v0.1.11 - Editor

backend/app/api/client_access.py

@@ -28,7 +28,7 @@ router = APIRouter(prefix="/api/client-access", tags=["client-access"])
 
 def _authorized_client_scope(db: Session, session: AuthSession) -> list[ClientAccount]:
     clients = list_client_accounts(db)
-    if session.role == "admin":
+    if session.role in {"admin", "internal"}:
         return clients
     return [client for client in clients if client.id == session.client_account_id]
 
@@ -61,12 +61,12 @@ def _read_client_account(db: Session, client_id: int, session: AuthSession) -> d
 
 
 def _actor_metadata(session: AuthSession) -> dict[str, str]:
-    if session.role == "admin":
+    if session.role in {"admin", "internal"}:
         return {
             "actor_type": "lean_admin",
             "actor_name": session.name,
             "actor_email": session.email,
-            "actor_role": "admin",
+            "actor_role": session.client_role or "admin",
         }
     return {
         "actor_type": "client_superadmin",