETE'
+        res = req.get_response(self.api)
+        self.assertEquals(res.status_int, 200)
+
+        req = webob.Request.blank('/images/%s' % UUID2)
+        res = req.get_response(self.api)
+        self.assertEquals(res.status_int, 200)
+
+    def test_show_deleted_image_as_nonadmin(self):
+        """
+        Tests that the /images/<id> registry API endpoint
+        returns a 404 for deleted image to non-admin user.
+        """
+        # Delete image #2
+        req = webob.Request.blank('/images/%s' % UUID2)
+        req.method = 'DELETE'
+        res = req.get_response(self.api)
+        self.assertEquals(res.status_int, 200)
+
+        api = test_utils.FakeAuthMiddleware(rserver.API(self.mapper),
+                                            is_admin=False)
+        req = webob.Request.blank('/images/%s' % UUID2)
+        res = req.get_response(api)
+        self.assertEquals(res.status_int, 404)
+
     def test_get_root(self):
         """
         Tests that the root registry API returns "index",
@@ -2359,6 +2391,19 @@ def test_update_deleted_image(self):
         self.assertEquals(res.status_int, webob.exc.HTTPForbidden.code)
         self.assertTrue('Forbidden to update deleted image' in res.body)
 
+    def test_delete_deleted_image(self):
+        """Tests that exception raised trying to delete a deleted image"""
+        req = webob.Request.blank("/images/%s" % UUID2)
+        req.method = 'DELETE'
+        res = req.get_response(self.api)
+        self.assertEquals(res.status_int, 200)
+
+        req = webob.Request.blank("/images/%s" % UUID2)
+        req.method = 'DELETE'
+        res = req.get_response(self.api)
+        self.assertEquals(res.status_int, webob.exc.HTTPForbidden.code)
+        self.assertTrue('Forbidden to delete a deleted image' in res.body)
+
     def test_register_and_upload(self):
         """
         Test that the process of registering an image with