using recordset values in the access rules won't work correctly.
This is because the recordset will always be added to the page after the code that attaches security assist to the page.
instead, you should create the recordset, then use the set session value behavior to save the ClientTypeLevel to a session, and use that session in the access rules.
you will need to make sure the code for the recordset and to save the session comes before the access rule.