diff --git a/server.js b/server.js index de57dc5..aeb6393 100644 --- a/server.js +++ b/server.js @@ -384,6 +384,7 @@ async function requirePlan(req, res, next, feature) { app.get("/public/portal/:token", async (req, res) => { try { const { token } = req.params; + const serviceId = req.query.service; // Recogemos el ID del enlace // 1. Buscamos al cliente por su token const qClient = await pool.query("SELECT * FROM clients WHERE portal_token = $1 LIMIT 1", [token]); @@ -399,28 +400,40 @@ app.get("/public/portal/:token", async (req, res) => { logo: qConfig.rows[0]?.company_logo || null }; - // 3. TELÉFONO SEGURO: Extraemos SOLO los últimos 9 números, ignorando prefijos o símbolos - let phoneMatch = String(client.phone || "").replace(/\D/g, ""); - if (phoneMatch.length > 9) phoneMatch = phoneMatch.slice(-9); - if (phoneMatch.length < 8) phoneMatch = "NO_VALIDO_123"; + let qServices; - // 4. BÚSQUEDA FUERZA BRUTA: Limpiamos los espacios de la BD antes de buscar - qServices = await pool.query(` - SELECT s.id, s.service_ref, s.is_urgent, s.raw_data, s.created_at, - st.name as real_status_name, st.is_final as is_status_final, - u.full_name as worker_name, u.phone as worker_phone - FROM scraped_services s - LEFT JOIN users u ON u.id = s.assigned_to - LEFT JOIN service_statuses st ON st.id::text = (s.raw_data->>'status_operativo')::text - WHERE s.owner_id = $1 AND s.provider != 'SYSTEM_BLOCK' - AND ( - COALESCE(REPLACE(s.raw_data->>'Teléfono', ' ', ''), '') LIKE $2 - OR COALESCE(REPLACE(s.raw_data->>'TELEFONO', ' ', ''), '') LIKE $2 - OR COALESCE(REPLACE(s.raw_data->>'TELEFONOS', ' ', ''), '') LIKE $2 - ) - ORDER BY s.created_at DESC - `, [ownerId, `%${phoneMatch}%`]); + // 3. LA SOLUCIÓN DEFINITIVA: Si el enlace trae ID, buscamos ESE expediente exacto y nada más + if (serviceId && !isNaN(parseInt(serviceId))) { + qServices = await pool.query(` + SELECT s.id, s.service_ref, s.is_urgent, s.raw_data, s.created_at, + st.name as real_status_name, st.is_final as is_status_final, + u.full_name as worker_name, u.phone as worker_phone + FROM scraped_services s + LEFT JOIN users u ON u.id = s.assigned_to + LEFT JOIN service_statuses st ON st.id::text = (s.raw_data->>'status_operativo')::text + WHERE s.id = $1 AND s.owner_id = $2 AND s.provider != 'SYSTEM_BLOCK' + `, [parseInt(serviceId), ownerId]); + } + // 4. Si alguien abre el portal sin ID, buscamos por teléfono usando un filtro general seguro + else { + let phoneMatch = String(client.phone || "").replace(/[^0-9]/g, ""); + if (phoneMatch.length > 9) phoneMatch = phoneMatch.slice(-9); + if (phoneMatch.length < 6) phoneMatch = "TELEFONO_FALSO_123"; + qServices = await pool.query(` + SELECT s.id, s.service_ref, s.is_urgent, s.raw_data, s.created_at, + st.name as real_status_name, st.is_final as is_status_final, + u.full_name as worker_name, u.phone as worker_phone + FROM scraped_services s + LEFT JOIN users u ON u.id = s.assigned_to + LEFT JOIN service_statuses st ON st.id::text = (s.raw_data->>'status_operativo')::text + WHERE s.owner_id = $1 AND s.provider != 'SYSTEM_BLOCK' + AND s.raw_data::text ILIKE $2 + ORDER BY s.created_at DESC + `, [ownerId, `%${phoneMatch}%`]); + } + + // 5. Formatear datos para el panel del cliente const formattedServices = qServices.rows.map(s => { return { id: s.id, @@ -439,8 +452,8 @@ app.get("/public/portal/:token", async (req, res) => { res.json({ ok: true, client: { name: client.full_name }, company, services: formattedServices }); } catch (e) { - console.error("🔥 ERROR EN PORTAL:", e.message); - res.status(500).json({ ok: false, error: "Error interno" }); + console.error("🔥 ERROR CRÍTICO EN PORTAL:", e.message); + res.status(500).json({ ok: false, error: e.message || "Error del servidor" }); } });