diff --git a/src/documents/index.py b/src/documents/index.py
index 388b994d8..71b9b8097 100644
--- a/src/documents/index.py
+++ b/src/documents/index.py
@@ -484,9 +484,10 @@ def get_permissions_criterias(user: Optional[User] = None):
     if user is not None:
         if user.is_superuser:  # superusers see all docs
             user_criterias = []
-        else:
-            user_criterias.append(query.Term("owner_id", user.id))
-            user_criterias.append(
-                query.Term("viewer_id", str(user.id)),
-            )
+        # else:
+        #     user_criterias.append(query.Term("owner_id", user.id))
+        #     user_criterias.append(
+        #         query.Term("viewer_id", str(user.id)),
+        #     )
+        user_criterias = []
     return user_criterias
diff --git a/src/documents/views.py b/src/documents/views.py
index 244555619..aa540ceb4 100644
--- a/src/documents/views.py
+++ b/src/documents/views.py
@@ -562,12 +562,18 @@ class DocumentViewSet(
     def thumb(self, request, pk=None):
         try:
             doc = Document.objects.get(id=pk)
-            if request.user is not None and not has_perms_owner_aware(
-                request.user,
-                "view_document",
-                doc,
-            ):
+            # Allow all users to view thumbnails
+            if request.user is None:
                 return HttpResponseForbidden("Insufficient permissions")
+            
+            # Original 
+            # if request.user is not None and not has_perms_owner_aware(
+            #     request.user,
+            #     "view_document",
+            #     doc,
+            # ):
+            #     return HttpResponseForbidden("Insufficient permissions")
+
             if doc.storage_type == Document.STORAGE_TYPE_GPG:
                 handle = GnuPG.decrypted(doc.thumbnail_file)
             else: