diff --git a/domain/category/endpoint.go b/domain/category/endpoint.go
index ae8a1d58..85b12618 100644
--- a/domain/category/endpoint.go
+++ b/domain/category/endpoint.go
@@ -16,6 +16,7 @@ package category
 import (
 	"database/sql"
 	"encoding/json"
+	"fmt"
 	"io/ioutil"
 	"net/http"
 
@@ -280,9 +281,12 @@ func (h *Handler) Delete(w http.ResponseWriter, r *http.Request) {
 
 // GetSummary returns number of documents and users for space categories.
 func (h *Handler) GetSummary(w http.ResponseWriter, r *http.Request) {
+	fmt.Println("ctx.UserID")
+
 	method := "category.GetSummary"
 	ctx := domain.GetRequestContext(r)
 
+
 	spaceID := request.Param(r, "spaceID")
 	if len(spaceID) == 0 {
 		response.WriteMissingDataError(w, method, "spaceID")
diff --git a/domain/category/mysql/store.go b/domain/category/mysql/store.go
index fb3e9ed3..bd1427b5 100644
--- a/domain/category/mysql/store.go
+++ b/domain/category/mysql/store.go
@@ -52,8 +52,9 @@ func (s Scope) GetBySpace(ctx domain.RequestContext, spaceID string) (c []catego
 		SELECT id, refid, orgid, labelid, category, created, revised FROM category
 		WHERE orgid=? AND labelid=?
 			  AND refid IN (SELECT refid FROM permission WHERE orgid=? AND location='category' AND refid IN (
-				SELECT refid from permission WHERE orgid=? AND who='user' AND whoid=? AND location='category' UNION ALL
-				SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role' AND p.location='category' AND r.userid=?
+				SELECT refid from permission WHERE orgid=? AND who='user' AND (whoid=? OR whoid='0') AND location='category' UNION ALL
+				SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid 
+					WHERE p.orgid=? AND p.who='role' AND p.location='category' AND (r.userid=? OR r.userid='0')
 		))
 	  ORDER BY category`, ctx.OrgID, spaceID, ctx.OrgID, ctx.OrgID, ctx.UserID, ctx.OrgID, ctx.UserID)
 
@@ -73,9 +74,9 @@ func (s Scope) GetAllBySpace(ctx domain.RequestContext, spaceID string) (c []cat
 		SELECT id, refid, orgid, labelid, category, created, revised FROM category
 		WHERE orgid=? AND labelid=?
 			  AND labelid IN (SELECT refid FROM permission WHERE orgid=? AND location='space' AND refid IN (
-				SELECT refid from permission WHERE orgid=? AND who='user' AND whoid=? AND location='space' UNION ALL
+				SELECT refid from permission WHERE orgid=? AND who='user' AND (whoid=? OR whoid='0') AND location='space' UNION ALL
 				SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role' AND p.location='space' 
-					AND p.action='view' AND r.userid=?
+					AND p.action='view' AND (r.userid=? OR r.userid='0')
 		))
 	  ORDER BY category`, ctx.OrgID, spaceID, ctx.OrgID, ctx.OrgID, ctx.UserID, ctx.OrgID, ctx.UserID)
 
diff --git a/domain/permission/endpoint.go b/domain/permission/endpoint.go
index 77264f81..2dba99a1 100644
--- a/domain/permission/endpoint.go
+++ b/domain/permission/endpoint.go
@@ -136,7 +136,8 @@ func (h *Handler) SetSpacePermissions(w http.ResponseWriter, r *http.Request) {
 		// Only persist if there is a role!
 		if permission.HasAnyPermission(perm) {
 			// identify publically shared spaces
-			if perm.UserID == "0" {
+			if perm.UserID == "0" || perm.UserID == "" {
+				perm.UserID = "0"
 				hasEveryoneRole = true
 			}
 
@@ -156,7 +157,7 @@ func (h *Handler) SetSpacePermissions(w http.ResponseWriter, r *http.Request) {
 			if _, isExisting := previousRoleUsers[perm.UserID]; !isExisting {
 
 				// we skip 'everyone' (user id != empty string)
-				if perm.UserID != "0" {
+				if perm.UserID != "0" && perm.UserID != "" {
 					existingUser, err := h.Store.User.Get(ctx, perm.UserID)
 					if err != nil {
 						response.WriteServerError(w, method, err)
diff --git a/domain/space/endpoint.go b/domain/space/endpoint.go
index 6cb2e8da..bcd40f09 100644
--- a/domain/space/endpoint.go
+++ b/domain/space/endpoint.go
@@ -300,7 +300,7 @@ func (h *Handler) Get(w http.ResponseWriter, r *http.Request) {
 	response.WriteJSON(w, sp)
 }
 
