From 35ad3be9690d9c4548134e494edb70a980375da8 Mon Sep 17 00:00:00 2001
From: root <root@austorweb99.aus.biowareonline.int>
Date: Tue, 17 Dec 2013 20:34:21 +0000
Subject: [PATCH] Adding support for restricting category read access based on
 user groups

---
 public/src/forum/admin/categories.js  | 37 +++++++++++++++++-
 public/templates/admin/categories.tpl |  8 +++-
 src/categoryTools.js                  | 54 ++++++++++++++++++++++++++-
 src/groups.js                         | 36 ++++++++++++++++++
 src/routes/api.js                     | 30 +++++++++++----
 src/websockets.js                     | 31 +++++++++++++++
 6 files changed, 186 insertions(+), 10 deletions(-)

diff --git a/public/src/forum/admin/categories.js b/public/src/forum/admin/categories.js
index 0874ffa878..73eafde5df 100644
--- a/public/src/forum/admin/categories.js
+++ b/public/src/forum/admin/categories.js
@@ -211,6 +211,7 @@ define(['uploader'], function(uploader) {
 		var	modal = $('#category-permissions-modal'),
 			searchEl = modal.find('#permission-search'),
 			resultsEl = modal.find('.search-results'),
+                        groupsResultsEl = modal.find('.groups-results'),
 			searchDelay;
 
 		searchEl.off().on('keyup', function() {
@@ -263,6 +264,40 @@ define(['uploader'], function(uploader) {
 			searchEl.keyup();
 		});
 
+                // User Groups and privileges
+		socket.emit('api:admin.categories.groupsearch', cid, function(err, results) {
+			var groupsFrag = document.createDocumentFragment(),
+			liEl = document.createElement('li');
+			var numResults = results.length,
+			    resultObj;
+			
+			for(var x=0;x<numResults;x++) {
+				resultObj = results[x];
+				liEl.setAttribute('data-gid', resultObj.gid);
+				liEl.innerHTML = '<div class="pull-right">' +
+							'<div class="btn-group">' +
+							  '<button type="button" data-gpriv="+gr" class="btn btn-default' + (resultObj.privileges['+gr'] ? ' active' : '') + '">Read</button>' +
+							  '<button type="button" data-gpriv="+gw" class="btn btn-default' + (resultObj.privileges['+gw'] ? ' active' : '') + '">Write</button>' +
+							'</div>' +
+						 '</div>' +
+						 ' '+resultObj.name;
+	
+				groupsFrag.appendChild(liEl.cloneNode(true));
+			}
+			
+			groupsResultsEl.html(groupsFrag);
+		});
+		
+		groupsResultsEl.off().on('click', '[data-gpriv]', function(e) {
+			var btnEl = $(this),
+			    gid = btnEl.parents('li[data-gid]').attr('data-gid'),
+			    privilege = this.getAttribute('data-gpriv');
+			e.preventDefault();
+			socket.emit('api:admin.categories.setGroupPrivilege', cid, gid, privilege, !btnEl.hasClass('active'), function(err, privileges) {
+			    btnEl.toggleClass('active', privileges[privilege]);
+			});
+		})
+
 		modal.modal();
 	};
 
@@ -312,4 +347,4 @@ define(['uploader'], function(uploader) {
 	};
 
 	return Categories;
-});
\ No newline at end of file
+});
diff --git a/public/templates/admin/categories.tpl b/public/templates/admin/categories.tpl
index 25b85daf68..9651b387a9 100644
--- a/public/templates/admin/categories.tpl
+++ b/public/templates/admin/categories.tpl
@@ -154,6 +154,12 @@
 						</div>
 					</form>
 					<ul class="search-results"></ul>
+					<form role="form">
+						<div class="form-group">
+							<label for="permission-group-pick">User Groups</label>
+						</div>
+					</form>
+					<ul class="groups-results"></ul>
 				</div>
 			</div>
 		</div>
@@ -162,4 +168,4 @@
 	<div id="icons" style="display:none;"><div class="icon-container"><div class="row fa-icons">
