From f362aa61b44cd6b637934b61091151f1253a21b2 Mon Sep 17 00:00:00 2001
From: Test User <test@example.com>
Date: Sun, 19 Apr 2026 00:24:45 +0000
Subject: [PATCH] fix: allow groomer role to access invoices endpoint

Co-Authored-By: Paperclip <noreply@paperclip.ing>
---
 apps/api/src/index.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/api/src/index.ts b/apps/api/src/index.ts
index 1b146b9..705f82d 100644
--- a/apps/api/src/index.ts
+++ b/apps/api/src/index.ts
@@ -117,7 +117,7 @@ api.on(["POST", "PATCH", "DELETE"], "/staff/*", requireRoleOrSuperUser("manager"
 api.use("/admin/*", requireRoleOrSuperUser("manager"));
 api.use("/admin/settings/*", requireSuperUser());
 api.use("/reports/*", requireRole("manager"));
-api.use("/invoices/*", requireRole("manager"));
+api.use("/invoices/*", requireRole("manager", "groomer"));
 api.use("/impersonation/*", requireRole("manager"));
 
 // Manager + Receptionist only (groomers have no access): appointment-groups, grooming-logs, waitlist