diff --git a/app/controllers/spree/api/products_controller_decorator.rb b/app/controllers/spree/api/products_controller_decorator.rb
index 7e81e1f789..65765e03ca 100644
--- a/app/controllers/spree/api/products_controller_decorator.rb
+++ b/app/controllers/spree/api/products_controller_decorator.rb
@@ -1,3 +1,5 @@
+require 'open_food_network/permissions'
+
 Spree::Api::ProductsController.class_eval do
   def managed
     authorize! :admin, Spree::Product
@@ -8,7 +10,11 @@ Spree::Api::ProductsController.class_eval do
   end
 
   def bulk_products
-    @products = product_scope.ransack(params[:q]).result.managed_by(current_api_user).page(params[:page]).per(params[:per_page])
+    @products = OpenFoodNetwork::Permissions.new(current_api_user).managed_products.
+      merge(product_scope).
+      ransack(params[:q]).result.
+      page(params[:page]).per(params[:per_page])
+
     render text: { products: ActiveModel::ArraySerializer.new(@products, each_serializer: Spree::Api::ProductSerializer), pages: @products.num_pages }.to_json
   end
 
diff --git a/lib/open_food_network/permissions.rb b/lib/open_food_network/permissions.rb
index 99c0aa0c15..fbd85d933b 100644
--- a/lib/open_food_network/permissions.rb
+++ b/lib/open_food_network/permissions.rb
@@ -18,6 +18,10 @@ module OpenFoodNetwork
       order_cycle.exchanges.to_enterprises(enterprises).from_enterprises(enterprises)
     end
 
+    def managed_products
+      Spree::Product.managed_by(@user)
+    end
+
 
     private