 	 <div class="col-md-3"><i class="fa fa-doesnt-exist"></i></div><div class="col-md-3"><i class="fa fa-glass"></i></div><div class="col-md-3"><i class="fa fa-music"></i></div><div class="col-md-3"><i class="fa fa-search"></i></div><div class="col-md-3"><i class="fa fa-envelope-o"></i></div><div class="col-md-3"><i class="fa fa-heart"></i></div><div class="col-md-3"><i class="fa fa-star"></i></div><div class="col-md-3"><i class="fa fa-star-o"></i></div><div class="col-md-3"><i class="fa fa-user"></i></div><div class="col-md-3"><i class="fa fa-film"></i></div><div class="col-md-3"><i class="fa fa-th-large"></i></div><div class="col-md-3"><i class="fa fa-th"></i></div><div class="col-md-3"><i class="fa fa-th-list"></i></div><div class="col-md-3"><i class="fa fa-check"></i></div><div class="col-md-3"><i class="fa fa-times"></i></div><div class="col-md-3"><i class="fa fa-search-plus"></i></div><div class="col-md-3"><i class="fa fa-search-minus"></i></div><div class="col-md-3"><i class="fa fa-power-off"></i></div><div class="col-md-3"><i class="fa fa-signal"></i></div><div class="col-md-3"><i class="fa fa-cog"></i></div><div class="col-md-3"><i class="fa fa-trash-o"></i></div><div class="col-md-3"><i class="fa fa-home"></i></div><div class="col-md-3"><i class="fa fa-file-o"></i></div><div class="col-md-3"><i class="fa fa-clock-o"></i></div><div class="col-md-3"><i class="fa fa-road"></i></div><div class="col-md-3"><i class="fa fa-download"></i></div><div class="col-md-3"><i class="fa fa-arrow-circle-o-down"></i></div><div class="col-md-3"><i class="fa fa-arrow-circle-o-up"></i></div><div class="col-md-3"><i class="fa fa-inbox"></i></div><div class="col-md-3"><i class="fa fa-play-circle-o"></i></div><div class="col-md-3"><i class="fa fa-repeat"></i></div><div class="col-md-3"><i class="fa fa-refresh"></i></div><div class="col-md-3"><i class="fa fa-list-alt"></i></div><div class="col-md-3"><i class="fa fa-lock"></i></div><div class="col-md-3"><i class="fa fa-flag"></i></div><div class="col-md-3"><i class="fa fa-headphones"></i></div><div class="col-md-3"><i class="fa fa-volume-off"></i></div><div class="col-md-3"><i class="fa fa-volume-down"></i></div><div class="col-md-3"><i class="fa fa-volume-up"></i></div><div class="col-md-3"><i class="fa fa-qrcode"></i></div><div class="col-md-3"><i class="fa fa-barcode"></i></div><div class="col-md-3"><i class="fa fa-tag"></i></div><div class="col-md-3"><i class="fa fa-tags"></i></div><div class="col-md-3"><i class="fa fa-book"></i></div><div class="col-md-3"><i class="fa fa-bookmark"></i></div><div class="col-md-3"><i class="fa fa-print"></i></div><div class="col-md-3"><i class="fa fa-camera"></i></div><div class="col-md-3"><i class="fa fa-font"></i></div><div class="col-md-3"><i class="fa fa-bold"></i></div><div class="col-md-3"><i class="fa fa-italic"></i></div><div class="col-md-3"><i class="fa fa-text-height"></i></div><div class="col-md-3"><i class="fa fa-text-width"></i></div><div class="col-md-3"><i class="fa fa-align-left"></i></div><div class="col-md-3"><i class="fa fa-align-center"></i></div><div class="col-md-3"><i class="fa fa-align-right"></i></div><div class="col-md-3"><i class="fa fa-align-justify"></i></div><div class="col-md-3"><i class="fa fa-list"></i></div><div class="col-md-3"><i class="fa fa-outdent"></i></div><div class="col-md-3"><i class="fa fa-indent"></i></div><div class="col-md-3"><i class="fa fa-video-camera"></i></div><div class="col-md-3"><i class="fa fa-picture-o"></i></div><div class="col-md-3"><i class="fa fa-pencil"></i></div><div class="col-md-3"><i class="fa fa-map-marker"></i></div><div class="col-md-3"><i class="fa fa-adjust"></i></div><div class="col-md-3"><i class="fa fa-tint"></i></div><div class="col-md-3"><i class="fa fa-pencil-square-o"></i></div><div class="col-md-3"><i class="fa fa-share-square-o"></i></div><div class="col-md-3"><i class="fa fa-check-square-o"></i></div><div class="col-md-3"><i class="fa fa-arrows"></i></div><div class="col-md-3"><i class="fa fa-step-backward"></i></div><div class="col-md-3"><i class="fa fa-fast-backward"></i></div><div class="col-md-3"><i class="fa fa-backward"></i></div><div class="col-md-3"><i class="fa fa-play"></i></div><div class="col-md-3"><i class="fa fa-pause"></i></div><div class="col-md-3"><i class="fa fa-stop"></i></div><div class="col-md-3"><i class="fa fa-forward"></i></div><div class="col-md-3"><i class="fa fa-fast-forward"></i></div><div class="col-md-3"><i class="fa fa-step-forward"></i></div><div