From e5bcb316eebbebd9e0f067c10080e3e00cfc1a9e Mon Sep 17 00:00:00 2001
From: marsalva <info@marsalva.es>
Date: Sat, 21 Feb 2026 18:23:12 +0000
Subject: [PATCH] Actualizar server.js

---
 server.js | 38 ++++++++++++++++++++++++++++++++++++--
 1 file changed, 36 insertions(+), 2 deletions(-)

diff --git a/server.js b/server.js
index d8b42d6..330810d 100644
--- a/server.js
+++ b/server.js
@@ -1437,8 +1437,42 @@ app.post("/admin/users", authMiddleware, async (req, res) => { const client = aw
 app.put("/admin/users/:id", authMiddleware, async (req, res) => { const client = await pool.connect(); try { const userId = req.params.id; const { fullName, email, phone, role, guilds, password, zones } = req.body; const p = normalizePhone(phone); await client.query('BEGIN'); if(password) { const hash = await bcrypt.hash(password, 10); await client.query("UPDATE users SET full_name=$1, email=$2, phone=$3, role=$4, password_hash=$5, zones=$6 WHERE id=$7", [fullName, email, p, role, hash, JSON.stringify(zones || []), userId]); } else { await client.query("UPDATE users SET full_name=$1, email=$2, phone=$3, role=$4, zones=$5 WHERE id=$6", [fullName, email, p, role, JSON.stringify(zones || []), userId]); } if (guilds && Array.isArray(guilds)) { await client.query("DELETE FROM user_guilds WHERE user_id=$1", [userId]); for (const gid of guilds) await client.query("INSERT INTO user_guilds (user_id, guild_id) VALUES ($1, $2)", [userId, gid]); } await client.query('COMMIT'); res.json({ ok: true }); } catch (e) { await client.query('ROLLBACK'); res.status(500).json({ ok: false }); } finally { client.release(); } });
 app.delete("/admin/users/:id", authMiddleware, async (req, res) => { try { await pool.query("DELETE FROM users WHERE id=$1 AND owner_id=$2", [req.params.id, req.user.accountId]); res.json({ ok: true }); } catch (e) { res.status(500).json({ ok: false }); } });
 
-app.get("/config/company", authMiddleware, async (req, res) => { try { const q = await pool.query("SELECT company_slug, full_name, plan_tier FROM users WHERE id=$1", [req.user.accountId]); res.json({ ok: true, slug: q.rows[0]?.company_slug, name: q.rows[0]?.full_name, plan: q.rows[0]?.plan_tier }); } catch (e) { res.status(500).json({ ok: false }); } });
-app.post("/config/company", authMiddleware, async (req, res) => { const client = await pool.connect(); try { const { slug } = req.body; if (!slug || slug.length < 3) return res.status(400).json({ ok: false, error: "Mínimo 3 caracteres" }); const cleanSlug = slug.toLowerCase().replace(/[^a-z0-9-]/g, ""); if (cleanSlug !== slug) return res.status(400).json({ ok: false, error: "Carácteres inválidos" }); const check = await client.query("SELECT id FROM users WHERE company_slug=$1 AND id != $2", [cleanSlug, req.user.accountId]); if (check.rowCount > 0) return res.status(400).json({ ok: false, error: "Nombre en uso" }); await client.query("UPDATE users SET company_slug=$1 WHERE id=$2", [cleanSlug, req.user.accountId]); res.json({ ok: true, fullUrl: `https://${cleanSlug}.integrarepara.es` }); } catch (e) { res.status(500).json({ ok: false }); } finally { client.release(); } });
+app.get("/config/company", authMiddleware, async (req, res) => { 
+    try { 
+        const q = await pool.query("SELECT company_slug, full_name, plan_tier, company_logo, portal_settings FROM users WHERE id=$1", [req.user.accountId]); 
+        res.json({ ok: true, config: q.rows[0] || {} }); 
+    } catch (e) { res.status(500).json({ ok: false }); } 
+});
+
+app.post("/config/company", authMiddleware, async (req, res) => { 
+    const client = await pool.connect(); 
+    try { 
+        const { slug, company_name, company_logo, portal_settings } = req.body; 
+        
+        let cleanSlug = null;
+        if (slug) {
+            cleanSlug = slug.toLowerCase().replace(/[^a-z0-9-]/g, ""); 
+            if (cleanSlug !== slug) return res.status(400).json({ ok: false, error: "El enlace solo puede contener letras minúsculas, números y guiones" }); 
+            const check = await client.query("SELECT id FROM users WHERE company_slug=$1 AND id != $2", [cleanSlug, req.user.accountId]); 
+            if (check.rowCount > 0) return res.status(400).json({ ok: false, error: "Ese enlace ya está en uso por otra empresa" }); 
+        }
+
+        await client.query(`
+            UPDATE users 
+            SET company_slug = COALESCE($1, company_slug),
+                full_name = COALESCE($2, full_name),
+                company_logo = COALESCE($3, company_logo),
+                portal_settings = COALESCE($4, portal_settings)
+            WHERE id = $5
+        `, [cleanSlug, company_name, company_logo, portal_settings, req.user.accountId]); 
+
+        res.json({ ok: true }); 
+    } catch (e) { 
+        res.status(500).json({ ok: false, error: "Error interno" }); 
+    } finally { 
+        client.release(); 
+    } 
+});
 
 // ==========================================
 // 🛠️ RUTAS DE GREMIOS E INTELIGENCIA ARTIFICIAL