From a00ec1da3b5175666fa412d70391951a7191c434 Mon Sep 17 00:00:00 2001 From: Stefan Date: Fri, 5 Jun 2026 15:03:51 +0200 Subject: [PATCH] =?UTF-8?q?Fix=20backend=E2=86=94database=20mismatches=20f?= =?UTF-8?q?ound=20verifying=20against=20Fuchs=5FDatabase?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Verified every [dbo].[...] object the backend calls against the SSDT project. Two real mismatches fixed (both would fail at runtime): - Banking search (bam/btl mode=s) called a non-existent [dbo].[fds__getBankingtransactions_list2] and dropped @tgtdate. The actual proc (and the legacy call) is [dbo].[fds__getBankingtransfers_list2] (@tgtdate,@mode,@search,@authuser) — corrected name + parameters. - Widget generic branch called a phantom [dbo].[fds__getWidget] that never existed (legacy only had my/one; the dashboard only requests wdg/my, wdg/one). The default branch now returns 404 instead of hitting a missing proc. (The 'fuchs__admin_logdebug' reference is only in a commented-out line.) Co-Authored-By: Claude Opus 4.8 --- .../Controllers/IntranetController.Banking.cs | 8 +++++--- Fuchs/Services/FuchsWidgetService.cs | 18 +++++++----------- 2 files changed, 12 insertions(+), 14 deletions(-) diff --git a/Fuchs/Controllers/IntranetController.Banking.cs b/Fuchs/Controllers/IntranetController.Banking.cs index 5ec3a79..5894d18 100644 --- a/Fuchs/Controllers/IntranetController.Banking.cs +++ b/Fuchs/Controllers/IntranetController.Banking.cs @@ -81,11 +81,13 @@ public partial class IntranetController string mode = Form("mode").ToLower(); if (mode == "s" && Form("tgt").Contains(':')) { + // Search mode: @tgtdate is unused by the proc but required by its signature. var pl = StdParamlist( - SQL_VarChar("@mode", Form("mode")), - SQL_VarChar("@search", Form("tgt"))); + SQL_Date("@tgtdate", DBNull.Value), + SQL_VarChar("@mode", Form("mode").ne("m")), + SQL_VarChar("@search", Form("tgt"))); var dset = await getSQLDataSet_async( - "EXECUTE [dbo].[fds__getBankingtransactions_list2] @mode, @search, @authuser;", + "EXECUTE [dbo].[fds__getBankingtransfers_list2] @tgtdate, @mode, @search, @authuser;", _intranet.Intranet__SQLConnectionString, pl, tablenames: new[] { "admin", "bank" }, Security: DbSec, options: SqlOpt(fn, id, code)); diff --git a/Fuchs/Services/FuchsWidgetService.cs b/Fuchs/Services/FuchsWidgetService.cs index 51283d4..e645b0e 100644 --- a/Fuchs/Services/FuchsWidgetService.cs +++ b/Fuchs/Services/FuchsWidgetService.cs @@ -97,19 +97,15 @@ public class FuchsWidgetService : IWidgetService return await BuildWidgetResponse(userAccountId, dbSec, shortName, wdg); } - // ── Generic widget by id ────────────────────────────────────────────────── - private async Task HandleWidgetGeneric(string widgetId, string userAccountId, + // ── Unknown widget id ────────────────────────────────────────────────────── + // The dashboard only requests "my" and "one"; there is no generic widget + // source in the schema (the legacy code had no such procedure either). + private Task HandleWidgetGeneric(string widgetId, string userAccountId, DatabaseSecurity dbSec) { - var pl = Params(userAccountId, SQL_VarChar("@widget", widgetId, dbNull_IfEmpty: true)); - var dset = await getSQLDataSet_async( - "EXECUTE [dbo].[fds__getWidget] @widget, @authuser;", - Conn, pl, tablenames: new[] { "admin", "data" }, Security: dbSec); - return await JSONAsync(new - { - admin = dset.Table("admin").FirstRow.toObjectDictionary(), - data = dset.Tables("data").toArrayofObjectDictionaries() - }); + _ = dbSec; + _logger.LogWarning("GetWidgetAsync: unknown widget id '{WidgetId}' requested by user={User}", widgetId, userAccountId); + return Task.FromResult(new NotFoundResult()); } // ── Widget renderer dispatcher ────────────────────────────────────────────