feat(idaa): trusted/admin users always get Jitsi moderator role

Rather than hardcoding the IDAA admins group UUID or making an extra API call, re-use the access level already established by the IDAA layout. If $ae_loc.trusted_access is set (verified against novi_trusted_li / novi_admin_li), the user is a moderator immediately. Only regular authenticated members fall through to the group membership check. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-27 14:52:31 -04:00
parent 27f0bd21fb
commit b88a7de358
1 changed files with 33 additions and 25 deletions
--- a/src/routes/idaa/(idaa)/video_conferences/+page.svelte
+++ b/src/routes/idaa/(idaa)/video_conferences/+page.svelte
@@ -477,33 +477,41 @@ async function fetch_novi_data() {
            }
        }

-        // Moderator group check: prefer the g_uuid passed per-meeting in the URL (more precise),
-        // fall back to the global novi_idaa_group_guid_li from site config for older Novi pages
-        // that haven't been updated to pass g_uuid yet.
-        const group_uuid = url_params.g_uuid ?? null;
-        const group_guid_li = group_uuid
-            ? [group_uuid]
-            : ($ae_loc.site_cfg_json?.novi_idaa_group_guid_li ?? []);
-        if (group_uuid) {
-            console.log(`Jitsi: Checking moderator via URL g_uuid: ${group_uuid}`);
-        } else {
-            console.log(`Jitsi: No g_uuid in URL — falling back to site config group list (${group_guid_li.length} groups).`);
-        }
-        const moderatorIdSet = await get_novi_group_moderators(
-            group_guid_li,
-            novi_api_root_url,
-            novi_api_key
-        );
-        const normalizedUserId = String(user_id ?? '')
-            .toLowerCase()
-            .trim();
-
-        if (normalizedUserId && moderatorIdSet.has(normalizedUserId)) {
+        // Trusted/admin users are always moderators — the IDAA layout already verified
+        // this UUID against novi_trusted_li / novi_admin_li (from site config) and set
+        // $ae_loc.trusted_access. Re-using that result avoids a redundant API call.
+        if ($ae_loc.trusted_access) {
            is_moderator = true;
-            console.log(`Jitsi: User ${user_id} is a moderator.`);
+            console.log(`Jitsi: User ${user_id} is moderator via trusted/admin access level.`);
        } else {
-            is_moderator = false; // Explicitly set to false if not in the set
-            console.log(`Jitsi: User ${user_id} is not a moderator.`);
+            // For regular authenticated members, check the specific meeting group.
+            // Prefer g_uuid from URL (per-meeting, more precise); fall back to the global
+            // novi_idaa_group_guid_li list for older Novi pages not yet passing g_uuid.
+            const group_uuid = url_params.g_uuid ?? null;
+            const group_guid_li = group_uuid
+                ? [group_uuid]
+                : ($ae_loc.site_cfg_json?.novi_idaa_group_guid_li ?? []);
+            if (group_uuid) {
+                console.log(`Jitsi: Checking moderator via URL g_uuid: ${group_uuid}`);
+            } else {
+                console.log(`Jitsi: No g_uuid in URL — falling back to site config group list (${group_guid_li.length} groups).`);
+            }
+            const moderatorIdSet = await get_novi_group_moderators(
+                group_guid_li,
+                novi_api_root_url,
+                novi_api_key
+            );
+            const normalizedUserId = String(user_id ?? '')
+                .toLowerCase()
+                .trim();
+
+            if (normalizedUserId && moderatorIdSet.has(normalizedUserId)) {
+                is_moderator = true;
+                console.log(`Jitsi: User ${user_id} is a moderator.`);
+            } else {
+                is_moderator = false;
+                console.log(`Jitsi: User ${user_id} is not a moderator.`);
+            }
        }
    } else {
        console.warn(