From 038d5e773441b57f2e02c6d8466714b0af2eb113 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rui=20Tom=C3=A9?=
 <108268980+r-tome@users.noreply.github.com>
Date: Thu, 28 Jul 2022 17:23:43 +0100
Subject: [PATCH] [EC-276] Admin with custom permission is unable to manage all
 collections (#2143)

* Updated CollectionService.GetOrganizationCollections to check if the user has permissions to view all collections

Co-authored-by: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
---
 src/Core/Services/Implementations/CollectionService.cs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Core/Services/Implementations/CollectionService.cs b/src/Core/Services/Implementations/CollectionService.cs
index 20b12694cc..e41532c1ec 100644
--- a/src/Core/Services/Implementations/CollectionService.cs
+++ b/src/Core/Services/Implementations/CollectionService.cs
@@ -124,9 +124,9 @@ namespace Bit.Core.Services
             }
 
             IEnumerable<Collection> orgCollections;
-            if (await _currentContext.OrganizationAdmin(organizationId))
+            if (await _currentContext.OrganizationAdmin(organizationId) || await _currentContext.ViewAllCollections(organizationId))
             {
-                // Admins, Owners and Providers can access all items even if not assigned to them
+                // Admins, Owners, Providers and Custom (with collection management permissions) can access all items even if not assigned to them
                 orgCollections = await _collectionRepository.GetManyByOrganizationIdAsync(organizationId);
             }
             else