-// GetAll returns spaces the user can see.
+// GetAlGetViewablel returns spaces the user can see.
 func (h *Handler) GetViewable(w http.ResponseWriter, r *http.Request) {
 	method := "space.GetViewable"
 	ctx := domain.GetRequestContext(r)
@@ -312,7 +312,6 @@ func (h *Handler) GetViewable(w http.ResponseWriter, r *http.Request) {
 		h.Runtime.Log.Error(method, err)
 		return
 	}
-
 	if len(sp) == 0 {
 		sp = []space.Space{}
 	}
@@ -320,7 +319,6 @@ func (h *Handler) GetViewable(w http.ResponseWriter, r *http.Request) {
 	response.WriteJSON(w, sp)
 }
 
-
 // GetAll returns every space for documize admin users to manage
 func (h *Handler) GetAll(w http.ResponseWriter, r *http.Request) {
 	method := "space.getAll"
@@ -329,7 +327,7 @@ func (h *Handler) GetAll(w http.ResponseWriter, r *http.Request) {
 	if !ctx.Administrator {
 		response.WriteForbiddenError(w)
 		h.Runtime.Log.Info("rejected non-admin user request for all spaces")
-		return		
+		return
 	}
 
 	sp, err := h.Store.Space.GetAll(ctx)
diff --git a/domain/space/mysql/store.go b/domain/space/mysql/store.go
index 859af755..3b6f4d4c 100644
--- a/domain/space/mysql/store.go
+++ b/domain/space/mysql/store.go
@@ -76,9 +76,9 @@ func (s Scope) GetViewable(ctx domain.RequestContext) (sp []space.Space, err err
 	SELECT id,refid,label as name,orgid,userid,type,created,revised FROM label
 	WHERE orgid=?
 		AND refid IN (SELECT refid FROM permission WHERE orgid=? AND location='space' AND refid IN (
-		SELECT refid from permission WHERE orgid=? AND who='user' AND whoid=? AND location='space' UNION ALL
+		SELECT refid from permission WHERE orgid=? AND who='user' AND (whoid=? OR whoid='0') AND location='space' UNION ALL
 		SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role' 
-		AND p.location='space' AND p.action='view' AND r.userid=?
+		AND p.location='space' AND p.action='view' AND (r.userid=? OR r.userid='0')
 	))
 	ORDER BY name`
 
diff --git a/gui/app/components/folder/category-admin.js b/gui/app/components/folder/category-admin.js
index cfc6bede..f1165b34 100644
--- a/gui/app/components/folder/category-admin.js
+++ b/gui/app/components/folder/category-admin.js
@@ -28,14 +28,14 @@ export default Ember.Component.extend(NotifierMixin, TooltipMixin, DropdownMixin
 	users: [],
 
 	didReceiveAttrs() {
+		this._super(...arguments);
+
 		this.load();
 	},
 
-	didRender() {
-		// this.addTooltip(this.$(".action"));
-	},
-
 	willDestroyElement() {
+		this._super(...arguments);
+
 		this.destroyDropdown();
 	},
 
@@ -150,7 +150,7 @@ export default Ember.Component.extend(NotifierMixin, TooltipMixin, DropdownMixin
 				// mark those users as selected that have already been given permission
 				// to see the current category;
 				users.forEach((user) => {
-					let userId = user.get('id') === '0' ? '' : user.get('id');
+					let userId = user.get('id');
 					let selected = viewers.isAny('whoId', userId);
 					user.set('selected', selected);
 				});
@@ -189,7 +189,6 @@ export default Ember.Component.extend(NotifierMixin, TooltipMixin, DropdownMixin
 
 			users.forEach((user) => {
 				let userId = user.get('id');
-				if (userId === "0") userId = '';
 
 				let v = {
 					orgId: this.get('folder.orgId'),
diff --git a/gui/app/components/folder/sidebar-folders-list.js b/gui/app/components/folder/sidebar-folders-list.js
index 50e3edf3..d53a903d 100644
--- a/gui/app/components/folder/sidebar-folders-list.js
+++ b/gui/app/components/folder/sidebar-folders-list.js
@@ -32,30 +32,25 @@ export default Ember.Component.extend(TooltipMixin, NotifierMixin, AuthMixin, {
 
 	didReceiveAttrs() {
 		let folders = this.get('folders');
-
-		// clear out state
-		this.set('publicFolders', []);
-		this.set('protectedFolders', []);
-		this.set('privateFolders', []);
+		let publicFolders = [];
+		let protectedFolders = [];
+		let privateFolders = [];
 
