From f851e31f309858c93116631bd43f6428dfa9d414 Mon Sep 17 00:00:00 2001
From: Mahi <Mahi-Workspace@mac.home>
Date: Mon, 9 Feb 2026 15:24:27 -0400
Subject: [PATCH] debug: Add admin guard logging

---
 frontend/src/app/core/guards/role.guard.ts | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/frontend/src/app/core/guards/role.guard.ts b/frontend/src/app/core/guards/role.guard.ts
index beedff2..6018dd4 100644
--- a/frontend/src/app/core/guards/role.guard.ts
+++ b/frontend/src/app/core/guards/role.guard.ts
@@ -122,6 +122,8 @@ export const adminGuard: CanActivateFn = (route, state) => {
   const storage = inject(StorageService);
   const storedUser = storage.getUser<{ type?: string }>();
 
+  console.log('[ADMIN GUARD DEBUG] isAdmin():', authService.isAdmin(), 'storedUser?.type:', storedUser?.type, 'storedUser:', storedUser);
+
   // Verify both signal and stored data agree on admin status
   if (authService.isAdmin() && storedUser?.type === 'ADMIN') {
     return true;
@@ -129,7 +131,7 @@ export const adminGuard: CanActivateFn = (route, state) => {
 
   // Log potential privilege escalation attempt
   if (authService.isAdmin() !== (storedUser?.type === 'ADMIN')) {
-    console.warn('Admin guard: User type mismatch detected');
+    console.warn('Admin guard: User type mismatch detected - isAdmin():', authService.isAdmin(), 'storedType:', storedUser?.type);
   }
 
   notification.error('This page is only accessible to administrators.');