Remove _random ID references and fix hosted file download ID

- Fix download button to use hosted_file_id instead of id (which resolved
  to event_file_id via _process_generic_props, hitting the wrong endpoint)
- Fix Dexie file table query in event_file_obj_tbl_wrapper to use _id
  fields (the indexed ones) instead of _id_random variants
- Remove _random fields from properties_to_save in event, event_session
- Drop _id_random fallbacks from launcher device ID resolution and
  background sync heartbeat
- Clean up dead comments and old FA anchor in post edit component
- Update TODO__Agents.md: BGH section removed, CMSC/Axonius shows added,
  download button fix marked complete

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

aether_app_sveltekit.code-workspace

@@ -9,6 +9,7 @@
             "autofetch",
             "Axonius",
             "displayplacer",
+            "elif",
             "filelist",
             "gsettings",
             "onsave"

documentation/TODO__Agents.md

@@ -3,38 +3,22 @@
 > **Status:** Stable — ongoing development.
 
 
-## 🔴 BGH Conference — April 21 (Must Fix Before Event)
+## 🔴 CMSC Charlotte — May 27 (Presentation Management)
+**Drive down:** May 25 | **Setup:** May 26 morning | **Show:** May 27+
 
-- [x] **[Locations] Event Locations list does not auto-load** — added `+page.ts` to trigger
+- [ ] **[Electron/Launcher] Clean up presentation file launch scripts** — BGH show revealed
-  `load_ae_obj_li__event_location` on page load. Also fixed session query using stale
+  issues with the scripts used to open/launch presentation files through the Electron Launcher.
-  `event_location_id_random` index (should be `event_location_id`). (2026-04-19)
+  Audit and improve the launch/open flow (script reliability, error handling, file path resolution).
+  Must be tested and ready before May 26 setup day.
 
-- [x] **[Files] Warn/error on `.ppt`/`.doc` upload** — warning rows shown per-file in upload table;
+---
-  non-trusted users are fully blocked (`file_list_status = 'blocked_legacy'`); trusted users see
-  warnings but can still upload. Covers `.ppt`, `.doc` (block) and other legacy exts (warn-only).
-  (2026-04-19)
 
-- [x] **[Files] Hide internal-purpose files from Launcher by default** — renamed `hide_draft` prop
+## 🔴 Axonius DC — June 9 (Badge Printing)
-  to `show_internal_purpose_files` in `launcher_file_cont.svelte`; logic flipped so `false` (the
+**Setup/Registration:** June 8 | **Show:** June 9
-  default) hides files with `file_purpose == 'outline'`, `'draft'`, or `'admin'`. Store key renamed
-  from `hide_content__draft_files` (inverted, misleading) to `show_content__internal_files: false`
-  (show-on-opt-in, consistent with all other `show_content__*` flags). Updated across all 8 Launcher
-  templates that pass this prop. (2026-04-19, revised 2026-04-20)
 
-- [x] **[Launcher] Remove duplicate session API call on session select** — `menu_session_list.svelte`
+- [ ] **[Badges] Epson C3500 fanfold badge layout** — Axonius is using Epson C3500 printers
-  was calling `load_ae_obj_id__event_session` directly AND then `goto()` triggered `+page.ts` which
+  with fanfold (continuous) badge stock. Create/configure a fanfold badge layout compatible
-  also called it — two concurrent calls per session click. Removed the direct call entirely;
+  with the C3500 format. Must be ready before the June 8 setup/registration day.
-  `+page.ts` is now the sole owner of session data loading. `goto()` promise assigned to
-  `ae_promises.slct__event_session_id` to drive the existing `{#await}` spinner. (2026-04-20)
-
-- [ ] **[Electron/Launcher] Deploy + test Aether Native Electron app on Mac laptops** — build,
-  deploy, and verify on onsite Mac laptops. Additional testing of cache/launch flow still needed
-  before April 21.
-
-- [x] **[Pres Mgmt] POC column shown in "Sessions at this Location"** — wired
-  `hide__session_poc={!pres_mgmt_loc.current.show__session_li_poc_field}` in
-  `ae_comp__event_location_obj_li.svelte`; also set `hide__session_location={true}` since
-  location is implicit in that context. (2026-04-19)
 
 ---
 
@@ -268,28 +252,10 @@ Firefox unaffected. Production unaffected (public IPs only).
 
