More work on the site permissions.

src/routes/+layout.svelte

@@ -118,12 +118,31 @@ if ($ae_loc.site_cfg_json.slct__sponsorship_cfg_id) {
 
 if ($ae_loc.allow_access && !$ae_loc.key_checked) {
     console.log(`PASS: The access key was checked earlier.`);
+
+    // allow_access should equal true or the access key.
+    if ($ae_loc.site_access_key || $ae_loc.site_domain_access_key) {
+        console.log(`We need to do a current check against the allow_access value.`);
+        if ($ae_loc.site_access_key == $ae_loc.allow_access || $ae_loc.site_domain_access_key == $ae_loc.allow_access) {
+            console.log(`PASS: The access key was checked earlier and we just now checked the key.`);
+        } else {
+            console.log(`FAIL: The access key was checked earlier, but just now failed.`);
+            if ($ae_loc.trusted_access) {
+                console.log(`FAIL: The access key was checked earlier and failed, but we have trusted access.`);
+                $ae_loc.allow_access = true;
+            } else {
+                $ae_loc.allow_access = false;
+            }
+        }
+    } else {
+        // This means this site and domain do not require an access key.
+        // Do nothing to change the allow_access here at this time.
+    }
 } else if ($ae_loc.allow_access && $ae_loc.key_checked) {
     console.log(`PASS: The access key was checked earlier and we just now checked the key.`);
 } else if (!$ae_loc.allow_access && $ae_loc.key_checked) {
     console.log(`FAIL: The access key was checked earlier and failed.`);
-    if ($ae_loc.administrator_access) {
-        console.log(`FAIL: The access key was checked earlier and failed, but we have administrator access.`);
+    if ($ae_loc.trusted_access) {
+        console.log(`FAIL: The access key was checked earlier and failed, but we have trusted access.`);
         $ae_loc.allow_access = true;
     }
 } else {

src/routes/+layout.ts

@@ -57,9 +57,9 @@ let ae_loc_init: key_val = {
 // functions: fetch, setHeaders, parent, depends, untrack
 export async function load({ fetch, params, parent, route, url }) { // params, route, url
     let log_lvl = 0;
-    // console.log(`Svelte root layout.ts params:`, params);
-    // console.log(`Svelte root layout.ts route:`, route);
-    // console.log(`Svelte root layout.ts url:`, url);
+    // console.log(`Svelte root +layout.ts params:`, params);
+    // console.log(`Svelte root +layout.ts route:`, route);
+    // console.log(`Svelte root +layout.ts url:`, url);
 
     let account_id: Promise<any>;
 
@@ -166,12 +166,15 @@ export async function load({ fetch, params, parent, route, url }) { // params, r
             ae_loc_init['site_domain_access_key'] = site_domain_results.site_domain_access_key; // This is specific to a (sub)domain.
 
             if (!ae_loc_init['site_access_key'] && !ae_loc_init['site_domain_access_key']) {
-                ae_loc_init['key_checked'] = true;
+                ae_loc_init['key_checked'] = true; // Se to true to allow access without a key.
                 ae_loc_init['allow_access'] = true; // No access key is required here.
             } else {
                 let access_key = url.searchParams.get('key');
-                console.log(`root layout.ts: access_key = `, access_key);
+
                 if (access_key) {
+                    if (log_lvl) {
+                        console.log(`root +layout.ts: access_key = ${access_key}`);
+                    }
                     if (access_key == ae_loc_init['site_access_key']) {
                         ae_loc_init['key_checked'] = ae_loc_init['site_access_key'];
                         ae_loc_init['allow_access'] = ae_loc_init['site_access_key'];
@@ -179,26 +182,34 @@ export async function load({ fetch, params, parent, route, url }) { // params, r
                         ae_loc_init['key_checked'] = ae_loc_init['site_domain_access_key'];
                         ae_loc_init['allow_access'] = ae_loc_init['site_domain_access_key'];
                     } else {
+                        // The key changed and no longer matches the site or domain key.
                         ae_loc_init['key_checked'] = true;
                         ae_loc_init['allow_access'] = false;
                     }
                 } else {
+                    if (log_lvl) {
+                        console.log(`root +layout.ts: No access key found in URL.`);
+                    }
                     ae_loc_init['key_checked'] = true;
+                    // Do nothing to change the allow_access here
                     // ae_loc_init['allow_access'] = false; // An access key is required at this point.
                 }
             }
 
-            console.log(`root layout.ts: Returning account_id = `, site_domain_results.account_id_random);
+            if (log_lvl) {
+                console.log(`root +layout.ts: Returning account_id = `, site_domain_results.account_id_random);
+                console.log(`root +layout.ts: ae_loc_init = `, ae_loc_init);
+            }
 
             return site_domain_results.account_id_random;
         }
-        console.log(`root layout.ts: Site domain results not found!!!`)
+        console.log(`root +layout.ts: Site domain results not found!!!`)
 
         return null;
     });
 
     if (!account_id) {
-        console.log(`root layout.ts: The account_id was not found in API response!!!`);
+        console.log(`root +layout.ts: The account_id was not found in API response!!!`);
         // return false;
         // return;
         error(500, {