diff --git a/app/api/middleware/PermissionCheck.js b/app/api/middleware/PermissionCheck.js
index 0c56e214..18a78066 100644
--- a/app/api/middleware/PermissionCheck.js
+++ b/app/api/middleware/PermissionCheck.js
@@ -41,8 +41,8 @@ module.exports = ( user, operation, resource, mod ) => {
     }
 
     // let's get basic
-    let canRead = resource.canRead.map( x => x.toString( ) )
-    let canWrite = resource.canWrite.map( x => x.toString( ) )
+    let canRead = resource.canRead.filter( x => !!x ).map( x => x.toString( ) )
+    let canWrite = resource.canWrite.filter( x => !!x ).map( x => x.toString( ) )
 
     switch ( operation ) {
       case 'write':
diff --git a/app/api/projects/ProjectPut.js b/app/api/projects/ProjectPut.js
index 1df6f953..f797c87b 100644
--- a/app/api/projects/ProjectPut.js
+++ b/app/api/projects/ProjectPut.js
@@ -11,7 +11,11 @@ module.exports = ( req, res ) => {
 
   Project.findOne( { _id: req.params.projectId } )
     .then( resource => PermissionCheck( req.user, 'write', resource ) )
-    .then( resource => resource.set( req.body ).save( ) )
+    .then( resource => {
+      resource.canRead = resource.canRead.filter( x => !!x )
+      resource.canWrite = resource.canWrite.filter( x => !!x )
+      return resource.set( req.body ).save( )
+    } )
     .then( ( ) => {
       res.send( { success: true, message: `Patched ${Object.keys( req.body )} for ${req.params.projectId}.` } )
     } )
diff --git a/app/api/projects/ProjectPutAddStream.js b/app/api/projects/ProjectPutAddStream.js
index 582e54a8..edcf8e7d 100644
--- a/app/api/projects/ProjectPutAddStream.js
+++ b/app/api/projects/ProjectPutAddStream.js
@@ -20,10 +20,15 @@ module.exports = async ( req, res ) => {
     project.permissions.canRead.forEach( id => {
       stream.canRead.indexOf( id ) === -1 ? stream.canRead.push( id ) : null
     } )
+
+    stream.canRead.indexOf( project.owner ) === -1 ? stream.canRead.push( project.owner ) : null
+
     project.permissions.canWrite.forEach( id => {
       stream.canWrite.indexOf( id ) === -1 ? stream.canWrite.push( id ) : null
     } )
 
+    stream.canWrite.indexOf( project.owner ) === -1 ? stream.canWrite.push( project.owner ) : null
+
     await Promise.all( [ stream.save( ), project.save( ) ] )
     return res.send( { success: true, project: project, stream: stream } )
   } catch ( err ) {
diff --git a/app/api/streams/StreamPut.js b/app/api/streams/StreamPut.js
index f768b26a..02f1f4a8 100644
--- a/app/api/streams/StreamPut.js
+++ b/app/api/streams/StreamPut.js
@@ -30,6 +30,10 @@ module.exports = ( req, res ) => {
     .then( result => {
       stream.set( req.body )
       if ( objsToSave.length > 0 ) stream.objects = result.map( obj => obj._id )
+
+      stream.canRead = stream.canRead.filter( x => !!x )
+      stream.canWrite = stream.canWrite.filter( x => !!x )
+
       return stream.save( )
     } )
     .then( ( ) => {