 
 ### [Files] Download button — wrong ID used in `handle_click()` (2026-04-22)
-`ae_comp__hosted_files_download_button.svelte` resolves `file_id` for the download call as
+- [x] **Fixed (2026-05-11):** All 5 spots in `ae_comp__hosted_files_download_button.svelte` updated
-`hosted_file_obj?.id || hosted_file_obj?.hosted_file_id || hosted_file_id`. When called from
+  to use `hosted_file_obj?.hosted_file_id ?? hosted_file_id` instead of the old
-Manage Files with an `event_file_obj`, `hosted_file_obj.id` = `event_file_id` (set by
+  `hosted_file_obj?.id || ...` chain that stopped at `event_file_id`. Needs live re-test to
-`_process_generic_props` via the `_random` strip logic), so the chain stops at the wrong value.
+  confirm downloads still work correctly from Manage Files.
-The download call goes to `/v3/action/hosted_file/{event_file_id}/download` instead of using the
-correct `hosted_file_id`. May work if the backend accepts event_file_id at that endpoint —
-needs live verification.
-
-**Status (2026-04-22):** Tested — downloads ARE working despite the wrong ID. The backend
-V3 action endpoint appears to silently accept `event_file_id` at the `hosted_file` download
-path (or maps between the two). Working by accident, not by design. Needs proper fix before
-it breaks — if the backend ever tightens that endpoint, all Manage Files downloads will 404.
-
-**Fix:** In `handle_click()` and both `$effect` blocks and the `content` snippet, replace:
-```ts
-const file_id = hosted_file_obj?.id || hosted_file_obj?.hosted_file_id || hosted_file_id;
-```
-with:
-```ts
-const file_id = hosted_file_obj?.hosted_file_id ?? hosted_file_id;
-```
-The direct-download `<a>` path is unaffected (already uses `event_file_id` → correct endpoint).
 
 ### [Files] `db_events.file.clear()` on upload clears all cached files (2026-04-22)
 In `ae_comp__event_files_upload.svelte` line 114, `db_events.file.clear()` wipes the entire

src/lib/ae_core/ae_comp__hosted_files_download_button.svelte

@@ -128,10 +128,7 @@ $effect(() => {
 let ae_promises: key_val = $state({});
 
 $effect(() => {
-    const file_id =
+    const file_id = hosted_file_obj?.hosted_file_id ?? hosted_file_id;
-        hosted_file_obj?.id ||
-        hosted_file_obj?.hosted_file_id ||
-        hosted_file_id;
     if (file_id && $ae_sess?.api_download_kv[file_id]?.percent_completed) {
         download_percent = $ae_sess.api_download_kv[file_id].percent_completed;
     }
@@ -139,10 +136,7 @@ $effect(() => {
 
 // Reactive timer to alternate views during active download
 $effect(() => {
-    const file_id =
+    const file_id = hosted_file_obj?.hosted_file_id ?? hosted_file_id;
-        hosted_file_obj?.id ||
-        hosted_file_obj?.hosted_file_id ||
-        hosted_file_id;
     const is_actively_downloading =
         ae_promises[file_id] && download_complete === undefined;
 
@@ -193,10 +187,7 @@ let direct_download_url = $derived.by(() => {
 });
 
 async function handle_click() {
-    const file_id =
+    const file_id = hosted_file_obj?.hosted_file_id ?? hosted_file_id;
-        hosted_file_obj?.id ||
-        hosted_file_obj?.hosted_file_id ||
-        hosted_file_id;
     download_complete = undefined;
     download_status_msg = 'Downloading...';
 
@@ -238,10 +229,7 @@ async function handle_click() {
 </script>
 
 {#snippet content()}
-    {@const file_id =
+    {@const file_id = hosted_file_obj?.hosted_file_id ?? hosted_file_id}
-        hosted_file_obj?.id ||
-        hosted_file_obj?.hosted_file_id ||
-        hosted_file_id}
     {#await ae_promises[file_id]}
         <div class="flex min-h-[1.5rem] w-full items-center">
             <div
@@ -316,8 +304,7 @@ async function handle_click() {
 {/snippet}
 
 {#if hosted_file_id && hosted_file_obj}
-    {@const file_id =
+    {@const file_id = hosted_file_obj.hosted_file_id ?? hosted_file_id}
-        hosted_file_obj.id || hosted_file_obj.hosted_file_id || hosted_file_id}
 
     {#if show_direct_download}
         <a

src/lib/ae_events/ae_events__event.ts

@@ -787,7 +787,7 @@ export const properties_to_save = [
     'event_id',
     'code',
     'account_id',
-    'account_id_random',
+    // 'account_id_random',
     'conference',
     'type',
     'name',

src/lib/ae_events/ae_events__event_file.ts

@@ -359,7 +359,7 @@ export async function create_event_file_obj_from_hosted_file_async({
     });
 
     if (return_obj) return result;
-    return result?.event_file_id || result?.id || result?.event_file_id_random;
+    return result?.event_file_id || result?.id;
 }
 
 export async function delete_ae_obj_id__event_file({

src/lib/ae_events/ae_events__event_session.ts

@@ -836,12 +836,12 @@ export async function email_sign_in__event_session({
 export const properties_to_save = [
     'id',
     'event_session_id',
-    'event_session_id_random',
+    // 'event_session_id_random',
     'external_id',
     'code',
     'for_type',
     'for_id',
-    'for_id_random',
+    // 'for_id_random',
     'type_code',
     'event_id',
     'event_location_id',

