diff --git a/changelog/unreleased/ignore-resharing-requests.md b/changelog/unreleased/ignore-resharing-requests.md
new file mode 100644
index 0000000000..2ae60b0c96
--- /dev/null
+++ b/changelog/unreleased/ignore-resharing-requests.md
@@ -0,0 +1,5 @@
+Enhancement: Ignore resharing requests
+
+We now ignore resharing permissions. Instead of returning BadRequest we just reduce the permissions.
+
+https://github.com/cs3org/reva/pull/4816
diff --git a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go
index 1136ded122..1ec0b325e4 100644
--- a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go
+++ b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go
@@ -282,8 +282,34 @@ func (h *Handler) CreateShare(w http.ResponseWriter, r *http.Request) {
 	reqRole, reqPermissions := r.FormValue("role"), r.FormValue("permissions")
 	switch shareType {
 	case int(conversions.ShareTypeUser), int(conversions.ShareTypeGroup):
-		// user collaborations default to Manager (=all permissions)
-		role, val, ocsErr := h.extractPermissions(reqRole, reqPermissions, statRes.Info, conversions.NewManagerRole())
+		// NOTE: clients tend to send "31" as permissions but they mean "15".
+		// This is because it adds the "16" for sharing , but that is now no longer allowed.
+		// We could now have some fancy mechanism that casts the string to an int, subtracts 16 and casts it back to a string.
+		// Or we could change the role later and hope everything works out.
+		// Or:
+		if reqRole == "" {
+			switch reqPermissions {
+			case "31":
+				reqPermissions = "15"
+			case "29":
+				reqPermissions = "13"
+			case "27":
+				reqPermissions = "11"
+			case "23":
+				reqPermissions = "7"
+			case "22":
+				reqPermissions = "6"
+			case "21":
+				reqPermissions = "5"
+			case "19":
+				reqPermissions = "3"
+			case "17":
+				reqPermissions = "1"
+			}
+		}
+
+		// user collaborations default to Viewer. Sane Default.
+		role, val, ocsErr := h.extractPermissions(reqRole, reqPermissions, statRes.Info, conversions.NewViewerRole())
 		if ocsErr != nil {
 			response.WriteOCSError(w, r, ocsErr.Code, ocsErr.Message, ocsErr.Error)
 			return