 		_.each(folders, folder => {
 			if (folder.get('folderType') === constants.FolderType.Public) {
-				let folders = this.get('publicFolders');
-				folders.pushObject(folder);
-				this.set('publicFolders', folders);
+				publicFolders.pushObject(folder);
 			}
 			if (folder.get('folderType') === constants.FolderType.Private) {
-				let folders = this.get('privateFolders');
-				folders.pushObject(folder);
-				this.set('privateFolders', folders);
+				protectedFolders.pushObject(folder);
 			}
 			if (folder.get('folderType') === constants.FolderType.Protected) {
-				let folders = this.get('protectedFolders');
-				folders.pushObject(folder);
-				this.set('protectedFolders', folders);
+				privateFolders.pushObject(folder);
 			}
 		});
 
+		this.set('publicFolders', publicFolders);
+		this.set('protectedFolders', protectedFolders);
+		this.set('privateFolders', privateFolders);
 		this.set('hasPublicFolders', this.get('publicFolders.length') > 0);
 		this.set('hasPrivateFolders', this.get('privateFolders.length') > 0);
 		this.set('hasProtectedFolders', this.get('protectedFolders.length') > 0);
diff --git a/server/routing/routes.go b/server/routing/routes.go
index 51e8e4f6..5640b2c0 100644
--- a/server/routing/routes.go
+++ b/server/routing/routes.go
@@ -125,18 +125,18 @@ func RegisterEndpoints(rt *env.Runtime, s *domain.Store) {
 	Add(rt, RoutePrefixPrivate, "space/{spaceID}", []string{"PUT", "OPTIONS"}, nil, space.Update)
 	Add(rt, RoutePrefixPrivate, "space", []string{"POST", "OPTIONS"}, nil, space.Add)
 
-	Add(rt, RoutePrefixPrivate, "category/document/{documentID}", []string{"GET", "OPTIONS"}, nil, category.GetDocumentCategoryMembership)
-	Add(rt, RoutePrefixPrivate, "category/space/{spaceID}", []string{"GET", "OPTIONS"}, []string{"filter", "all"}, category.GetAll)
-	Add(rt, RoutePrefixPrivate, "category/space/{spaceID}", []string{"GET", "OPTIONS"}, nil, category.Get)
-	Add(rt, RoutePrefixPrivate, "category", []string{"POST", "OPTIONS"}, nil, category.Add)
-	Add(rt, RoutePrefixPrivate, "category/{categoryID}", []string{"PUT", "OPTIONS"}, nil, category.Update)
-	Add(rt, RoutePrefixPrivate, "category/{categoryID}", []string{"DELETE", "OPTIONS"}, nil, category.Delete)
 	Add(rt, RoutePrefixPrivate, "category/space/{spaceID}/summary", []string{"GET", "OPTIONS"}, nil, category.GetSummary)
+	Add(rt, RoutePrefixPrivate, "category/document/{documentID}", []string{"GET", "OPTIONS"}, nil, category.GetDocumentCategoryMembership)
 	Add(rt, RoutePrefixPrivate, "category/{categoryID}/permission", []string{"PUT", "OPTIONS"}, nil, permission.SetCategoryPermissions)
 	Add(rt, RoutePrefixPrivate, "category/{categoryID}/permission", []string{"GET", "OPTIONS"}, nil, permission.GetCategoryPermissions)
+	Add(rt, RoutePrefixPrivate, "category/space/{spaceID}", []string{"GET", "OPTIONS"}, []string{"filter", "all"}, category.GetAll)
+	Add(rt, RoutePrefixPrivate, "category/space/{spaceID}", []string{"GET", "OPTIONS"}, nil, category.Get)
 	Add(rt, RoutePrefixPrivate, "category/{categoryID}/user", []string{"GET", "OPTIONS"}, nil, permission.GetCategoryViewers)
 	Add(rt, RoutePrefixPrivate, "category/member/space/{spaceID}", []string{"GET", "OPTIONS"}, nil, category.GetSpaceCategoryMembers)
 	Add(rt, RoutePrefixPrivate, "category/member", []string{"POST", "OPTIONS"}, nil, category.SetDocumentCategoryMembership)
+	Add(rt, RoutePrefixPrivate, "category/{categoryID}", []string{"PUT", "OPTIONS"}, nil, category.Update)
+	Add(rt, RoutePrefixPrivate, "category/{categoryID}", []string{"DELETE", "OPTIONS"}, nil, category.Delete)
+	Add(rt, RoutePrefixPrivate, "category", []string{"POST", "OPTIONS"}, nil, category.Add)
 
 	Add(rt, RoutePrefixPrivate, "users/{userID}/password", []string{"POST", "OPTIONS"}, nil, user.ChangePassword)
 	Add(rt, RoutePrefixPrivate, "users", []string{"POST", "OPTIONS"}, nil, user.Add)