From c6ef729c55425632ad10999fe008e78dd5b53d78 Mon Sep 17 00:00:00 2001 From: Scott Idem Date: Fri, 12 Jun 2026 17:35:02 -0400 Subject: [PATCH] docs: audit and archive completed Journals and Badges projects --- documentation/AE__Permissions_and_Security.md | 23 ++++---- .../MODULE__AE_Events_Badge_Templates.md | 9 ++- documentation/MODULE__AE_Events_Badges.md | 30 ++++++++-- documentation/MODULE__AE_Journals.md | 37 +++++++++++-- .../MODULE__AE_Journals_Config_Map.md | 14 +++++ .../PROJECT__AE_Site_Passcode_Security.md | 31 +++++++++-- ...mentation_Refresh_and_Archive_Plan_2026.md | 12 +++- documentation/README__Docs_Index.md | 2 - documentation/TODO__Agents.md | 32 +++++++++++ .../PROJECT__AE_Events_Badges_Review_Print.md | 55 +++++++++---------- ...JECT__AE_UI_Journals_Module_Update_2026.md | 22 +++++--- 11 files changed, 201 insertions(+), 66 deletions(-) rename documentation/{ => archive}/PROJECT__AE_Events_Badges_Review_Print.md (92%) rename documentation/{ => archive}/PROJECT__AE_UI_Journals_Module_Update_2026.md (93%) diff --git a/documentation/AE__Permissions_and_Security.md b/documentation/AE__Permissions_and_Security.md index 65170d99..6289c26c 100644 --- a/documentation/AE__Permissions_and_Security.md +++ b/documentation/AE__Permissions_and_Security.md @@ -1,6 +1,6 @@ # Aether — Permissions and Security -**Last Updated:** 2026-02-27 +**Last Updated:** 2026-06-12 **Source of truth:** `src/lib/ae_utils/ae_utils__perm_checks.ts`, `src/lib/stores/ae_stores.ts` --- @@ -76,15 +76,18 @@ $ae_loc.adv_mode // boolean — advanced mode toggle | AE Username + Password | `trusted` and above | Staff with AE accounts | | Novi UUID | `authenticated` | IDAA members (Novi membership system) | -Passcodes are stored per-level in `$ae_loc.site_access_code_kv`: -```typescript -site_access_code_kv: { - administrator: null, // highest passcode tier - trusted: null, // onsite staff passcode - public: 'public1980', // example - authenticated: 'auth1980' -} -``` +### Site Passcode Security Warning + +The current frontend receives every site passcode in `access_code_kv_json`, copies the map into +persisted `$ae_loc.site_access_code_kv`, and compares entered passcodes locally. Verbose logging +can also expose the complete map. This is a known active security gap, not the target design. + +Do not add new consumers of `site_access_code_kv`, log passcodes, or treat persisted +`access_type` as durable proof of authentication. The target flow verifies passcodes through +`/authenticate_passcode`, stores a signed JWT with a role-specific TTL, and removes passcodes from +the public bootstrap response and client state. + +See `documentation/PROJECT__AE_Site_Passcode_Security.md` for the active migration plan. ### `x-no-account-id` — Narrow Transport Exception diff --git a/documentation/MODULE__AE_Events_Badge_Templates.md b/documentation/MODULE__AE_Events_Badge_Templates.md index fe89f423..ef4849eb 100644 --- a/documentation/MODULE__AE_Events_Badge_Templates.md +++ b/documentation/MODULE__AE_Events_Badge_Templates.md @@ -3,7 +3,7 @@ **Module Path:** `src/routes/events/[event_id]/(badges)/templates/` **API Module:** `src/lib/ae_events/ae_events__event_badge_template.ts` **Database Table:** `event_badge_template` -**Last Updated:** 2026-03-02 +**Last Updated:** 2026-06-12 --- @@ -310,6 +310,10 @@ Controls which fields appear in the print controls panel for non-trusted users, Valid field keys: `name`, `title`, `affiliations`, `location`, `pronouns`, `allow_tracking`. +This config applies to the onsite print controls. Remote review currently uses +`event.mod_badges_json.edit_permissions` instead. Consolidating or defining precedence between +these two permission sources is tracked in `documentation/TODO__Agents.md`. + --- ## Template-Derived Features (component behavior) @@ -342,7 +346,8 @@ in DB and may be needed: - `footer_title`, `footer_left`, `footer_right` — not needed (legacy) - `header_background`, `footer_background` — not