diff --git a/packages/component-manuscript/src/components/SubmitRevision.js b/packages/component-manuscript/src/components/SubmitRevision.js
index 837e464858a8bbcdc0d2de1ff382a974b92a2ff5..e1fd229e148f5d5313d23dced8a2bb1e27c6fb68 100644
--- a/packages/component-manuscript/src/components/SubmitRevision.js
+++ b/packages/component-manuscript/src/components/SubmitRevision.js
@@ -96,7 +96,12 @@ const SubmitRevision = ({
         <CustomValidatedField>
           <ValidatedField
             component={() => (
-              <Files filePath="revision.files" parentForm="revision" />
+              <Files
+                filePath="revision.files"
+                parentForm="revision"
+                project={project}
+                version={version}
+              />
             )}
             name="files"
             validate={[requiredFiles]}
diff --git a/packages/xpub-faraday/config/authsome-mode.js b/packages/xpub-faraday/config/authsome-mode.js
index 6ab6182b5bdeedf99d38c1a65cf0f7f521654e14..2c9efc4c72fc24ab0339ffb0e3b7a703b7e7d6ee 100644
--- a/packages/xpub-faraday/config/authsome-mode.js
+++ b/packages/xpub-faraday/config/authsome-mode.js
@@ -135,12 +135,18 @@ async function applyAuthenticatedUserPolicy(user, operation, object, context) {
         p => p.objectId === object.id || p.objectId === object.collectionId,
       )
 
-      if (!permission) return false
-
       const collectionId = get(object, 'collectionId')
-      const { status, fragments } = await context.models.Collection.find(
-        collectionId,
-      )
+      const {
+        owners,
+        status,
+        fragments,
+      } = await context.models.Collection.find(collectionId)
+
+      if (owners.includes(user.id)) {
+        return true
+      }
+
+      if (!permission) return false
 
       return {
         filter: fragment =>