diff --git a/src/clj/auto_ap/routes/auth.clj b/src/clj/auto_ap/routes/auth.clj
index c23c5fe5..79319b07 100644
--- a/src/clj/auto_ap/routes/auth.clj
+++ b/src/clj/auto_ap/routes/auth.clj
@@ -49,7 +49,7 @@
                       :db/id (:db/id user)
                       :user/role    (name (:user/role user))
                       :user/name    (:user/name user)}
-                (= "admin" (name (:user/role user)))
+                (#{"admin" "read-only"} (name (:user/role user)))
                (assoc :gz-clients (->> (:user/clients user)
                                        (map (fn [c]
                                               (select-keys c [:client/code :db/id :client/locations])))
diff --git a/src/clj/auto_ap/server.clj b/src/clj/auto_ap/server.clj
index 2399011e..0f53c817 100644
--- a/src/clj/auto_ap/server.clj
+++ b/src/clj/auto_ap/server.clj
@@ -67,6 +67,7 @@
   :start (run-jetty app {:port port
                          :join? false
                          :configurator configure-jetty
+                         :response-header-size 16384
                          :request-header-size 16384})
   :stop (.stop jetty))
 
diff --git a/src/clj/auto_ap/ssr/admin/transaction_rules.fiddle b/src/clj/auto_ap/ssr/admin/transaction_rules.fiddle
new file mode 100644
index 00000000..e69de29b