diff --git a/src/config/wireplumber.conf.d/access.conf b/src/config/wireplumber.conf.d/access.conf
index 5422156f..d1424f2b 100644
--- a/src/config/wireplumber.conf.d/access.conf
+++ b/src/config/wireplumber.conf.d/access.conf
@@ -6,44 +6,43 @@ wireplumber.settings = {
 
   ## The list of access rules
   access.rules = [
-    {
-      matches = [
-        {
-          pipewire.access = "flatpak"
-          media.category = "Manager"
-        }
-      ]
-      actions = {
-        update-props = {
-          default_permissions = "all",
-        }
-      }
-    }
-
-    {
-      matches = [
-        {
-          pipewire.access = "flatpak"
-        }
-      ]
-      actions = {
-        update-props = {
-          default_permissions = "rx"
-        }
-      }
-    }
-
-    {
-      matches = [
-        {
-          pipewire.access = "restricted"
-        }
-      ]
-      actions = {
-        update-props = {
-          default_permissions = "rx"
-        }
-      }
-    }
+    ## The following are the default rules applied if none overrides them.
+    # {
+    #   matches = [
+    #     {
+    #       pipewire.access = "flatpak"
+    #       media.category = "Manager"
+    #     }
+    #   ]
+    #   actions = {
+    #     update-props = {
+    #       default_permissions = "all",
+    #     }
+    #   }
+    # }
+    # {
+    #   matches = [
+    #     {
+    #       pipewire.access = "flatpak"
+    #     }
+    #   ]
+    #   actions = {
+    #     update-props = {
+    #       default_permissions = "rx"
+    #     }
+    #   }
+    # }
+    # {
+    #   matches = [
+    #     {
+    #       pipewire.access = "restricted"
+    #     }
+    #   ]
+    #   actions = {
+    #     update-props = {
+    #       default_permissions = "rx"
+    #     }
+    #   }
+    # }
   ]
 }
diff --git a/src/scripts/access/access-default.lua b/src/scripts/access/access-default.lua
index 4101434b..898d44e5 100644
--- a/src/scripts/access/access-default.lua
+++ b/src/scripts/access/access-default.lua
@@ -5,12 +5,27 @@
 --
 -- SPDX-License-Identifier: MIT
 
-function rulesGetDefaultPermissions(properties)
+function getDefaultPermissions (properties)
+  local pw_access = properties["pipewire.access"]
+  local media_category = properties["media.category"]
+
+  if pw_access == "flatpak" and media_category == "Manager" then
+    return "all"
+  elseif pw_access == "flatpak" or pw_access == "restricted" then
+    return "rx"
+  end
+
+  return nil
+end
+
+function getPermissions (properties)
   local matched, mprops = Settings.apply_rule ("access.rules", properties)
 
   if (matched and mprops["default_permissions"]) then
     return mprops["default_permissions"]
   end
+
+  return nil
 end
 
 clients_om = ObjectManager {
@@ -21,9 +36,12 @@ clients_om:connect("object-added", function (om, client)
   local id = client["bound-id"]
   local properties = client["properties"]
 
-  local perms = rulesGetDefaultPermissions(properties)
+  local perms = getPermissions (properties)
+  if perms == nil then
+    perms = getDefaultPermissions (properties)
+  end
 
-  if perms then
+  if perms ~= nil then
     Log.info(client, "Granting permissions to client " .. id .. ": " .. perms)
     client:update_permissions { ["any"] = perms }
   end