diff --git a/backend/app/api/v1/routes_clients.py b/backend/app/api/v1/routes_clients.py
index be53c2b..481cd8e 100644
--- a/backend/app/api/v1/routes_clients.py
+++ b/backend/app/api/v1/routes_clients.py
@@ -484,6 +484,4 @@ async def _assert_client_access(user: User, client_id: str, db: AsyncIOMotorData
     # Legacy fallback for pre-migration users
     if user.role == UserRole.PROJECT_MANAGER and client_id in (user.pm_client_ids or []):
         return
-    if user.role in (UserRole.CLIENT, UserRole.PROJECT_MANAGER):
-        return
     raise HTTPException(status_code=403, detail="Insufficient permissions")