needed (legacy) - `script_src` — do not add; this field should not be used -- `duplex` — **add when backend adds the field** + +`duplex` is already saved to IDB and drives single-sided rendering. --- diff --git a/documentation/MODULE__AE_Events_Badges.md b/documentation/MODULE__AE_Events_Badges.md index 81115c65..b4a8829a 100644 --- a/documentation/MODULE__AE_Events_Badges.md +++ b/documentation/MODULE__AE_Events_Badges.md @@ -58,13 +58,25 @@ Aether acts as a **Pull-Only** consumer for registration data. It does not push | Level | Access | |---|---| -| **Authenticated** | View own badge, limited self-edit (overrides only). | -| **Trusted** | Search all badges, view all, reprint existing badges. | -| **Administrator** | Full CRUD, bulk operations, override any field. | -| **Manager** | All Admin + Event/Template configuration. | +| **Public kiosk** | View badge and perform the first print; cannot edit fields without authenticated access. | +| **Authenticated** | Edit fields allowed by the active permission config. | +| **Trusted** | Search all badges, view all, and correct names; reprint requires global Edit Mode. | +| **Administrator** | Full CRUD, bulk operations, and override access. | +| **Manager** | All Administrator capabilities plus Event/Template configuration. | ### Attendee Self-Service (`/review`) -Attendees can access their own record via a passcode-gated link (typically `?passcode=...`). This allows them to verify their info and provide preferred name/title overrides before printing. +Attendees can access their own record via a passcode-gated link (typically `?passcode=...`). +Editable fields come from `event.mod_badges_json.edit_permissions`, with module defaults as fallback. + +### Onsite Kiosk (`/print`) +The print controls update the badge preview live. Authenticated field editing is controlled by the +badge template's `cfg_json.controls_cfg` (`shown` and `auth_editable`). Trusted + global Edit Mode +overrides the template config and exposes all controls. This differs from the review page's +event-level permission source; consolidation is an active follow-up. + +### Review-Link Email +Email Link actions are placeholders and do not currently send mail. When delivery is implemented, +it must use the imported `event_badge.email` address, never attendee-editable `email_override`. --- @@ -101,7 +113,13 @@ The badge type dropdown in the search form uses a **hardcoded list**, not the te --- -## Print Tracking +## Print Rendering and Tracking + +- The canonical badge render uses binary-search text fitting for name, title, affiliations, and location. +- Template `show_qr_front`/`show_qr_back` settings control QR placement. +- Template `style_href` loads event-specific CSS on the print page. +- Template `duplex = false` suppresses the badge back for single-sided stock. +- Chromium PDF proofing requires margins set to None; physical printer paper size remains driver-controlled. Aether tracks the lifecycle of every physical badge to prevent unauthorized reprints and monitor kiosk activity. diff --git a/documentation/MODULE__AE_Journals.md b/documentation/MODULE__AE_Journals.md index bf3be3e7..9eaf024f 100644 --- a/documentation/MODULE__AE_Journals.md +++ b/documentation/MODULE__AE_Journals.md @@ -13,8 +13,9 @@ This module manages private personal journals and journal entries with offline-f - Journal and journal-entry CRUD via V3 API wrappers. - Dexie-backed local cache with liveQuery-driven UI updates. -- Private/passcode-aware access behavior. -- Entry editing flows including auto-save configuration. +- Private/passcode-aware access behavior and client-side content encryption. +- Quick Add, Append/Prepend, import/export, and entry auto-save workflows. +- Tabbed module, journal, and entry configuration modals. --- @@ -38,15 +39,43 @@ Related config map: --- +## Implemented Entry Workflows + +- Quick Add creates a plaintext note in a selected journal without opening the full editor. +- Append/Prepend