diff --git a/app/models/org.rb b/app/models/org.rb
index c5e5e63..6263e90 100644
--- a/app/models/org.rb
+++ b/app/models/org.rb
@@ -3,7 +3,7 @@
   include FlagShihTzu
   extend Dragonfly::Model::Validations
   validates_with OrgLinksValidator
-  
+
   # Stores links as an JSON object: { org: [{"link":"www.example.com","text":"foo"}, ...] }
   # The links are validated against custom validator allocated at validators/template_links_validator.rb
   serialize :links, JSON
@@ -16,12 +16,12 @@
   has_many :templates
   has_many :users
   has_many :annotations
-  
+
   has_and_belongs_to_many :token_permission_types, join_table: "org_token_permissions", unique: true
 
   has_many :org_identifiers
   has_many :identifier_schemes, through: :org_identifiers
-  
+
   ##
   # Possibly needed for active_admin
   #   -relies on protected_attributes gem as syntax depricated in rails 4.2
@@ -29,7 +29,7 @@
                   :logo_file_name, :name, :links,
                   :organisation_type_id, :wayfless_entity, :parent_id, :sort_name,
                   :token_permission_type_ids, :language_id, :contact_email, :contact_name,
-                  :language, :org_type, :region, :token_permission_types, 
+                  :language, :org_type, :region, :token_permission_types,
                   :guidance_group_ids, :is_other, :region_id, :logo_uid, :logo_name,
                   :feedback_enabled, :feedback_email_subject, :feedback_email_msg
   ##
@@ -95,7 +95,7 @@
     ret << "Organisation" if self.organisation?
     ret << "Research Institute" if self.research_institute?
     ret << "Project" if self.project?
-    ret << "School" if self.school?      
+    ret << "School" if self.school?
     return (ret.length > 0 ? ret.join(', ') : "None")
   end
 
@@ -141,15 +141,18 @@
   end
 
   def org_admins
-    User.joins(:perms).where("users.org_id = ? AND perms.name IN (?)", self.id, 
+    User.joins(:perms).where("users.org_id = ? AND perms.name IN (?)", self.id,
       ['grant_permissions', 'modify_templates', 'modify_guidance', 'change_org_details'])
   end
-  
+
   def plans
-    Plan.includes(:template, :phases, :roles, :users).joins(:roles, :users).where('users.org_id = ? AND roles.access IN (?)', 
+    Plan.includes(:template, :phases, :roles, :users).joins(:roles, :users).where('users.org_id = ? AND roles.access IN (?)',
       self.id, Role.access_values_for(:owner).concat(Role.access_values_for(:administrator)))
   end
 
+  def grant_api!(token_permission_type)
+    org.token_permission_types << token_permission_type unless org.tokenpermission_types.include? token_permission_type
+
   private
     ##
     # checks size of logo and resizes if necessary
@@ -166,4 +169,5 @@
     def create_guidance_group
       GuidanceGroup.create(name: self.abbreviation? ? self.abbreviation : self.name , org_id: self.id)
     end
+
 end
diff --git a/lib/tasks/bugfix.rake b/lib/tasks/bugfix.rake
index 927e49c..67ba32d 100644
--- a/lib/tasks/bugfix.rake
+++ b/lib/tasks/bugfix.rake
@@ -32,10 +32,10 @@
       when 'date'
         qf.formattype = :date
       end
-      
+
       qf.save!
     end
-    
+
     if QuestionFormat.find_by(formattype: :date).nil?
       QuestionFormat.create!({title: "Date", option_based: true, formattype: 6})
     end
@@ -44,11 +44,11 @@
   desc "Add the missing token_permission_types"
   task add_missing_token_permission_types: :environment do
     if TokenPermissionType.find_by(token_type: 'templates').nil?
-      TokenPermissionType.create!({token_type: 'templates', 
+      TokenPermissionType.create!({token_type: 'templates',
                                    text_description: 'allows a user access to the templates api endpoint'})
     end
     if TokenPermissionType.find_by(token_type: 'statistics').nil?
-      TokenPermissionType.create!({token_type: 'statistics', 
+      TokenPermissionType.create!({token_type: 'statistics',
                                    text_description: 'allows a user access to the statistics api endpoint'})
     end
   end
@@ -60,7 +60,7 @@
     Template.where(org_id: funders).update_all visibility: Template.visibilities[:publicly_visible]
     Template.default.update visibility: Template.visibilities[:publicly_visible]
   end
-  
+
   desc "Set all orgs.links defaults"
   task set_org_link_defaults: :environment do
     Org.all.each do |org|
@@ -71,7 +71,7 @@
       end
     end
   end
-  
+
   desc "Set all template.links defaults"
   task set_template_link_defaults: :environment do
     Template.all.each do |template|
@@ -87,4 +87,21 @@
       end
     end
   end
-end
\ No newline at end of file
+
+  desc "Allow Statistics API Usage for Org Admin Users"
+  task stats_api_org_admin: :environment do
+    perms = Perm.where(name: ['modify_templates','modify_guidance','change_org_details','grant_permissions']).include(users: {org: :token_permission_types})
+    users = perms.map {|perm| perm.users}
+    users.flatten!.uniq!
+    orgs = users.map {|user| user.org}
+    orgs.uniq!
+    # ensure orgs have access to statistics controller
+    orgs.each do |org|
+      org.grant_api!(TokenPermissionType::STATISTICS)
+    end
+    # leave tokens intact
+    users.each do |user|
+      user.keep_or_generate_token!
+    end
+  end
+end