class="col-md-3"><i class="fa fa-eject"></i></div><div class="col-md-3"><i class="fa fa-chevron-left"></i></div><div class="col-md-3"><i class="fa fa-chevron-right"></i></div><div class="col-md-3"><i class="fa fa-plus-circle"></i></div><div class="col-md-3"><i class="fa fa-minus-circle"></i></div><div class="col-md-3"><i class="fa fa-times-circle"></i></div><div class="col-md-3"><i class="fa fa-check-circle"></i></div><div class="col-md-3"><i class="fa fa-question-circle"></i></div><div class="col-md-3"><i class="fa fa-info-circle"></i></div><div class="col-md-3"><i class="fa fa-crosshairs"></i></div><div class="col-md-3"><i class="fa fa-times-circle-o"></i></div><div class="col-md-3"><i class="fa fa-check-circle-o"></i></div><div class="col-md-3"><i class="fa fa-ban"></i></div><div class="col-md-3"><i class="fa fa-arrow-left"></i></div><div class="col-md-3"><i class="fa fa-arrow-right"></i></div><div class="col-md-3"><i class="fa fa-arrow-up"></i></div><div class="col-md-3"><i class="fa fa-arrow-down"></i></div><div class="col-md-3"><i class="fa fa-share"></i></div><div class="col-md-3"><i class="fa fa-expand"></i></div><div class="col-md-3"><i class="fa fa-compress"></i></div><div class="col-md-3"><i class="fa fa-plus"></i></div><div class="col-md-3"><i class="fa fa-minus"></i></div><div class="col-md-3"><i class="fa fa-asterisk"></i></div><div class="col-md-3"><i class="fa fa-exclamation-circle"></i></div><div class="col-md-3"><i class="fa fa-gift"></i></div><div class="col-md-3"><i class="fa fa-leaf"></i></div><div class="col-md-3"><i class="fa fa-fire"></i></div><div class="col-md-3"><i class="fa fa-eye"></i></div><div class="col-md-3"><i class="fa fa-eye-slash"></i></div><div class="col-md-3"><i class="fa fa-exclamation-triangle"></i></div><div class="col-md-3"><i class="fa fa-plane"></i></div><div class="col-md-3"><i class="fa fa-calendar"></i></div><div class="col-md-3"><i class="fa fa-random"></i></div><div class="col-md-3"><i class="fa fa-comment"></i></div><div class="col-md-3"><i class="fa fa-magnet"></i></div><div class="col-md-3"><i class="fa fa-chevron-up"></i></div><div class="col-md-3"><i class="fa fa-chevron-down"></i></div><div class="col-md-3"><i class="fa fa-retweet"></i></div><div class="col-md-3"><i class="fa fa-shopping-cart"></i></div><div class="col-md-3"><i class="fa fa-folder"></i></div><div class="col-md-3"><i class="fa fa-folder-open"></i></div><div class="col-md-3"><i class="fa fa-arrows-v"></i></div><div class="col-md-3"><i class="fa fa-arrows-h"></i></div><div class="col-md-3"><i class="fa fa-bar-chart-o"></i></div><div class="col-md-3"><i class="fa fa-twitter-square"></i></div><div class="col-md-3"><i class="fa fa-facebook-square"></i></div><div class="col-md-3"><i class="fa fa-camera-retro"></i></div><div class="col-md-3"><i class="fa fa-key"></i></div><div class="col-md-3"><i class="fa fa-cogs"></i></div><div class="col-md-3"><i class="fa fa-comments"></i></div><div class="col-md-3"><i class="fa fa-thumbs-o-up"></i></div><div class="col-md-3"><i class="fa fa-thumbs-o-down"></i></div><div class="col-md-3"><i class="fa fa-star-half"></i></div><div class="col-md-3"><i class="fa fa-heart-o"></i></div><div class="col-md-3"><i class="fa fa-sign-out"></i></div><div class="col-md-3"><i class="fa fa-linkedin-square"></i></div><div class="col-md-3"><i class="fa fa-thumb-tack"></i></div><div class="col-md-3"><i class="fa fa-external-link"></i></div><div class="col-md-3"><i class="fa fa-sign-in"></i></div><div class="col-md-3"><i class="fa fa-trophy"></i></div><div class="col-md-3"><i class="fa fa-github-square"></i></div><div class="col-md-3"><i class="fa fa-upload"></i></div><div class="col-md-3"><i class="fa fa-lemon-o"></i></div><div class="col-md-3"><i class="fa fa-phone"></i></div><div class="col-md-3"><i class="fa fa-square-o"></i></div><div class="col-md-3"><i class="fa fa-bookmark-o"></i></div><div class="col-md-3"><i class="fa fa-phone-square"></i></div><div class="col-md-3"><i class="fa fa-twitter"></i></div><div