diff --git a/app/controllers/api/databases.php b/app/controllers/api/databases.php
index efc93a5f4e..13e9a7bdb8 100644
--- a/app/controllers/api/databases.php
+++ b/app/controllers/api/databases.php
@@ -3197,7 +3197,7 @@ App::patch('/v1/databases/:databaseId/collections/:collectionId/documents/:docum
         }
 
         $data = \array_merge($document->getArrayCopy(), $data); // Merge existing data with new data
-        $data['$collection'] = $collection->getId();            // Make sure user doesn't switch collectionID
+        $data['$collection'] = $document->getAttribute('$collection'); // Make sure user doesn't switch collectionID
         $data['$createdAt'] = $document->getCreatedAt();        // Make sure user doesn't switch createdAt
         $data['$id'] = $document->getId();                      // Make sure user doesn't switch document unique ID
         $data['$permissions'] = $permissions;
diff --git a/app/init.php b/app/init.php
index 2e59869993..0c8baa5273 100644
--- a/app/init.php
+++ b/app/init.php
@@ -947,7 +947,7 @@ App::setResource('user', function ($mode, $project, $console, $request, $respons
 
     if (APP_MODE_ADMIN !== $mode) {
         if ($project->isEmpty()) {
-            $user = new Document(['$id' => ID::custom(''), '$collection' => 'users']);
+            $user = new Document();
         } else {
             $user = $dbForProject->getDocument('users', Auth::$unique);
         }
@@ -959,14 +959,14 @@ App::setResource('user', function ($mode, $project, $console, $request, $respons
         $user->isEmpty() // Check a document has been found in the DB
         || !Auth::sessionVerify($user->getAttribute('sessions', []), Auth::$secret, $authDuration)
     ) { // Validate user has valid login token
-        $user = new Document(['$id' => ID::custom(''), '$collection' => 'users']);
+        $user = new Document();
     }
 
     if (APP_MODE_ADMIN === $mode) {
         if ($user->find('teamId', $project->getAttribute('teamId'), 'memberships')) {
             Authorization::setDefaultStatus(false);  // Cancel security segmentation for admin users.
         } else {
-            $user = new Document(['$id' => ID::custom(''), '$collection' => 'users']);
+            $user = new Document();
         }
     }
 
@@ -989,7 +989,7 @@ App::setResource('user', function ($mode, $project, $console, $request, $respons
         }
 
         if (empty($user->find('$id', $jwtSessionId, 'sessions'))) { // Match JWT to active token
-            $user = new Document(['$id' => ID::custom(''), '$collection' => 'users']);
+            $user = new Document();
         }
     }
 
diff --git a/tests/e2e/Services/Databases/DatabasesCustomClientTest.php b/tests/e2e/Services/Databases/DatabasesCustomClientTest.php
index 046312fec2..2e278b8437 100644
--- a/tests/e2e/Services/Databases/DatabasesCustomClientTest.php
+++ b/tests/e2e/Services/Databases/DatabasesCustomClientTest.php
@@ -344,7 +344,6 @@ class DatabasesCustomClientTest extends Scope
             'permissions' => [
                 Permission::create(Role::user($userId)),
                 Permission::read(Role::user($userId)),
-                Permission::update(Role::user($userId)),
                 Permission::delete(Role::user($userId)),
             ]
         ]);