injects timestamped content into an existing entry. +- Bulk import creates entries from parsed files; export supports centralized templates. +- Entry edits support debounced auto-save when `journals_loc.entry.auto_save` is enabled. +- Full entry saves encrypt `content` into `content_encrypted` when the entry's `private` + flag is enabled; disabling `private` clears encrypted content/history fields. +- The non-reactive `decrypt_journal_entry()` helper isolates decryption from Svelte effects. +- Entry configuration exposes Actions, Metadata, Security, and JSON views. Trusted users + can Remove (disable); managers and administrators can hard Delete. + +## Current Security Limitations + +- `passcode_hash` is editable but is not compared as secondary authentication before + decryption. This remains an active task. +- Quick Add explicitly creates entries with `private: false`; import creates plaintext + content without setting encryption fields. These paths do not currently offer E2EE. +- Successful decryption currently logs a short plaintext preview to the browser console. + Removal is tracked as an active privacy fix. +- Outbound email sharing is not implemented and requires a product/security decision + because journal content is private. + +--- + ## Access and Privacy -Journals contain private personal data. Treat all journal and journal-entry routes as authenticated/private content. +Journals contain private personal data. The Journals layout renders module content only when +the user has `user_id`, `person_id`, and `trusted_access`. Treat all journal and journal-entry +routes, API responses, decrypted state, logs, exports, and future sharing features as private. --- ## Related Docs -- `documentation/PROJECT__AE_UI_Journals_Module_Update_2026.md` +- `documentation/archive/PROJECT__AE_UI_Journals_Module_Update_2026.md` +- `documentation/TODO__Agents.md` - `documentation/GUIDE__SvelteKit2_Svelte5_DexieJS.md` - `documentation/GUIDE__AE_API_V3_for_Frontend.md` - `documentation/BOOTSTRAP__AI_Agent_Quickstart.md` diff --git a/documentation/MODULE__AE_Journals_Config_Map.md b/documentation/MODULE__AE_Journals_Config_Map.md index 79c84313..b17ad48d 100644 --- a/documentation/MODULE__AE_Journals_Config_Map.md +++ b/documentation/MODULE__AE_Journals_Config_Map.md @@ -53,9 +53,23 @@ This document tracks all available settings across the three levels of the Journ | `sort` | integer | Manual sort order weight. | Manual (Done) | | `archive_on` | datetime | Scheduled date for automatic archiving. | Manual (Done) | | `private` | boolean | Trigger for E2EE (Encryption). | Manual (Done) | +| `content_encrypted` | encrypted string | Encrypted entry content written during a full save when `private` is enabled. | Generated on save | +| `history_encrypted` | encrypted string | Encrypted entry history when history encryption is available. | Generated on save | +| `passcode_hash` | string | Entry-level secondary-auth field; comparison logic is not yet implemented. | Manual (Done) | | `alert` | boolean | Trigger for visual "Alert" state. | Manual (Done) | | `group` | string | Grouping key for the list view. | Manual (JSON only) | +## Encryption Behavior and Gaps + +1. Full entry saves combine the journal `passcode` and `private_passcode` to encrypt + plaintext content when the entry's `private` flag is enabled. +2. Decryption prefers a passcode typed in the current session, then falls back to the + journal `private_passcode`; the journal `passcode` is combined with that private key. +3. `passcode_hash` secondary-auth comparison is pending and must not be described as enforced. +4. Quick Add currently forces `private: false`, and bulk import creates plaintext entries + without encryption fields. Use the full editor to enable encryption until those workflows + are updated. + ## 📐 Data Normalization Rules To prevent infinite reactivity loops and trivial save cycles, the following normalizations are applied before