From 7724cac492c7ae0f246f274b1112c842b453e984 Mon Sep 17 00:00:00 2001 From: Scott Idem Date: Fri, 20 Feb 2026 19:45:54 -0500 Subject: [PATCH] Saving notes --- documentation/AGENT_TODO.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/documentation/AGENT_TODO.md b/documentation/AGENT_TODO.md index c222ff3c..2f1925ac 100644 --- a/documentation/AGENT_TODO.md +++ b/documentation/AGENT_TODO.md @@ -4,15 +4,16 @@ ## 📋 Active Task: Post-Incident Security Recovery - [ ] **Step 1:** Conduct full audit of `PUBLIC_AE_API_SECRET_KEY` usage. Determine if it can be moved to server-side only. -- [ ] **Step 2:** Replace simulation tests (`tests/verify_jwt_logic.js`) with real Playwright integration tests hitting the local dev API. +- [x] **Step 2:** Replace simulation tests (`tests/verify_jwt_logic.js`) with real Playwright integration tests hitting the local dev API. - [ ] **Step 3:** Implement formal error boundaries for 403/401 API responses to provide user-friendly "Session Expired" or "Access Denied" UI. ## 🚧 Upcoming High Priority -- **Events Launcher:** Investigate why not all Event Locations are showing in the select options list. Modify event loading to include the full location list. - **CRUD v2 Refactor:** Finalize retirement of `Element_ae_crud_v2.svelte` in favor of V3 Editor. - **Temp Cleanup:** Auto-removal of native `.tmp` files older than 24h. ## ✅ Completed Recently +- [x] **[API]** **V3 Lookup System Integration:** Implemented standardized `/v3/lookup/` endpoints for Countries, Subdivisions, and Time Zones. Added support for `only_priority` filtering in IDAA editors. +- [x] **[UI]** **Events Launcher Location Fix:** Resolved room select list issues by ensuring all enabled/hidden locations are proactively loaded and synced. - [x] **[API]** **Event File V3 Mapping:** Implemented `inc_hosted_file` support and mapped prefixed backend fields (`hosted_file_hash_sha256`, etc.) to flat properties. - [x] **[UI]** **Badge Rendering Fix:** Refactored `badge_template` lookup to use V3 Triple ID pattern. - [x] **[API]** **event_session Search Fix:** Resolved 400 error (`Unauthorized search field 'account_id'`) via backend update.