diff --git a/controllers/StockApiController.php b/controllers/StockApiController.php
index eab324ad..bc2e5aa7 100644
--- a/controllers/StockApiController.php
+++ b/controllers/StockApiController.php
@@ -63,7 +63,7 @@ class StockApiController extends BaseApiController
 
 	public function AddProduct(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-        User::checkPermission($request, User::PERMISSION_PRODUCT_ADD);
+        User::checkPermission($request, User::PERMISSION_PRODUCT_PURCHASE);
 
         $requestBody = $request->getParsedBody();
 
@@ -580,7 +580,7 @@ class StockApiController extends BaseApiController
 
 	public function ExternalBarcodeLookup(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-        User::checkPermission($request, User::PERMISSION_PRODUCT_ADD);
+        User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
 
         try
 		{
diff --git a/controllers/Users/User.php b/controllers/Users/User.php
index 9987c699..986f3513 100644
--- a/controllers/Users/User.php
+++ b/controllers/Users/User.php
@@ -21,7 +21,6 @@ abstract class User
     const PERMISSION_MASTER_DATA_READ = 'MASTER_DATA_READ';
     const PERMISSION_TASKS_UNDO = 'TASKS_UNDO';
     const PERMISSION_TASKS_MARK_COMPLETED = 'TASKS_MARK_COMPLETED';
-    const PERMISSION_PRODUCT_ADD = 'PRODUCT_ADD';
     const PERMISSION_STOCK_TRANSFER = 'STOCK_TRANSFER';
     const PERMISSION_STOCK_EDIT = 'STOCK_EDIT';
     const PERMISSION_PRODUCT_CONSUME = 'PRODUCT_CONSUME';
@@ -29,6 +28,7 @@ abstract class User
     const PERMISSION_PRODUCT_OPEN = 'PRODUCT_OPEN';
     const PERMISSION_SHOPPINGLIST_ITEMS_ADD = 'SHOPPINGLIST_ITEMS_ADD';
     const PERMISSION_SHOPPINGLIST_ITEMS_DELETE = 'SHOPPINGLIST_ITEMS_DELETE';
+    const PERMISSION_PRODUCT_PURCHASE = 'PRODUCT_PURCHASE';
 
     public abstract function hasPermission(string $permission): bool;
 
diff --git a/migrations/0111.sql b/migrations/0111.sql
index 9db3f5cc..0f732a9e 100644
--- a/migrations/0111.sql
+++ b/migrations/0111.sql
@@ -94,7 +94,7 @@ VALUES
 ('STOCK_EDIT', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
 ('STOCK_TRANSFER', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
 ('STOCK_CORRECTION', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
-('PRODUCT_ADD', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
+('PRODUCT_PURCHASE', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
 ('PRODUCT_CONSUME', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
 ('PRODUCT_OPEN', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
        -- shopping list