mahi/Goa-gel-fullstack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

debug: Add admin guard logging

Browse Source
This commit is contained in:
Mahi
2026-02-09 15:24:27 -04:00
parent f3dd6b3dce
commit f851e31f30
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
frontend/src/app/core/guards/role.guard.ts
View File

@@ -122,6 +122,8 @@ export const adminGuard: CanActivateFn = (route, state) => {
const storage = inject(StorageService); const storage = inject(StorageService);
const storedUser = storage.getUser<{ type?: string }>(); const storedUser = storage.getUser<{ type?: string }>();
console.log('[ADMIN GUARD DEBUG] isAdmin():', authService.isAdmin(), 'storedUser?.type:', storedUser?.type, 'storedUser:', storedUser);
// Verify both signal and stored data agree on admin status // Verify both signal and stored data agree on admin status
if (authService.isAdmin() && storedUser?.type === 'ADMIN') { if (authService.isAdmin() && storedUser?.type === 'ADMIN') {
return true; return true;
@@ -129,7 +131,7 @@ export const adminGuard: CanActivateFn = (route, state) => {
// Log potential privilege escalation attempt // Log potential privilege escalation attempt
if (authService.isAdmin() !== (storedUser?.type === 'ADMIN')) { if (authService.isAdmin() !== (storedUser?.type === 'ADMIN')) {
console.warn('Admin guard: User type mismatch detected'); console.warn('Admin guard: User type mismatch detected - isAdmin():', authService.isAdmin(), 'storedType:', storedUser?.type);
} }
notification.error('This page is only accessible to administrators.'); notification.error('This page is only accessible to administrators.');