7ab54053db
- Modified attendances.funnel_stage in DB from ENUM to VARCHAR. - Created tenant_funnels table and backend API routes to manage custom stages. - Added /admin/funnels page for Admins/Managers to create, edit, order, and color-code their funnel stages. - Updated Dashboard, UserDetail, and AttendanceDetail to fetch and render dynamic funnel stages instead of hardcoded enums. - Added defensive checks and logging to GET /users/:idOrSlug to fix sporadic 500 errors during impersonation handoffs.
13 lines
604 B
Plaintext
13 lines
604 B
Plaintext
Look at line 354: `if (req.user.role !== 'super_admin' && rows[0].tenant_id !== req.user.tenant_id) {`
|
|
What if `req.user.tenant_id` is null (which it is for some system admins)?
|
|
But `rows[0].tenant_id` could be something else. That just returns 403.
|
|
What if `rows` is empty?
|
|
Line 353: `if (rows.length === 0) return res.status(404).json({ error: 'Not found' });`
|
|
What if `req.user` is undefined? (Should be caught by middleware).
|
|
|
|
Wait, the user says the error is:
|
|
`https://fasto.blyzer.com.br/api/users/u_71657ec7`
|
|
And it returns `500`.
|
|
|
|
Let's log the exact error inside the catch block in the backend.
|