class="col-md-3"><i class="fa fa-facebook"></i></div><div class="col-md-3"><i class="fa fa-github"></i></div><div class="col-md-3"><i class="fa fa-unlock"></i></div><div class="col-md-3"><i class="fa fa-credit-card"></i></div><div class="col-md-3"><i class="fa fa-rss"></i></div><div class="col-md-3"><i class="fa fa-hdd-o"></i></div><div class="col-md-3"><i class="fa fa-bullhorn"></i></div><div class="col-md-3"><i class="fa fa-bell"></i></div><div class="col-md-3"><i class="fa fa-certificate"></i></div><div class="col-md-3"><i class="fa fa-hand-o-right"></i></div><div class="col-md-3"><i class="fa fa-hand-o-left"></i></div><div class="col-md-3"><i class="fa fa-hand-o-up"></i></div><div class="col-md-3"><i class="fa fa-hand-o-down"></i></div><div class="col-md-3"><i class="fa fa-arrow-circle-left"></i></div><div class="col-md-3"><i class="fa fa-arrow-circle-right"></i></div><div class="col-md-3"><i class="fa fa-arrow-circle-up"></i></div><div class="col-md-3"><i class="fa fa-arrow-circle-down"></i></div><div class="col-md-3"><i class="fa fa-globe"></i></div><div class="col-md-3"><i class="fa fa-wrench"></i></div><div class="col-md-3"><i class="fa fa-tasks"></i></div><div class="col-md-3"><i class="fa fa-filter"></i></div><div class="col-md-3"><i class="fa fa-briefcase"></i></div><div class="col-md-3"><i class="fa fa-arrows-alt"></i></div><div class="col-md-3"><i class="fa fa-users"></i></div><div class="col-md-3"><i class="fa fa-link"></i></div><div class="col-md-3"><i class="fa fa-cloud"></i></div><div class="col-md-3"><i class="fa fa-flask"></i></div><div class="col-md-3"><i class="fa fa-scissors"></i></div><div class="col-md-3"><i class="fa fa-files-o"></i></div><div class="col-md-3"><i class="fa fa-paperclip"></i></div><div class="col-md-3"><i class="fa fa-floppy-o"></i></div><div class="col-md-3"><i class="fa fa-square"></i></div><div class="col-md-3"><i class="fa fa-bars"></i></div><div class="col-md-3"><i class="fa fa-list-ul"></i></div><div class="col-md-3"><i class="fa fa-list-ol"></i></div><div class="col-md-3"><i class="fa fa-strikethrough"></i></div><div class="col-md-3"><i class="fa fa-underline"></i></div><div class="col-md-3"><i class="fa fa-table"></i></div><div class="col-md-3"><i class="fa fa-magic"></i></div><div class="col-md-3"><i class="fa fa-truck"></i></div><div class="col-md-3"><i class="fa fa-pinterest"></i></div><div class="col-md-3"><i class="fa fa-pinterest-square"></i></div><div class="col-md-3"><i class="fa fa-google-plus-square"></i></div><div class="col-md-3"><i class="fa fa-google-plus"></i></div><div class="col-md-3"><i class="fa fa-money"></i></div><div class="col-md-3"><i class="fa fa-caret-down"></i></div><div class="col-md-3"><i class="fa fa-caret-up"></i></div><div class="col-md-3"><i class="fa fa-caret-left"></i></div><div class="col-md-3"><i class="fa fa-caret-right"></i></div><div class="col-md-3"><i class="fa fa-columns"></i></div><div class="col-md-3"><i class="fa fa-sort"></i></div><div class="col-md-3"><i class="fa fa-sort-asc"></i></div><div class="col-md-3"><i class="fa fa-sort-desc"></i></div><div class="col-md-3"><i class="fa fa-envelope"></i></div><div class="col-md-3"><i class="fa fa-linkedin"></i></div><div class="col-md-3"><i class="fa fa-undo"></i></div><div class="col-md-3"><i class="fa fa-gavel"></i></div><div class="col-md-3"><i class="fa fa-tachometer"></i></div><div class="col-md-3"><i class="fa fa-comment-o"></i></div><div class="col-md-3"><i class="fa fa-comments-o"></i></div><div class="col-md-3"><i class="fa fa-bolt"></i></div><div class="col-md-3"><i class="fa fa-sitemap"></i></div><div class="col-md-3"><i class="fa fa-umbrella"></i></div><div class="col-md-3"><i class="fa fa-clipboard"></i></div><div class="col-md-3"><i class="fa fa-lightbulb-o"></i></div><div class="col-md-3"><i class="fa fa-exchange"></i></div><div class="col-md-3"><i class="fa fa-cloud-download"></i></div><div class="col-md-3"><i class="fa fa-cloud-upload"></i></div><div class="col-md-3"><i class="fa