From 8850db89c6c6f04cebbc08cfbd48d069123f2757 Mon Sep 17 00:00:00 2001
From: Scott Idem <stidem@gmail.com>
Date: Tue, 19 May 2026 11:17:24 -0400
Subject: [PATCH] fix(layouts): guard appshell header/footer data stores behind
 account_id

element_data_store fires its load trigger as soon as api_ready is true,
with no check for account_id. In the IDAA iframe flow, the outer layout
mounts before Novi UUID verification completes, so the footer fetch fires
with no x-account-id header and gets a 403.

Wrap the IDAA outer layout footer in {#if $ae_loc.account_id} so it only
loads once the member's identity is established. Apply the same guard to
the events layout header and footer for consistency.

Journals was already safe (data stores are inside the trusted_access gate).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 src/routes/events/+layout.svelte |  4 ++--
 src/routes/idaa/+layout.svelte   | 22 ++++++++++++++--------
 2 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/src/routes/events/+layout.svelte b/src/routes/events/+layout.svelte
index f35ab385..7858cc77 100644
--- a/src/routes/events/+layout.svelte
+++ b/src/routes/events/+layout.svelte
@@ -251,7 +251,7 @@ function clear_sess() {
                     class="mx-1 inline-block text-gray-500 dark:text-gray-400" />
                 <abbr title="Aether - Events Module" class="text-gray-500 dark:text-gray-400 font-semibold"> Æ Events </abbr>
             </span>
-            {#if !$ae_sess?.disable_sys_header}
+            {#if !$ae_sess?.disable_sys_header && $ae_loc.account_id}
                 <Element_data_store
                     ds_code="hub__site__appshell_header"
                     ds_type="html" />
@@ -364,7 +364,7 @@ function clear_sess() {
         </button>
     </div>
 
-    {#if !$ae_sess?.disable_sys_footer}
+    {#if !$ae_sess?.disable_sys_footer && $ae_loc.account_id}
         <footer
             class:hidden={yTop > 300}
             class:opacity-80={yTop < 250}
diff --git a/src/routes/idaa/+layout.svelte b/src/routes/idaa/+layout.svelte
index f8e349cf..2d9ed3a3 100644
--- a/src/routes/idaa/+layout.svelte
+++ b/src/routes/idaa/+layout.svelte
@@ -377,14 +377,20 @@ $effect(() => {
     </section>
 
     <!-- The footer for the IDAA section of the site -->
-    <section
-        class="module_footer footer_content lg:text-md xl:text-md flex min-h-7 px-1 py-0.5 text-sm text-slate-400 transition hover:text-slate-800 sm:text-sm 2xl:text-lg"
-        class:ae_debug={$ae_loc?.debug}>
-        <Element_data_store
-            ds_code="hub__site__appshell_footer"
-            ds_type="html"
-            class_li="grow flex flex-row justify-between" />
-    </section>
+    <!-- WHY the account_id guard: the outer IDAA layout renders before the inner (idaa) layout
+         completes Novi UUID verification. Without it, element_data_store fires immediately with
+         no account_id in the headers → 403. The footer is IDAA-specific content so it should
+         only load once the member's identity is established. -->
+    {#if $ae_loc.account_id}
+        <section
+            class="module_footer footer_content lg:text-md xl:text-md flex min-h-7 px-1 py-0.5 text-sm text-slate-400 transition hover:text-slate-800 sm:text-sm 2xl:text-lg"
+            class:ae_debug={$ae_loc?.debug}>
+            <Element_data_store
+                ds_code="hub__site__appshell_footer"
+                ds_type="html"
+                class_li="grow flex flex-row justify-between" />
+        </section>
+    {/if}
 </div>
 <!-- </AppShell> -->