nodebb-plugin-pdf-secure2 1.3.4 → 1.3.5

package/lib/controllers.js

@@ -42,13 +42,17 @@ Controllers.renderAdminPage = function (req, res) {
 };
 
 Controllers.servePdfBinary = async function (req, res) {
+	console.log('[PDF-Secure] servePdfBinary called - uid:', req.uid, 'nonce:', req.query.nonce ? 'present' : 'missing');
+
 	// Authentication gate - require logged-in user
 	if (!req.uid) {
+		console.log('[PDF-Secure] servePdfBinary - REJECTED: no uid');
 		return res.status(401).json({ error: 'Authentication required' });
 	}
 
 	const { nonce } = req.query;
 	if (!nonce) {
+		console.log('[PDF-Secure] servePdfBinary - REJECTED: no nonce');
 		return res.status(400).json({ error: 'Missing nonce' });
 	}
 
@@ -56,9 +60,12 @@ Controllers.servePdfBinary = async function (req, res) {
 
 	const data = nonceStore.validate(nonce, uid);
 	if (!data) {
+		console.log('[PDF-Secure] servePdfBinary - REJECTED: invalid/expired nonce for uid:', uid);
 		return res.status(403).json({ error: 'Invalid or expired nonce' });
 	}
 
+	console.log('[PDF-Secure] servePdfBinary - OK: file:', data.file, 'isPremium:', data.isPremium);
+
 	try {
 		// Server-side premium gate: non-premium users only get first page
 		const pdfBuffer = data.isPremium

package/library.js

@@ -101,6 +101,7 @@ plugin.init = async (params) => {
 		// Check if user is Premium or Lite (admins/global mods always premium)
 		let isPremium = false;
 		let isLite = false;
+		let isVip = false;
 		if (req.uid) {
 			const [isAdmin, isGlobalMod, isPremiumMember, isVipMember, isLiteMember] = await Promise.all([
 				groups.isMember(req.uid, 'administrators'),
@@ -110,10 +111,11 @@ plugin.init = async (params) => {
 				groups.isMember(req.uid, 'Lite'),
 			]);
 			isPremium = isAdmin || isGlobalMod || isPremiumMember || isVipMember;
-			const isVip = isVipMember || isAdmin;
+			isVip = isVipMember || isAdmin;
 			// Lite: full PDF access but restricted UI (no annotations, sidebar, etc.)
 			isLite = !isPremium && isLiteMember;
 		}
+		console.log('[PDF-Secure] Viewer request - uid:', req.uid, 'file:', safeName, 'isPremium:', isPremium, 'isVip:', isVip, 'isLite:', isLite);
 
 		// Lite users get full PDF like premium (for nonce/server-side PDF data)
 		const hasFullAccess = isPremium || isLite;
@@ -231,6 +233,7 @@ plugin.filterMetaTags = async (hookData) => {
 
 // Inject plugin config into client-side
 plugin.filterConfig = async function (data) {
+	console.log('[PDF-Secure] filterConfig called - data exists:', !!data, 'config exists:', !!(data && data.config));
 	return data;
 };
 
@@ -238,13 +241,19 @@ plugin.filterConfig = async function (data) {
 // This hides PDF URLs from: page source, API, RSS, ActivityPub
 plugin.transformPdfLinks = async (data) => {
 	if (!data || !data.postData || !data.postData.content) {
+		console.log('[PDF-Secure] transformPdfLinks - no data/postData/content, skipping');
 		return data;
 	}
 
+	console.log('[PDF-Secure] transformPdfLinks - processing post tid:', data.postData.tid, 'pid:', data.postData.pid);
+
 	// Regex to match PDF links: <a href="...xxx.pdf">text</a>
 	// Captures: full URL path, filename, link text
 	const pdfLinkRegex = /<a\s+[^>]*href=["']([^"']*\/([^"'\/]+\.pdf))["'][^>]*>([^<]*)<\/a>/gi;
 
+	const matchCount = (data.postData.content.match(pdfLinkRegex) || []).length;
+	console.log('[PDF-Secure] transformPdfLinks - found', matchCount, 'PDF links in post');
+
 	data.postData.content = data.postData.content.replace(pdfLinkRegex, (match, fullPath, filename, linkText) => {
 		// Decode filename to prevent double encoding (URL may already be encoded)
 		let decodedFilename;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nodebb-plugin-pdf-secure2",
-  "version": "1.3.4",
+  "version": "1.3.5",
   "description": "Secure PDF viewer plugin for NodeBB - prevents downloading, enables canvas-only rendering with Premium group support",
   "main": "library.js",
   "repository": {