fa-user-md"></i></div><div class="col-md-3"><i class="fa fa-stethoscope"></i></div><div class="col-md-3"><i class="fa fa-suitcase"></i></div><div class="col-md-3"><i class="fa fa-bell-o"></i></div><div class="col-md-3"><i class="fa fa-coffee"></i></div><div class="col-md-3"><i class="fa fa-cutlery"></i></div><div class="col-md-3"><i class="fa fa-file-text-o"></i></div><div class="col-md-3"><i class="fa fa-building-o"></i></div><div class="col-md-3"><i class="fa fa-hospital-o"></i></div><div class="col-md-3"><i class="fa fa-ambulance"></i></div><div class="col-md-3"><i class="fa fa-medkit"></i></div><div class="col-md-3"><i class="fa fa-fighter-jet"></i></div><div class="col-md-3"><i class="fa fa-beer"></i></div><div class="col-md-3"><i class="fa fa-h-square"></i></div><div class="col-md-3"><i class="fa fa-plus-square"></i></div><div class="col-md-3"><i class="fa fa-angle-double-left"></i></div><div class="col-md-3"><i class="fa fa-angle-double-right"></i></div><div class="col-md-3"><i class="fa fa-angle-double-up"></i></div><div class="col-md-3"><i class="fa fa-angle-double-down"></i></div><div class="col-md-3"><i class="fa fa-angle-left"></i></div><div class="col-md-3"><i class="fa fa-angle-right"></i></div><div class="col-md-3"><i class="fa fa-angle-up"></i></div><div class="col-md-3"><i class="fa fa-angle-down"></i></div><div class="col-md-3"><i class="fa fa-desktop"></i></div><div class="col-md-3"><i class="fa fa-laptop"></i></div><div class="col-md-3"><i class="fa fa-tablet"></i></div><div class="col-md-3"><i class="fa fa-mobile"></i></div><div class="col-md-3"><i class="fa fa-circle-o"></i></div><div class="col-md-3"><i class="fa fa-quote-left"></i></div><div class="col-md-3"><i class="fa fa-quote-right"></i></div><div class="col-md-3"><i class="fa fa-spinner"></i></div><div class="col-md-3"><i class="fa fa-circle"></i></div><div class="col-md-3"><i class="fa fa-reply"></i></div><div class="col-md-3"><i class="fa fa-github-alt"></i></div><div class="col-md-3"><i class="fa fa-folder-o"></i></div><div class="col-md-3"><i class="fa fa-folder-open-o"></i></div><div class="col-md-3"><i class="fa fa-smile-o"></i></div><div class="col-md-3"><i class="fa fa-frown-o"></i></div><div class="col-md-3"><i class="fa fa-meh-o"></i></div><div class="col-md-3"><i class="fa fa-gamepad"></i></div><div class="col-md-3"><i class="fa fa-keyboard-o"></i></div><div class="col-md-3"><i class="fa fa-flag-o"></i></div><div class="col-md-3"><i class="fa fa-flag-checkered"></i></div><div class="col-md-3"><i class="fa fa-terminal"></i></div><div class="col-md-3"><i class="fa fa-code"></i></div><div class="col-md-3"><i class="fa fa-reply-all"></i></div><div class="col-md-3"><i class="fa fa-mail-reply-all"></i></div><div class="col-md-3"><i class="fa fa-star-half-o"></i></div><div class="col-md-3"><i class="fa fa-location-arrow"></i></div><div class="col-md-3"><i class="fa fa-crop"></i></div><div class="col-md-3"><i class="fa fa-code-fork"></i></div><div class="col-md-3"><i class="fa fa-chain-broken"></i></div><div class="col-md-3"><i class="fa fa-question"></i></div><div class="col-md-3"><i class="fa fa-info"></i></div><div class="col-md-3"><i class="fa fa-exclamation"></i></div><div class="col-md-3"><i class="fa fa-superscript"></i></div><div class="col-md-3"><i class="fa fa-subscript"></i></div><div class="col-md-3"><i class="fa fa-eraser"></i></div><div class="col-md-3"><i class="fa fa-puzzle-piece"></i></div><div class="col-md-3"><i class="fa fa-microphone"></i></div><div class="col-md-3"><i class="fa fa-microphone-slash"></i></div><div class="col-md-3"><i class="fa fa-shield"></i></div><div class="col-md-3"><i class="fa fa-calendar-o"></i></div><div class="col-md-3"><i class="fa fa-fire-extinguisher"></i></div><div class="col-md-3"><i class="fa fa-rocket"></i></div><div class="col-md-3"><i class="fa fa-maxcdn"></i></div><div class="col-md-3"><i class="fa fa-chevron-circle-left"></i></div><div class="col-md-3"><i class="fa fa-chevron-circle-right"></i></div><div class="col-md-3"><i