src/routes/events/[event_id]/(launcher)/launcher/+layout.svelte

@@ -197,9 +197,7 @@ $effect(() => {
         untrack(() => {
             $events_slct.event_device_id =
                 native_dev.event_device_id ||
-                native_dev.id ||
+                native_dev.id;
-                native_dev.event_device_id_random ||
-                native_dev.id_random;
         });
     }
 });

src/routes/events/[event_id]/(launcher)/launcher_background_sync.svelte

@@ -370,9 +370,7 @@ async function run_device_heartbeat() {
     // String-Only ID Vision: Prioritize semantic string IDs, then generic, then legacy random strings
     const device_id =
         dev?.event_device_id ||
-        dev?.id ||
+        dev?.id;
-        dev?.event_device_id_random ||
-        dev?.id_random;
 
     if (!device_id) {
         // Only log warning if we are actually supposed to be in native mode

src/routes/events/[event_id]/(pres_mgmt)/reports/+page.svelte

@@ -77,10 +77,10 @@ let lq__event_obj = $derived(
 );
 
 // It is important that these not be set to a value! It messes with the Dexie LiveQuery.
-// let event_file_id_random_li: Array<string> = $state();
+// let event_file_id_li: Array<string> = $state();
-// let event_session_id_random_li: Array<string> = $state();
+// let event_session_id_li: Array<string> = $state();
-// let event_presentation_id_random_li: Array<string>;
+// let event_presentation_id_li: Array<string>;
-// let event_presenter_id_random_li: Array<string> = $state();
+// let event_presenter_id_li: Array<string> = $state();
 
 // let load_obj_li_results: Promise<any>|key_val;
 // let search_submit_results: Promise<any>|key_val;
@@ -142,9 +142,11 @@ $effect(() => {
             </span>
             <!-- Reports for: -->
             {#if $lq__event_obj?.cfg_json?.short_name}
+                <!-- eslint-disable-next-line svelte/no-at-html-tags -->
                 {@html $lq__event_obj?.cfg_json.short_name ??
                     ae_snip.html__not_set}
             {:else}
+                <!-- eslint-disable-next-line svelte/no-at-html-tags -->
                 {@html $lq__event_obj?.name ?? ae_snip.html__not_set}
             {/if}
         </h2>

src/routes/events/ae_comp__event_file_obj_tbl_wrapper.svelte

@@ -18,7 +18,7 @@ interface Props {
 let {
     container_class_li = [],
     // display_mode = 'default',
-    // event_file_id_random_li = $bindable(),
+    // event_file_id_li = $bindable(),
     event_file_obj_li = $bindable(),
     link_to_type,
     link_to_id,
@@ -55,9 +55,9 @@ $effect(() => {
 // let ae_tmp: key_val = {};
 // let ae_triggers: key_val = {};
 
-let event_file_id_random_li: Array<string> = $state([]);
+// let event_file_id_li: Array<string> = $state([]);
 
-let dq__where_type_id_val = $derived(`${link_to_type}_id_random`);
+let dq__where_type_id_val = $derived(`${link_to_type}_id`);
 let dq__where_eq_id_val = $derived(link_to_id ?? '');
 
 // *** Functions and Logic
@@ -122,7 +122,7 @@ let lq__event_file_obj_li = $derived(
 </script>
 
 {#if event_file_obj_li && event_file_obj_li?.length}
-    <!-- {#if event_file_id_random_li && event_file_id_random_li?.length} -->
+    <!-- {#if event_file_id_li && event_file_id_li?.length} -->
     <Comp_event_file_obj_tbl
         {container_class_li}
         {lq__event_file_obj_li}

src/routes/idaa/(idaa)/bb/ae_idaa_comp__post_obj_id_edit.svelte

@@ -595,15 +595,6 @@ $effect(() => {
                     {#each $idaa_slct.post_obj.linked_li_json as linked_obj, index (linked_obj.hosted_file_id ?? index)}
                         <span
                             class="flex flex-col items-center gap-1 rounded-lg border bg-white/50 p-1">
-                            <!-- <a
-                            href={linked_obj.url}
-                            target="_blank"
-                            class="badge badge-info variant-filled-info"
-                            >
-                            <span class="fas fa-paperclip m-1"></span>
-                            {linked_obj.filename}
-                            ({linked_obj.hosted_file_id})
-                        </a> -->
 
                             {#if $ae_loc.authenticated_access}
                                 {@const file_id =
@@ -650,8 +641,6 @@ $effect(() => {
                                                     return false;
                                                 }
 
-                                                // ae_promises[linked_obj.event_file_id] = handle_delete__event_file({event_file_id: linked_obj.event_file_id});
-
                                                 // First - Attempt to delete the hosted file
                                                 ae_promises.delete__linked_obj =
                                                     await core_func