diff --git a/server.js b/server.js index 8bbeee3..cc4f104 100644 --- a/server.js +++ b/server.js @@ -255,6 +255,50 @@ app.get('/api/debug/db-projekte', async (req, res) => { } }); +app.get('/api/debug/auth-logic', async (req, res) => { + const auth = getAllowedProjects(req); + let debugInfo = { + auth_object: auth, + projects_returned: [], + sql_used: "", + originalIds: [], + normalizedNames: [] + }; + + if (!auth) { + return res.json(debugInfo); + } + + const client = await pool.connect(); + try { + if (auth.projects.includes('*')) { + debugInfo.sql_used = "SELECT * (Wildcard)"; + const result = await client.query('SELECT id, name FROM geodaten.projekte ORDER BY name'); + debugInfo.projects_returned = result.rows; + } else if (auth.projects.length > 0) { + const originalIds = auth.projects.filter(p => /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i.test(p)); + const normalizedNames = auth.projects.map(p => p.toLowerCase().replace(/[-_ ]/g, '').trim()); + debugInfo.originalIds = originalIds; + debugInfo.normalizedNames = normalizedNames; + debugInfo.sql_used = "SELECT WHERE id = ANY OR normalized_name = ANY"; + const result = await client.query( + `SELECT id, name FROM geodaten.projekte + WHERE id::text = ANY($1::text[]) + OR LOWER(REPLACE(REPLACE(REPLACE(name, '-', ''), '_', ''), ' ', '')) = ANY($2::text[]) + ORDER BY name`, + [originalIds, normalizedNames] + ); + debugInfo.projects_returned = result.rows; + } + res.json(debugInfo); + } catch (err) { + debugInfo.error = err.message; + res.status(500).json(debugInfo); + } finally { + client.release(); + } +}); + app.get('/api/logs', (req, res) => { res.type('text/plain').send(serverLogs.join('\n')); });