class="fa fa-chevron-circle-up"></i></div><div class="col-md-3"><i class="fa fa-chevron-circle-down"></i></div><div class="col-md-3"><i class="fa fa-html5"></i></div><div class="col-md-3"><i class="fa fa-css3"></i></div><div class="col-md-3"><i class="fa fa-anchor"></i></div><div class="col-md-3"><i class="fa fa-unlock-alt"></i></div><div class="col-md-3"><i class="fa fa-bullseye"></i></div><div class="col-md-3"><i class="fa fa-ellipsis-h"></i></div><div class="col-md-3"><i class="fa fa-ellipsis-v"></i></div><div class="col-md-3"><i class="fa fa-rss-square"></i></div><div class="col-md-3"><i class="fa fa-play-circle"></i></div><div class="col-md-3"><i class="fa fa-ticket"></i></div><div class="col-md-3"><i class="fa fa-minus-square"></i></div><div class="col-md-3"><i class="fa fa-minus-square-o"></i></div><div class="col-md-3"><i class="fa fa-level-up"></i></div><div class="col-md-3"><i class="fa fa-level-down"></i></div><div class="col-md-3"><i class="fa fa-check-square"></i></div><div class="col-md-3"><i class="fa fa-pencil-square"></i></div><div class="col-md-3"><i class="fa fa-external-link-square"></i></div><div class="col-md-3"><i class="fa fa-share-square"></i></div><div class="col-md-3"><i class="fa fa-compass"></i></div><div class="col-md-3"><i class="fa fa-caret-square-o-down"></i></div><div class="col-md-3"><i class="fa fa-caret-square-o-up"></i></div><div class="col-md-3"><i class="fa fa-caret-square-o-right"></i></div><div class="col-md-3"><i class="fa fa-eur"></i></div><div class="col-md-3"><i class="fa fa-gbp"></i></div><div class="col-md-3"><i class="fa fa-usd"></i></div><div class="col-md-3"><i class="fa fa-inr"></i></div><div class="col-md-3"><i class="fa fa-jpy"></i></div><div class="col-md-3"><i class="fa fa-rub"></i></div><div class="col-md-3"><i class="fa fa-krw"></i></div><div class="col-md-3"><i class="fa fa-btc"></i></div><div class="col-md-3"><i class="fa fa-file"></i></div><div class="col-md-3"><i class="fa fa-file-text"></i></div><div class="col-md-3"><i class="fa fa-sort-alpha-asc"></i></div><div class="col-md-3"><i class="fa fa-sort-alpha-desc"></i></div><div class="col-md-3"><i class="fa fa-sort-amount-asc"></i></div><div class="col-md-3"><i class="fa fa-sort-amount-desc"></i></div><div class="col-md-3"><i class="fa fa-sort-numeric-asc"></i></div><div class="col-md-3"><i class="fa fa-sort-numeric-desc"></i></div><div class="col-md-3"><i class="fa fa-thumbs-up"></i></div><div class="col-md-3"><i class="fa fa-thumbs-down"></i></div><div class="col-md-3"><i class="fa fa-youtube-square"></i></div><div class="col-md-3"><i class="fa fa-youtube"></i></div><div class="col-md-3"><i class="fa fa-xing"></i></div><div class="col-md-3"><i class="fa fa-xing-square"></i></div><div class="col-md-3"><i class="fa fa-youtube-play"></i></div><div class="col-md-3"><i class="fa fa-dropbox"></i></div><div class="col-md-3"><i class="fa fa-stack-overflow"></i></div><div class="col-md-3"><i class="fa fa-instagram"></i></div><div class="col-md-3"><i class="fa fa-flickr"></i></div><div class="col-md-3"><i class="fa fa-adn"></i></div><div class="col-md-3"><i class="fa fa-bitbucket"></i></div><div class="col-md-3"><i class="fa fa-bitbucket-square"></i></div><div class="col-md-3"><i class="fa fa-tumblr"></i></div><div class="col-md-3"><i class="fa fa-tumblr-square"></i></div><div class="col-md-3"><i class="fa fa-long-arrow-down"></i></div><div class="col-md-3"><i class="fa fa-long-arrow-up"></i></div><div class="col-md-3"><i class="fa fa-long-arrow-left"></i></div><div class="col-md-3"><i class="fa fa-long-arrow-right"></i></div><div class="col-md-3"><i class="fa fa-apple"></i></div><div class="col-md-3"><i class="fa fa-windows"></i></div><div class="col-md-3"><i class="fa fa-android"></i></div><div class="col-md-3"><i class="fa fa-linux"></i></div><div class="col-md-3"><i class="fa fa-dribbble"></i></div><div class="col-md-3"><i class="fa fa-skype"></i></div><div class="col-md-3"><i class="fa fa-foursquare"></i></div><div class="col-md-3"><i