diff --git a/rhodecode/apps/channelstream/views.py b/rhodecode/apps/channelstream/views.py
--- a/rhodecode/apps/channelstream/views.py
+++ b/rhodecode/apps/channelstream/views.py
@@ -71,6 +71,7 @@ class ChannelstreamView(object):
         except Exception:
             log.exception('Failed to decode json from request')
             raise HTTPBadRequest()
+
         try:
             channels = check_channel_permissions(
                 json_body.get('channels'),
@@ -92,7 +93,7 @@ class ChannelstreamView(object):
                 'display_name': None,
                 'display_link': None,
             }
-        user_data['permissions'] = self._rhodecode_user.permissions
+        user_data['permissions'] = self._rhodecode_user.permissions_safe
         payload = {
             'username': user.username,
             'user_state': user_data,
diff --git a/rhodecode/lib/auth.py b/rhodecode/lib/auth.py
--- a/rhodecode/lib/auth.py
+++ b/rhodecode/lib/auth.py
@@ -824,6 +824,24 @@ class AuthUser(object):
     def permissions(self):
         return self.get_perms(user=self, cache=False)
 
+    @LazyProperty
+    def permissions_safe(self):
+        """
+        Filtered permissions excluding not allowed repositories
+        """
+        perms = self.get_perms(user=self, cache=False)
+
+        perms['repositories'] = {
+            k: v for k, v in perms['repositories'].iteritems()
+            if v != 'repository.none'}
+        perms['repositories_groups'] = {
+            k: v for k, v in perms['repositories_groups'].iteritems()
+            if v != 'group.none'}
+        perms['user_groups'] = {
+            k: v for k, v in perms['user_groups'].iteritems()
+            if v != 'usergroup.none'}
+        return perms
+
     def permissions_with_scope(self, scope):
         """
         Call the get_perms function with scoped data. The scope in that function