Fix(IDAA): Revert account_id body injection for Events V3 search

Restored the use of 'for_obj_type' and 'for_obj_id' URL parameters for the 'event/search' endpoint. The backend permission middleware requires these URL parameters to validate the API Key scope for the Event object, whereas body-only injection (used in Archives/Posts) was causing a 403 Forbidden error for Events.
2026-01-20 13:04:00 -05:00
parent 6380effa90
commit ace707bb7d
1 changed files with 30 additions and 0 deletions
--- a/src/lib/ae_events/ae_events__event.ts
+++ b/src/lib/ae_events/ae_events__event.ts
@@ -471,10 +471,40 @@ export async function qry_ae_obj_li__event({

    if (!result_li) return [];

+<<<<<<< HEAD
    const processed_obj_li = await process_ae_obj__event_props({
        obj_li: result_li,
        log_lvl: log_lvl
    });
+=======
+    if (try_cache) {
+        const processed_obj_li = await process_ae_obj__event_props({
+            obj_li: result_li,
+            log_lvl: log_lvl
+        });
+        await db_save_ae_obj_li__ae_obj({
+            db_instance: db_events,
+            table_name: 'event',
+            obj_li: processed_obj_li,
+            properties_to_save: properties_to_save,
+            log_lvl: log_lvl
+        });
+    }
+
+    // Client-side Filter Layer
+    return result_li.filter((ev: any) => {
+        // 1. Conference filter - normalize 0/1 to boolean
+        if (qry_conference !== null && !!ev.conference !== !!qry_conference) return false;
+        
+        // 2. Physical filter
+        if (qry_physical !== null && !!ev.physical !== !!qry_physical) return false;
+        
+        // 3. Virtual filter
+        if (qry_virtual !== null && !!ev.virtual !== !!qry_virtual) return false;
+        
+        // 4. Type filter (string)
+        if (qry_type !== null && ev.type !== qry_type) return false;
+>>>>>>> ef26a01b (Fix(IDAA): Revert account_id body injection for Events V3 search)

    if (try_cache) {
        await db_save_ae_obj_li__ae_obj({