class="fa fa-trello"></i></div><div class="col-md-3"><i class="fa fa-female"></i></div><div class="col-md-3"><i class="fa fa-male"></i></div><div class="col-md-3"><i class="fa fa-gittip"></i></div><div class="col-md-3"><i class="fa fa-sun-o"></i></div><div class="col-md-3"><i class="fa fa-moon-o"></i></div><div class="col-md-3"><i class="fa fa-archive"></i></div><div class="col-md-3"><i class="fa fa-bug"></i></div><div class="col-md-3"><i class="fa fa-vk"></i></div><div class="col-md-3"><i class="fa fa-weibo"></i></div><div class="col-md-3"><i class="fa fa-renren"></i></div><div class="col-md-3"><i class="fa fa-pagelines"></i></div><div class="col-md-3"><i class="fa fa-stack-exchange"></i></div><div class="col-md-3"><i class="fa fa-arrow-circle-o-right"></i></div><div class="col-md-3"><i class="fa fa-arrow-circle-o-left"></i></div><div class="col-md-3"><i class="fa fa-caret-square-o-left"></i></div><div class="col-md-3"><i class="fa fa-dot-circle-o"></i></div><div class="col-md-3"><i class="fa fa-wheelchair"></i></div><div class="col-md-3"><i class="fa fa-vimeo-square"></i></div><div class="col-md-3"><i class="fa fa-try"></i></div><div class="col-md-3"><i class="fa fa-plus-square-o"></i></div>
 	</div></div></div>
-</div>
\ No newline at end of file
+</div>
diff --git a/src/categoryTools.js b/src/categoryTools.js
index ccbce0f4fd..e1f79e8c07 100644
--- a/src/categoryTools.js
+++ b/src/categoryTools.js
@@ -65,4 +65,56 @@ CategoryTools.privileges = function(cid, uid, callback) {
 	});
 };
 
-module.exports = CategoryTools;
\ No newline at end of file
+CategoryTools.groupPrivileges = function(cid, gid, callback) {
+	async.parallel({
+		"+gr": function(next) {
+			var	key = 'cid:' + cid + ':privileges:+gr';
+			Groups.exists(key, function(err, exists) {
+				if (exists) {
+					async.parallel({
+						isMember: function(next) {
+							Groups.isMemberByGroupName(gid, key, next);
+						},
+						isEmpty: function(next) {
+							Groups.isEmptyByGroupName(key, next);
+						}
+					}, next);
+				} else {
+					next(null, {
+						isMember: false,
+						isEmpty: true
+					});
+				}
+			});
+		},
+		"+gw": function(next) {
+			var	key = 'cid:' + cid + ':privileges:+gw';
+			Groups.exists(key, function(err, exists) {
+				if (exists) {
+					async.parallel({
+						isMember: function(next) {
+							Groups.isMemberByGroupName(gid, key, next);
+						},
+						isEmpty: function(next) {
+							Groups.isEmptyByGroupName(key, next);
+						}
+					}, next);
+				} else {
+					next(null, {
+						isMember: false,
+						isEmpty: true
+					});
+				}
+			});
+		}
+	}, function(err, privileges) {
+		callback(err, !privileges ? null : {
+			"+gr": privileges['+gr'].isMember,
+			"+gw": privileges['+gw'].isMember,
+			read: (privileges['+gr'].isMember || privileges['+gr'].isEmpty),
+			write: (privileges['+gw'].isMember || privileges['+gw'].isEmpty),
+		});
+	});
+};
+
+module.exports = CategoryTools;
diff --git a/src/groups.js b/src/groups.js
index 3d56520257..782cca7ff3 100644
--- a/src/groups.js
+++ b/src/groups.js
@@ -263,4 +263,40 @@
 		});
 	};
 
+	Groups.getCategoryAccess = function(cid, uid, callback){
+		var access = false;
+		// check user group read access level
+		async.series([function(callback){
+			// get groups with read permission
+			db.getObjectField('group:gid', 'cid:' + cid + ':privileges:+gr', function(err, gid){
+				// get the user groups that belong to this read group
+				db.getSetMembers('gid:' + gid + ':members', function (err, gids) {
+					// check if user belong to any of these user groups
+					var groups_check = new Array();
+					gids.forEach(function(cgid){
+						groups_check.push(function(callback){
+							Groups.isMember(uid, cgid, function(err, isMember){
+								if (isMember){
+									access = true;
+								}
+								callback(null, gids);
+							})
+						});
+					});
+					// do a series check. We want to make sure we check all the groups before determining if the user
+					// has access or not.
