3 files changed, 8 insertions, 2 deletions

diff --git a/app/controllers/api/companies_controller.rb b/app/controllers/api/companies_controller.rb
index 9d6cb1c..21744de 100644
--- a/app/controllers/api/companies_controller.rb
+++ b/app/controllers/api/companies_controller.rb
@@ -4,7 +4,7 @@ module Api
   # CompaniesController
   class CompaniesController < MasterController
     skip_before_action :validate_jwt, only: %i[show index]
-    skip_before_action :assert_master_role, onlt: %i[show index]
+    skip_before_action :assert_master_role, only: %i[show index]
 
     def index
       @companies = Company.all
diff --git a/app/controllers/authenticated_controller.rb b/app/controllers/authenticated_controller.rb
index de02cab..56159ab 100644
--- a/app/controllers/authenticated_controller.rb
+++ b/app/controllers/authenticated_controller.rb
@@ -13,6 +13,12 @@ class AuthenticatedController < ApplicationController
     @current_user_account ||= UserAccount.find_by(email:)
   end
 
+  def current_user_role
+    return if decoded_token.nil?
+    
+    decoded_token[0]['aud']
+  end
+
   def authentication_token
     @authentication_token ||= request.headers[:authorization]&.sub(/^Bearer /, '')
   end
diff --git a/app/controllers/master_controller.rb b/app/controllers/master_controller.rb
index b2075d5..38cd441 100644
--- a/app/controllers/master_controller.rb
+++ b/app/controllers/master_controller.rb
@@ -7,7 +7,7 @@ class MasterController < AuthenticatedController
   private
 
   def assert_master_role
-    return if current_user_account.role == 'master'
+    return if current_user_role == 'master'
 
     render json: { error_message: 'No cuenta con los permisos necesarios' }, status: :forbidden
   end