From 536b445950828ca76d8418007eec63e3ebaa6207 Mon Sep 17 00:00:00 2001
From: Scott Idem <stidem@gmail.com>
Date: Tue, 23 Jun 2026 15:37:16 -0400
Subject: [PATCH] fix(pres_mgmt): agree check and sign-in URL for multi-session
 presenters
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Two fixes for presenters who have records in multiple sessions:

1. presenter_agree_ok now uses lq__event_presenter_obj.agree (the
   current page's record) instead of lq__auth__event_presenter_obj.agree
   (the sign-in record). Previously, agreeing on Presenter B while signed
   in via Presenter A's link had no effect on B's upload gate.

2. presenter_sign_in_url derived conditionally omits person_id for
   email-only presenters — URL builder moved from inline template
   to a $derived so the condition is readable.

Removes unused lq__auth__event_presenter_obj liveQuery from presenter page.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 .../presenter/[presenter_id]/+page.svelte     | 41 ++++++++++---------
 1 file changed, 21 insertions(+), 20 deletions(-)

diff --git a/src/routes/events/[event_id]/(pres_mgmt)/presenter/[presenter_id]/+page.svelte b/src/routes/events/[event_id]/(pres_mgmt)/presenter/[presenter_id]/+page.svelte
index 9cb69a6d..b5b4589f 100644
--- a/src/routes/events/[event_id]/(pres_mgmt)/presenter/[presenter_id]/+page.svelte
+++ b/src/routes/events/[event_id]/(pres_mgmt)/presenter/[presenter_id]/+page.svelte
@@ -126,16 +126,6 @@ let lq__event_presentation_obj = $derived(
         return results;
     })
 );
-let lq__auth__event_presenter_obj = $derived(
-    liveQuery(async () => {
-        let results = await db_events.presenter.get(
-            events_auth_loc.current.auth__person?.presenter_id ?? null
-        );
-
-        return results;
-    })
-);
-
 // True if this person is authed as the presenter for this specific record.
 // Checks four signals in priority order:
 //   1. Trusted staff — always authed.
@@ -167,12 +157,26 @@ let presenter_is_authed = $derived(
 let presenter_agree_ok = $derived(
     $ae_loc.trusted_access ||
     !pres_mgmt_loc.current.require__presenter_agree ||
-    !!$lq__auth__event_presenter_obj?.agree
+    !!$lq__event_presenter_obj?.agree
 );
 
 // The actual gate for showing/using the upload UI — signed in AND (if required) agreed.
 let presenter_can_upload = $derived(presenter_is_authed && presenter_agree_ok);
 
+// Build the presenter sign-in URL. person_id is included only when there's a real Person
+// record — for email-only presenters (no Person record, person_id is null) the sign-in
+// handler derives identity from presenter_id via Dexie lookup.
+let presenter_sign_in_url = $derived((() => {
+    if (!$lq__event_presenter_obj) return '';
+    const base = `${$ae_loc.url_origin}/events/${$lq__event_presenter_obj.event_id}/session/${$lq__event_presenter_obj.event_session_id}`;
+    const parts: string[] = [];
+    if ($lq__event_presenter_obj.person_id) parts.push(`person_id=${encodeURIComponent($lq__event_presenter_obj.person_id)}`);
+    parts.push(`person_pass=${encodeURIComponent($lq__event_presenter_obj.person_passcode ?? $lq__event_presenter_obj.passcode ?? '')}`);
+    parts.push(`presentation_id=${encodeURIComponent($lq__event_presenter_obj.event_presentation_id ?? '')}`);
+    parts.push(`presenter_id=${encodeURIComponent($lq__event_presenter_obj.event_presenter_id ?? '')}`);
+    return `${base}?${parts.join('&')}`;
+})());
+
 // if (browser && $lq__event_presenter_obj) {
 //     console.log('Pres Mgmt [page]: +presenter.svelte');
 //     $events_slct.event_presenter_obj = $lq__event_presenter_obj;
@@ -290,14 +294,10 @@ let presenter_can_upload = $derived(presenter_is_authed && presenter_agree_ok);
                     class="flex flex-row flex-wrap items-center justify-center gap-0.25">
                     {#if ($lq__event_presenter_obj.person_id || $lq__event_presenter_obj.email) && $ae_loc.trusted_access}
                         <!-- A button to copy the access link to the clipboard. -->
-                        <!-- person_id falls back to event_presenter_id (not email) — the sign-in
-                             handler derives the email from Dexie via the presenter_id param. -->
-                        <!-- {#snippet btn_text()}
-                    <span class="fas fa-copy m-1"></span>
-                    Copy Access Link
-                {/snippet} -->
+                        <!-- person_id is omitted for email-only presenters — the sign-in
+                             handler derives their identity via presenter_id + Dexie lookup. -->
                         <MyClipboard
-                            value={`${$ae_loc.url_origin}/events/${$lq__event_presenter_obj.event_id}/session/${$lq__event_presenter_obj.event_session_id}?person_id=${encodeURIComponent($lq__event_presenter_obj.person_id ?? $lq__event_presenter_obj.event_presenter_id ?? '')}&person_pass=${encodeURIComponent($lq__event_presenter_obj.person_passcode ?? $lq__event_presenter_obj.passcode ?? '')}&presentation_id=${encodeURIComponent($lq__event_presenter_obj?.event_presentation_id ?? '')}&presenter_id=${encodeURIComponent($lq__event_presenter_obj?.event_presenter_id ?? '')}`}
+                            value={presenter_sign_in_url}
                             btn_text="Copy Access Link"
                             btn_title="Copy the presenter access link to the clipboard."
                             btn_class="btn btn-sm preset-tonal-secondary hover:preset-filled-secondary-500 border border-secondary-500 hover:preset-filled-secondary-500"
@@ -318,7 +318,8 @@ let presenter_can_upload = $derived(presenter_is_authed && presenter_agree_ok);
                                 // presenter.email (from the spreadsheet import) for the ~75% of
                                 // LCI presenters who have no Person record in iMIS.
                                 const use_email = $lq__event_presenter_obj.person_primary_email ?? $lq__event_presenter_obj.email;
-                                const use_person_id = $lq__event_presenter_obj.person_id ?? $lq__event_presenter_obj.event_presenter_id;
+                                // null for email-only presenters — email function omits person_id from URL; sign-in derives identity from presenter_id
+                                const use_person_id = $lq__event_presenter_obj.person_id;
                                 const use_passcode = $lq__event_presenter_obj.person_passcode ?? $lq__event_presenter_obj.passcode;
 
                                 if (!use_email) {
@@ -370,7 +371,7 @@ let presenter_can_upload = $derived(presenter_is_authed && presenter_agree_ok);
                 {lq__event_presenter_obj}
                 {lq__event_presentation_obj} />
 
-            {#if $ae_loc.trusted_access || $lq__auth__event_presenter_obj?.agree}
+            {#if $ae_loc.trusted_access || $lq__event_presenter_obj?.agree}
                 <div
                     class="m-1 flex w-full flex-col flex-wrap items-center justify-center gap-1">
                     <!-- Message if they have agreed -->