+					async.series(groups_check, function(err, results){
+						callback(null, results);
+					});								
+				});
+			});
+		
+		}],
+		function(err, results){
+			// if the read group is empty we will asume that read access has been granted to ALL
+			if (results[0].length == 0){ access = true; }
+			callback(false, access);
+		});
+	};
+
 }(module.exports));
diff --git a/src/routes/api.js b/src/routes/api.js
index 45e9514ce8..cb28e0bffb 100644
--- a/src/routes/api.js
+++ b/src/routes/api.js
@@ -4,6 +4,7 @@ var path = require('path'),
 
 	db = require('../database'),
 	user = require('../user'),
+	groups = require('../groups'),
 	auth = require('./authentication'),
 	topics = require('../topics'),
 	posts = require('../posts'),
@@ -121,7 +122,15 @@ var path = require('path'),
 						if (parseInt(data.deleted, 10) === 1 && parseInt(data.expose_tools, 10) === 0) {
 							return res.json(404, {});
 						}
-						res.json(data);
+						// get the category this post belongs to and check category access
+						var cid = data.category_slug.split("/")[0];
+						groups.getCategoryAccess(cid, uid, function(err, access){
+							if (access){
+								res.json(data);
+							} else {
+								res.send(403);
+							}
+						})
 					} else next();
 				});
 			});
@@ -132,13 +141,20 @@ var path = require('path'),
 				// Category Whitelisting
 				categoryTools.privileges(req.params.id, uid, function(err, privileges) {
 					if (!err && privileges.read) {
-						categories.getCategoryById(req.params.id, uid, function (err, data) {
-							if (!err && data && parseInt(data.disabled, 10) === 0) {
-								res.json(data);
+						groups.getCategoryAccess(req.params.id, uid, function(err, access){
+							if (access){
+								categories.getCategoryById(req.params.id, uid, function (err, data) {
+									if (!err && data && parseInt(data.disabled, 10) === 0) {
+										res.json(data);
+									} else {
+										next();
+									}
+								}, req.params.id, uid);	
 							} else {
-								next();
+								res.send(403);
 							}
-						}, req.params.id, uid);
+							
+						});
 					} else {
 						res.send(403);
 					}
@@ -303,4 +319,4 @@ var path = require('path'),
 			});
 		});
 	}
-}(exports));
\ No newline at end of file
+}(exports));
diff --git a/src/websockets.js b/src/websockets.js
index 81a3bbe221..2000b34617 100644
--- a/src/websockets.js
+++ b/src/websockets.js
@@ -1084,6 +1084,37 @@ websockets.init = function(io) {
 			});
 		});
 
+		socket.on('api:admin.categories.setGroupPrivilege', function(cid, gid, privilege, set, callback) {
+			var	cb = function(err) {
+				CategoryTools.groupPrivileges(cid, gid, callback);
+			};
+
+			if (set) {
+				groups.joinByGroupName('cid:' + cid + ':privileges:' + privilege, gid, cb);
+			} else {
+				groups.leaveByGroupName('cid:' + cid + ':privileges:' + privilege, gid, cb);
+			}
+		});
+		
+		socket.on('api:admin.categories.groupsearch', function(cid, callback) {
+			groups.list({expand:false}, function(err, data){
+				async.map(data, function(groupObj, next) {
+					CategoryTools.groupPrivileges(cid, groupObj.gid, function(err, privileges) {
+						if (!err) {
+							groupObj.privileges = privileges;
+						} else {
+							winston.error('[socket api:admin.categories.groupsearch] Could not retrieve permissions');
+						}
+
+						next(null, groupObj);
+					});
+				}, function(err, data) {
+					if (!callback) socket.emit('api:admin.categories.groupsearch', data);
+					else callback(null, data);
+				});		
+			});
+		});
+
 		socket.on('api:admin.themes.getInstalled', function(callback) {
 			meta.themes.get(function(err, themeArr) {
 				callback(themeArr);