From 78beac9f19f57791c37b5fb8f86e60f1833f4cd7 Mon Sep 17 00:00:00 2001
From: Tom <144813356+ttalty@users.noreply.github.com>
Date: Mon, 26 Aug 2024 06:59:49 -0400
Subject: [PATCH] Added the AccessReports permission to enable report viewing
 (#4648)

---
 src/Api/Vault/Controllers/CiphersController.cs | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/Api/Vault/Controllers/CiphersController.cs b/src/Api/Vault/Controllers/CiphersController.cs
index 1e608155c2..769ba34a16 100644
--- a/src/Api/Vault/Controllers/CiphersController.cs
+++ b/src/Api/Vault/Controllers/CiphersController.cs
@@ -324,12 +324,13 @@ public class CiphersController : Controller
         var org = _currentContext.GetOrganization(organizationId);
 
         // We do NOT need to check the organization collection management setting here because Owners/Admins can
-        // ALWAYS access all ciphers in order to export them. Additionally, custom users with AccessImportExport or
-        // EditAnyCollection permissions can also always access all ciphers.
+        // ALWAYS access all ciphers in order to export them. Additionally, custom users with AccessImportExport,
+        // EditAnyCollection, or AccessReports permissions can also always access all ciphers.
         if (org is
         { Type: OrganizationUserType.Owner or OrganizationUserType.Admin } or
         { Permissions.AccessImportExport: true } or
-        { Permissions.EditAnyCollection: true })
+        { Permissions.EditAnyCollection: true } or
+        { Permissions.AccessReports: true })
         {
             return true;
         }