From dd981ec7ee3d3a687bf6d81c77b8fb386a1ff21b Mon Sep 17 00:00:00 2001
From: Sosthene <contact@sosthene.net>
Date: Fri, 1 Aug 2025 21:17:10 +0200
Subject: [PATCH] fix: add rule check to RulesHandler

---
 src/app/middlewares/RulesHandler.ts | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/src/app/middlewares/RulesHandler.ts b/src/app/middlewares/RulesHandler.ts
index 806bed73..d627100d 100644
--- a/src/app/middlewares/RulesHandler.ts
+++ b/src/app/middlewares/RulesHandler.ts
@@ -5,14 +5,24 @@ export default async function ruleHandler(req: Request, response: Response, next
 	try {
 		const rules = req.body.user.rules;
 		const service = req.path && req.path.split("/")[4];
+		const requiredRule = req.method + " " + service;
 
 		if (!rules) {
 			response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized without rules");
 			return;
 		}
 
-		if (!rules.includes(req.method + " " + service)) {
-			response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with those rules");
+		if (!rules.includes(requiredRule)) {
+			console.error(`Rule check failed for user ${req.body.user.userId}:`);
+			console.error(`  Required rule: "${requiredRule}"`);
+			console.error(`  User rules: [${rules.join(", ")}]`);
+			console.error(`  Path: ${req.path}`);
+			console.error(`  Method: ${req.method}`);
+			console.error(`  Service: ${service}`);
+			
+			response.status(HttpCodes.UNAUTHORIZED).send(
+				`Unauthorized with those rules. Required: "${requiredRule}", Provided: [${rules.join(", ")}]`
+			);
 			return;
 		}