diff --git a/server/policies/share.js b/server/policies/share.js
index b5db8b45..944d4972 100644
--- a/server/policies/share.js
+++ b/server/policies/share.js
@@ -12,7 +12,7 @@ allow(User, "read", Share, (user, share) => {
 allow(User, "update", Share, (user, share) => {
   if (user.isViewer) return false;
 
-  // only the user who can share the document publicaly can update the share.
+  // only the user who can share the document publicly can update the share.
   if (cannot(user, "share", share.document)) return false;
   return user.teamId === share.teamId;
 });
diff --git a/server/routes/api/shares.js b/server/routes/api/shares.js
index 2ec30771..3600e319 100644
--- a/server/routes/api/shares.js
+++ b/server/routes/api/shares.js
@@ -62,7 +62,9 @@ router.post("shares.info", auth(), async (ctx) => {
     const parentIds = document?.collection?.getDocumentParents(documentId);
 
     const parentShare = parentIds
-      ? await Share.findOne({
+      ? await Share.scope({
+          method: ["withCollection", user.id],
+        }).findOne({
           where: {
             documentId: parentIds,
             teamId: user.teamId,
diff --git a/server/routes/api/shares.test.js b/server/routes/api/shares.test.js
index aedfc3fd..3e23f2f3 100644
--- a/server/routes/api/shares.test.js
+++ b/server/routes/api/shares.test.js
@@ -424,6 +424,8 @@ describe("#shares.info", () => {
       expect(body.data.shares[0].documentId).toBe(document.id);
       expect(body.data.shares[0].published).toBe(true);
       expect(body.data.shares[0].includeChildDocuments).toBe(true);
+      expect(body.policies.length).toBe(1);
+      expect(body.policies[0].abilities.update).toBe(true);
     });
 
     it("should not return share for parent document with includeChildDocuments=false", async () => {