diff --git a/packages/component-manuscript-manager/src/routes/fragmentsRecommendations/patch.js b/packages/component-manuscript-manager/src/routes/fragmentsRecommendations/patch.js
index f6c780a6ff0150a457579fa65c4c93c8db2e4d16..11f3bd7edae3cb321b7f06f67272f226544657c1 100644
--- a/packages/component-manuscript-manager/src/routes/fragmentsRecommendations/patch.js
+++ b/packages/component-manuscript-manager/src/routes/fragmentsRecommendations/patch.js
@@ -46,7 +46,10 @@ module.exports = models => async (req, res) => {
         mailService,
       })
       if (!['pendingApproval', 'revisionRequested'].includes(collection.status))
-        await collectionHelper.updateStatus(collection, 'reviewCompleted')
+        await collectionHelper.updateStatusByRecommendation(
+          collection,
+          recommendation,
+        )
     }
     await fragment.save()
     return res.status(200).json(recommendation)
diff --git a/packages/xpub-faraday/config/authsome-helpers.js b/packages/xpub-faraday/config/authsome-helpers.js
index 1add8d99b7fb8eca56a2abb7bf43088d599e5efc..3604124b1a8f1a7a6259bed680f0d23b4742377d 100644
--- a/packages/xpub-faraday/config/authsome-helpers.js
+++ b/packages/xpub-faraday/config/authsome-helpers.js
@@ -60,14 +60,19 @@ const filterObjectData = (
   return object
 }
 
-const getTeamsByPermissions = async (teamIds = [], permissions, TeamModel) => {
+const getTeamsByPermissions = async (
+  teamIds = [],
+  permissions,
+  TeamModel,
+  object,
+) => {
   const teams = await Promise.all(
     teamIds.map(async teamId => {
       const team = await TeamModel.find(teamId)
-      if (permissions.includes(team.teamType.permissions)) {
-        return team
+      if (!permissions.includes(team.teamType.permissions)) {
+        return null
       }
-      return null
+      return team
     }),
   )
 
diff --git a/packages/xpub-faraday/config/authsome-mode.js b/packages/xpub-faraday/config/authsome-mode.js
index 667879b274b86a59a28515ed3d595d97e6ad2808..c2843f12cb71b55ee8ca76c92146736f1296d093 100644
--- a/packages/xpub-faraday/config/authsome-mode.js
+++ b/packages/xpub-faraday/config/authsome-mode.js
@@ -9,9 +9,10 @@ async function teamPermissions(user, operation, object, context) {
     user.teams,
     permissions,
     context.models.Team,
+    object,
   )
 
-  const collectionsPermissions = await Promise.all(
+  let collectionsPermissions = await Promise.all(
     teams.map(async team => {
       const collection = await context.models.Collection.find(team.object.id)
       const collPerm = {
@@ -21,12 +22,13 @@ async function teamPermissions(user, operation, object, context) {
       const objectType = get(object, 'type')
       if (objectType === 'fragment' && collection.fragments.includes(object.id))
         collPerm.fragmentId = object.id
-
+      if (objectType === 'collection')
+        if (object.id !== collection.id) return null
       return collPerm
     }),
   )
-
-  if (collectionsPermissions.length === 0) return {}
+  collectionsPermissions = collectionsPermissions.filter(cp => cp !== null)
+  if (collectionsPermissions.length === 0) return false
 
   return {
     filter: filterParam => {
@@ -196,6 +198,8 @@ async function authenticatedUser(user, operation, object, context) {
     if (permissions) {
       return permissions
     }
+
+    return false
   }
 
   if (get(object, 'type') === 'fragment') {