diff --git a/db/changes/234001/00-aclClient.sql b/db/changes/234001/00-aclClient.sql
new file mode 100644
index 000000000..109b3a4fb
--- /dev/null
+++ b/db/changes/234001/00-aclClient.sql
@@ -0,0 +1,42 @@
+-- No encuentro este back
+DELETE FROM `salix`.`ACL` WHERE property = 'activeWorkersWithRole';
+DELETE FROM `salix`.`ACL` WHERE model = 'Client' AND property = '*';
+
+INSERT INTO `salix`.`ACL` (model,property,accessType,permission,principalType,principalId)
+	VALUES ('Client','findOne','READ','ALLOW','ROLE','employee');
+INSERT INTO `salix`.`ACL` (model,property,accessType,permission,principalType,principalId)
+	VALUES ('Client','findById','READ','ALLOW','ROLE','employee');
+INSERT INTO `salix`.`ACL` (model,property,accessType,permission,principalType,principalId)
+	VALUES ('Client','find','READ','ALLOW','ROLE','employee');
+INSERT INTO `salix`.`ACL` (model,property,accessType,permission,principalType,principalId)
+	VALUES ('Client','exists','READ','ALLOW','ROLE','employee');
+INSERT INTO `salix`.`ACL` (model,property,accessType,permission,principalType,principalId)
+	VALUES ('Client','__get__addresses','READ','ALLOW','ROLE','employee');
+
+DELETE FROM `salix`.`ACL` WHERE model = 'Client' AND property = '*' AND accessType IN (
+    'campaignMetricsEmail',
+    'campaignMetricsPdf',
+    'clientDebtStatementEmail',
+    'clientDebtStatementHtml',
+    'clientDebtStatementPdf',
+	'clientWelcomeEmail',
+	'clientWelcomeHtml',
+	'consumptionSendQueued',
+	'creditRequestEmail',
+	'creditRequestHtml',
+	'creditRequestPdf',
+	'getClientOrSupplierReference',
+	'incotermsAuthorizationEmail',
+	'incotermsAuthorizationHtml',
+	'incotermsAuthorizationPdf',
+	'letterDebtorNdEmail',
+	'letterDebtorNdHtml',
+	'letterDebtorPdf',
+	'letterDebtorStEmail',
+	'letterDebtorStHtml',
+	'printerSetupEmail',
+	'printerSetupHtml',
+	'sepaCoreEmail',
+	'setPassword',
+	'updateUser',
+	'uploadFile');
diff --git a/db/changes/234001/01-aclAccount.sql b/db/changes/234001/01-aclAccount.sql
new file mode 100644
index 000000000..d749b52ab
--- /dev/null
+++ b/db/changes/234001/01-aclAccount.sql
@@ -0,0 +1,10 @@
+DELETE FROM `salix`.`ACL` WHERE model = 'Account' AND property = '*' AND principalId = 'employee';
+
+INSERT INTO `salix`.`ACL` (model,property,accessType,permission,principalType,principalId)
+	VALUES ('Account','findOne','READ','ALLOW','ROLE','employee');
+INSERT INTO `salix`.`ACL` (model,property,accessType,permission,principalType,principalId)
+	VALUES ('Account','findById','READ','ALLOW','ROLE','employee');
+INSERT INTO `salix`.`ACL` (model,property,accessType,permission,principalType,principalId)
+	VALUES ('Account','find','READ','ALLOW','ROLE','employee');
+INSERT INTO `salix`.`ACL` (model,property,accessType,permission,principalType,principalId)
+	VALUES ('Account','exists','READ','ALLOW','ROLE','employee');