diff --git a/packages/api/src/controllers/auth.js b/packages/api/src/controllers/auth.js
index 3f4c397cc..29d93147a 100644
--- a/packages/api/src/controllers/auth.js
+++ b/packages/api/src/controllers/auth.js
@@ -71,6 +71,7 @@ module.exports = {
             {
               login: 'superadmin',
               permissions: await storage.loadSuperadminPermissions(),
+              roleId: -3,
             },
             getTokenSecret(),
             {
diff --git a/packages/api/src/controllers/connections.js b/packages/api/src/controllers/connections.js
index b6d9d0bbc..697abecda 100644
--- a/packages/api/src/controllers/connections.js
+++ b/packages/api/src/controllers/connections.js
@@ -201,7 +201,7 @@ module.exports = {
   async list(_params, req) {
     const storage = require('./storage');
 
-    const storageConnections = await storage.connections();
+    const storageConnections = await storage.connections(req);
     if (storageConnections) {
       return storageConnections;
     }
diff --git a/packages/api/src/controllers/storage.js b/packages/api/src/controllers/storage.js
index 2be17b4b4..9599dd0e9 100644
--- a/packages/api/src/controllers/storage.js
+++ b/packages/api/src/controllers/storage.js
@@ -1,6 +1,6 @@
 module.exports = {
   connections_meta: true,
-  async connections() {
+  async connections(req) {
     return null;
   },
 
diff --git a/packages/tools/src/testPermission.ts b/packages/tools/src/testPermission.ts
index d6b805f9b..ee679b912 100644
--- a/packages/tools/src/testPermission.ts
+++ b/packages/tools/src/testPermission.ts
@@ -101,11 +101,11 @@ export function testSubPermission(
 export function getPredefinedPermissions(predefinedRoleName: string) {
   switch (predefinedRoleName) {
     case 'superadmin':
-      return ['*', '~widgets/*', 'widgets/admin'];
+      return ['*', '~widgets/*', 'widgets/admin', '~all-connections'];
     case 'logged-user':
-      return ['*', '~widgets/admin', '~admin/*'];
+      return ['*', '~widgets/admin', '~admin/*', '~internal-storage', '~all-connections'];
     case 'anonymous-user':
-      return ['*', '~widgets/admin', '~admin/*'];
+      return ['*', '~widgets/admin', '~admin/*', '~internal-storage', '~all-connections'];
     default:
       return null;
   }
diff --git a/packages/web/src/commands/stdCommands.ts b/packages/web/src/commands/stdCommands.ts
index cd0e02e35..93e4d6711 100644
--- a/packages/web/src/commands/stdCommands.ts
+++ b/packages/web/src/commands/stdCommands.ts
@@ -104,7 +104,7 @@ registerCommand({
   category: 'New',
   toolbarOrder: 1,
   name: 'Connection',
-  testEnabled: () => !getCurrentConfig()?.runAsPortal,
+  testEnabled: () => !getCurrentConfig()?.runAsPortal && !getCurrentConfig()?.storageDatabase,
   onClick: () => {
     openNewTab({
       title: 'New Connection',
diff --git a/packages/web/src/utility/connectionsPinger.js b/packages/web/src/utility/connectionsPinger.js
index efa0fd7b6..0e626657a 100644
--- a/packages/web/src/utility/connectionsPinger.js
+++ b/packages/web/src/utility/connectionsPinger.js
@@ -2,6 +2,7 @@ import _ from 'lodash';
 import { openedConnections, currentDatabase, openedConnectionsWithTemporary, getCurrentConfig } from '../stores';
 import { apiCall, strmid } from './api';
 import { getConnectionList } from './metadataLoaders';
+import hasPermission from '../utility/hasPermission';
 
 // const doServerPing = async value => {
 //   const connectionList = getConnectionList();
@@ -11,7 +12,8 @@ import { getConnectionList } from './metadataLoaders';
 
 const doServerPing = value => {
   apiCall('server-connections/ping', {
-    conidArray: getCurrentConfig().storageDatabase ? ['__storage', ...value] : value,
+    conidArray:
+      getCurrentConfig().storageDatabase && hasPermission('internal-storage') ? ['__storage', ...value] : value,
     strmid,
   });
 };