From a56b058858e20e2fc1f72a41ca92f98a9086b652 Mon Sep 17 00:00:00 2001
From: miloschwartz <mschwartz10612@gmail.com>
Date: Tue, 13 Jan 2026 15:28:02 -0800
Subject: [PATCH] fix role name missing in forward headers

---
 messages/en-US.json                       |  2 +-
 server/db/queries/verifySessionQueries.ts | 12 ++++++++++--
 server/routers/badger/verifySession.ts    |  4 ++--
 3 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/messages/en-US.json b/messages/en-US.json
index 12e4f63f..2e09fac3 100644
--- a/messages/en-US.json
+++ b/messages/en-US.json
@@ -1209,7 +1209,7 @@
     "sidebarIdentityProviders": "Identity Providers",
     "sidebarLicense": "License",
     "sidebarClients": "Clients",
-    "sidebarUserDevices": "Users",
+    "sidebarUserDevices": "User Devices",
     "sidebarMachineClients": "Machines",
     "sidebarDomains": "Domains",
     "sidebarGeneral": "Manage",
diff --git a/server/db/queries/verifySessionQueries.ts b/server/db/queries/verifySessionQueries.ts
index 3c6c5420..280c8a11 100644
--- a/server/db/queries/verifySessionQueries.ts
+++ b/server/db/queries/verifySessionQueries.ts
@@ -1,4 +1,4 @@
-import { db, loginPage, LoginPage, loginPageOrg, Org, orgs } from "@server/db";
+import { db, loginPage, LoginPage, loginPageOrg, Org, orgs, roles } from "@server/db";
 import {
     Resource,
     ResourcePassword,
@@ -108,9 +108,17 @@ export async function getUserSessionWithUser(
  */
 export async function getUserOrgRole(userId: string, orgId: string) {
     const userOrgRole = await db
-        .select()
+        .select({
+            userId: userOrgs.userId,
+            orgId: userOrgs.orgId,
+            roleId: userOrgs.roleId,
+            isOwner: userOrgs.isOwner,
+            autoProvisioned: userOrgs.autoProvisioned,
+            roleName: roles.name
+        })
         .from(userOrgs)
         .where(and(eq(userOrgs.userId, userId), eq(userOrgs.orgId, orgId)))
+        .leftJoin(roles, eq(userOrgs.roleId, roles.roleId))
         .limit(1);
 
     return userOrgRole.length > 0 ? userOrgRole[0] : null;
diff --git a/server/routers/badger/verifySession.ts b/server/routers/badger/verifySession.ts
index 8dee788a..3226755d 100644
--- a/server/routers/badger/verifySession.ts
+++ b/server/routers/badger/verifySession.ts
@@ -942,7 +942,7 @@ async function isUserAllowedToAccessResource(
             username: user.username,
             email: user.email,
             name: user.name,
-            role: user.role
+            role: userOrgRole.roleName
         };
     }
 
@@ -956,7 +956,7 @@ async function isUserAllowedToAccessResource(
             username: user.username,
             email: user.email,
             name: user.name,
-            role: user.role
+            role: userOrgRole.roleName
         };
     }