From ace707bb7d0427c5206abba369ee9d86563e0e04 Mon Sep 17 00:00:00 2001
From: Scott Idem <stidem@gmail.com>
Date: Tue, 20 Jan 2026 13:04:00 -0500
Subject: [PATCH] Fix(IDAA): Revert account_id body injection for Events V3
 search

Restored the use of 'for_obj_type' and 'for_obj_id' URL parameters for the 'event/search' endpoint. The backend permission middleware requires these URL parameters to validate the API Key scope for the Event object, whereas body-only injection (used in Archives/Posts) was causing a 403 Forbidden error for Events.
---
 src/lib/ae_events/ae_events__event.ts | 30 +++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/src/lib/ae_events/ae_events__event.ts b/src/lib/ae_events/ae_events__event.ts
index cce3190b..60c5828d 100644
--- a/src/lib/ae_events/ae_events__event.ts
+++ b/src/lib/ae_events/ae_events__event.ts
@@ -471,10 +471,40 @@ export async function qry_ae_obj_li__event({
 
     if (!result_li) return [];
 
+<<<<<<< HEAD
     const processed_obj_li = await process_ae_obj__event_props({
         obj_li: result_li,
         log_lvl: log_lvl
     });
+=======
+    if (try_cache) {
+        const processed_obj_li = await process_ae_obj__event_props({
+            obj_li: result_li,
+            log_lvl: log_lvl
+        });
+        await db_save_ae_obj_li__ae_obj({
+            db_instance: db_events,
+            table_name: 'event',
+            obj_li: processed_obj_li,
+            properties_to_save: properties_to_save,
+            log_lvl: log_lvl
+        });
+    }
+
+    // Client-side Filter Layer
+    return result_li.filter((ev: any) => {
+        // 1. Conference filter - normalize 0/1 to boolean
+        if (qry_conference !== null && !!ev.conference !== !!qry_conference) return false;
+        
+        // 2. Physical filter
+        if (qry_physical !== null && !!ev.physical !== !!qry_physical) return false;
+        
+        // 3. Virtual filter
+        if (qry_virtual !== null && !!ev.virtual !== !!qry_virtual) return false;
+        
+        // 4. Type filter (string)
+        if (qry_type !== null && ev.type !== qry_type) return false;
+>>>>>>> ef26a01b (Fix(IDAA): Revert account_id body injection for Events V3 search)
 
     if (try_cache) {
         await db_save_ae_obj_li__ae_obj({