Benjamin_Boenisch/breakpilot-core
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

security(pitch-deck): re-secure fp-patch, convert to admin recompute endpoint
All checks were successful
Build pitch-deck / build-push-deploy (push) Successful in 1m13s
Details
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-consent (push) Successful in 37s
Details
CI / test-python-voice (push) Successful in 35s
Details
CI / test-bqas (push) Successful in 34s
Details

Browse Source 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
2026-04-21 18:12:24 +02:00
parent 14362cbc0e
commit 7cb79dacd5
2 changed files with 16 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
pitch-deck/app/api/admin/fp-patch/route.ts
View File

@@ -1,43 +1,27 @@
import { NextRequest, NextResponse } from 'next/server'
import { requireAdmin } from '@/lib/admin-auth'
import pool from '@/lib/db'
import { computeFinanzplan } from '@/lib/finanzplan/engine'
/**
* TEMPORARY public patch: fix WD funding + recompute.
* POST /api/admin/fp-patch
* Admin-only patch endpoint for Finanzplan recompute.
* POST /api/admin/fp-patch { scenarioId?: string }
*/
export async function POST() {
const results: string[] = []
export async function POST(request: NextRequest) {
const guard = await requireAdmin(request)
if (guard.kind === 'response') return guard.response
try {
// 1. Fix WD Eigenkapital = 40k in m8
await pool.query(`
UPDATE fp_liquiditaet
SET values = jsonb_set(values, '{m8}', '40000')
WHERE scenario_id = 'c0000000-0000-0000-0000-000000000200'
AND row_label = 'Neuer Eigenkapitalzugang'
`)
results.push('SET WD Eigenkapital m8=40000')
const body = await request.json().catch(() => ({}))
const scenarioId = body.scenarioId || (await pool.query("SELECT id FROM fp_scenarios WHERE is_default = true LIMIT 1")).rows[0]?.id
// 2. Fix WD Fremdkapital = 160k in m8
await pool.query(`
UPDATE fp_liquiditaet
SET values = jsonb_set(values, '{m8}', '160000')
WHERE scenario_id = 'c0000000-0000-0000-0000-000000000200'
AND row_label = 'Erhaltenes Fremdkapital'
`)
results.push('SET WD Fremdkapital m8=160000')
// 3. Recompute WD scenario
const result = await computeFinanzplan(pool, 'c0000000-0000-0000-0000-000000000200')
results.push(`COMPUTED WD: cash_m60=${result.liquiditaet?.endstand?.m60}`)
// 4. Also recompute Base Case
const resultBase = await computeFinanzplan(pool, (await pool.query("SELECT id FROM fp_scenarios WHERE is_default = true LIMIT 1")).rows[0].id)
results.push(`COMPUTED BASE: cash_m60=${resultBase.liquiditaet?.endstand?.m60}`)
} catch (err) {
results.push(`ERROR: ${err instanceof Error ? err.message : String(err)}`)
if (!scenarioId) {
return NextResponse.json({ error: 'No scenario found' }, { status: 404 })
}
return NextResponse.json({ success: true, results })
const result = await computeFinanzplan(pool, scenarioId)
return NextResponse.json({
success: true,
scenarioId,
cash_m60: result.liquiditaet?.endstand?.m60,
})
}