From 9828761ac82103a642afc6afdef6d79639cb752c Mon Sep 17 00:00:00 2001
From: marsalva <info@marsalva.es>
Date: Sat, 7 Mar 2026 16:29:07 +0000
Subject: [PATCH] Actualizar server.js

---
 server.js | 19 ++++---------------
 1 file changed, 4 insertions(+), 15 deletions(-)

diff --git a/server.js b/server.js
index 213743a..736092c 100644
--- a/server.js
+++ b/server.js
@@ -2776,24 +2776,19 @@ app.get("/providers/credentials", authMiddleware, async (req, res) => {
 // 💬 CHAT Y COMUNICACIÓN INTERNA (TIPO iTRAMIT)
 // ==========================================
 
-// 1. Obtener los mensajes de un expediente
 app.get("/services/:id/chat", authMiddleware, async (req, res) => {
     try {
         const { id } = req.params;
         const isOperario = req.user.role === 'operario';
 
-        // Si es operario, NO puede ver los mensajes marcados como "is_internal = true"
         let query = `
             SELECT id, sender_id, sender_name, sender_role, message, is_internal, created_at 
             FROM service_communications 
             WHERE scraped_id = $1 AND owner_id = $2
         `;
         
-        if (isOperario) {
-            query += ` AND is_internal = FALSE`;
-        }
-
-        query += ` ORDER BY created_at ASC`; // Orden cronológico (chat)
+        if (isOperario) query += ` AND is_internal = FALSE`;
+        query += ` ORDER BY created_at ASC`;
 
         const q = await pool.query(query, [id, req.user.accountId]);
         res.json({ ok: true, messages: q.rows });
@@ -2803,26 +2798,20 @@ app.get("/services/:id/chat", authMiddleware, async (req, res) => {
     }
 });
 
-// 2. Enviar un nuevo mensaje (Oficina u Operario)
 app.post("/services/:id/chat", authMiddleware, async (req, res) => {
     try {
         const { id } = req.params;
         const { message, is_internal } = req.body;
 
-        if (!message || message.trim() === "") {
-            return res.status(400).json({ ok: false, error: "El mensaje está vacío" });
-        }
+        if (!message || message.trim() === "") return res.status(400).json({ ok: false, error: "Vacío" });
 
-        // Bloqueo de seguridad: Un operario NUNCA puede crear una nota interna oculta
         const isOperario = req.user.role === 'operario';
         const finalIsInternal = isOperario ? false : (is_internal || false);
 
-        // Sacar el nombre y rol del que escribe
         const userQ = await pool.query("SELECT full_name, role FROM users WHERE id=$1", [req.user.sub]);
-        const senderName = userQ.rows[0]?.full_name || "Usuario Desconocido";
+        const senderName = userQ.rows[0]?.full_name || "Usuario";
         const senderRole = userQ.rows[0]?.role || "operario";
 
-        // Guardar el mensaje en la base de datos
         await pool.query(`
             INSERT INTO service_communications 
             (scraped_id, owner_id, sender_id, sender_name, sender_role, message, is_internal)