diff --git a/lib/PiTube/Schema/Result/ACL.pm b/lib/PiTube/Schema/Result/ACL.pm
index 7c62c3b6f7a701162087212d1fe8a8923bacb96b..0673b04811e7a96a942e51c5251100ac242d7b02 100644
--- a/lib/PiTube/Schema/Result/ACL.pm
+++ b/lib/PiTube/Schema/Result/ACL.pm
@@ -18,6 +18,7 @@ __PACKAGE__->add_columns(
     },
     qw(
         stream_id
+        rights
         class
         value
     ),
diff --git a/lib/PiTube/Schema/ResultSet/ACL.pm b/lib/PiTube/Schema/ResultSet/ACL.pm
index 2d8c4a669884cedb4c90abb99fd1e3fc4f1b44f0..a444b670b457bb886b4866f10316a73dad96b8e4 100644
--- a/lib/PiTube/Schema/ResultSet/ACL.pm
+++ b/lib/PiTube/Schema/ResultSet/ACL.pm
@@ -9,17 +9,17 @@ sub user_acl {
     my $class = shift;
     my $user  = shift;
 
-    my $grants = {};
+    my $rights = {};
 
     # verejne streamy
 
     my $streams = $class->result_source->schema->resultset('Stream')->search(
-        { is_public => 1 }
+        { is_public => 't' }
     );
 
     STREAM:
     while ( my $stream = $streams->next ) {
-        $grants->{ $stream->key} = 1; #TODO: read|write
+        $rights->{ $stream->key } = 4;
     }
 
     # na zaklade clenstvi ve skupine, role nebo user.id
@@ -49,13 +49,12 @@ sub user_acl {
         }
     );
 
-
     ACL:
     while ( my $acl = $acls->next ) {
-        $grants->{ $acl->stream->key} = 1; #TODO: read|write
+        $rights->{ $acl->stream->key } |= $acl->rights;
     }
 
-    return $grants;
+    return $rights;
 
 }
 
diff --git a/sql/migrations.sql b/sql/migrations.sql
index 4dd308c51f8c3ad1da3871c782e63f978ea6d88d..87e3102d900cc35ab8dff45ff858e9bd4ac609e2 100644
--- a/sql/migrations.sql
+++ b/sql/migrations.sql
@@ -28,6 +28,7 @@ create table "streams" (
 create table "acl" (
     "id" integer not null default nextval('uid_seq'),
     "stream_id" integer not null,
+    "rights" smallint, -- 4 - play, 2 - push, 1 - admin
     "class" text,
     "value" text,
     primary key("id"),
@@ -51,3 +52,4 @@ drop sequence "uid_seq";
 
 -- 2 up
 alter table "streams" add "description" text;
+