comparison: 1. **Strings:** Trimmed and `null` treated as `""`. diff --git a/documentation/PROJECT__AE_Site_Passcode_Security.md b/documentation/PROJECT__AE_Site_Passcode_Security.md index 8be3af4d..eafa7acb 100644 --- a/documentation/PROJECT__AE_Site_Passcode_Security.md +++ b/documentation/PROJECT__AE_Site_Passcode_Security.md @@ -1,8 +1,14 @@ # PROJECT: Site Passcode Security — API-Verified Auth -**Last Updated:** 2026-04-10 -**Status:** Backend work in progress — frontend pending backend completion -**Priority:** High — passcodes for trusted/administrator access currently in localStorage plaintext +**Last Updated:** 2026-06-12 +**Last Verified Against Frontend Source:** 2026-06-12 +**Status:** Active security gap — frontend migration not started +**Priority:** High — passcodes for trusted/administrator access currently remain in localStorage plaintext + +The frontend still caches `access_code_kv_json`, compares passcodes locally, and can log the +full passcode map when verbose logging is enabled. No frontend call to `/authenticate_passcode` +or passcode-JWT expiry restoration exists. Backend implementation is documented as completed, +but deployment must be confirmed in the backend repository/environment before frontend cutover. --- @@ -81,7 +87,11 @@ This gives session expiry without a network call on every page load. ## Backend Changes Required -**Note:** The backend fixes described below have been implemented and tested in the `aether_api_fastapi` repository (the `/authenticate_passcode` endpoint now uses explicit role priority, returns a full passcode JWT with `auth_type: 'passcode'`, applies per-role TTLs, and validates passcode length). Frontend changes can proceed once the backend deployment with these fixes is available. +**Backend status note:** The fixes below were reported implemented and tested in the +`aether_api_fastapi` repository. This frontend-only audit did not verify the backend source or +deployment. Confirm that the deployed `/authenticate_passcode` uses explicit role priority, +returns a complete passcode JWT with `auth_type: 'passcode'`, applies per-role TTLs, and validates +passcode length before starting frontend cutover. ### Backend Agent Follow-Up @@ -316,6 +326,19 @@ async def authenticate_passcode( --- +## Frontend Implementation Status + +Verified 2026-06-12: + +- [ ] Confirm the corrected backend endpoint is deployed and reachable. +- [ ] Replace local passcode comparison with API verification and JWT storage. +- [ ] Add pending/error UI for passcode authentication. +- [ ] Stop copying `access_code_kv_json` into frontend auth state. +- [ ] Validate passcode JWT expiry during session restoration. +- [ ] Remove `site_access_code_kv` from auth store defaults and types. +- [ ] Remove any logging of passcode maps or entered passcodes. +- [ ] Backend Phase 2: remove `access_code_kv_json` from the public bootstrap model. + ## Frontend Changes Required **These depend on the backend fixes above being deployed first.** diff --git a/documentation/PROJECT__Documentation_Refresh_and_Archive_Plan_2026.md b/documentation/PROJECT__Documentation_Refresh_and_Archive_Plan_2026.md index 3e74700f..3228c095 100644 --- a/documentation/PROJECT__Documentation_Refresh_and_Archive_Plan_2026.md +++ b/documentation/PROJECT__Documentation_Refresh_and_Archive_Plan_2026.md @@ -49,6 +49,14 @@ Do not delete historical context; move to `documentation/archive/` with clear na - Added `documentation/archive/README.md` to explain archive categories and restoration policy. - Renamed `AE__Docker_CI_Cache_Policy.md` -> `GUIDE__Docker_CI_Cache_Policy.md`. - Renamed `AE__UI_UX_future_ideas.md` -> `PROPOSAL__AE_UI_UX_Future_Ideas.md`. +- Audited the Journals UI update against current source and archived + `PROJECT__AE_UI_Journals_Module_Update_2026.md`; remaining security work was moved to + the active task list and module documentation. +- Audited the Badges review/print project against current source and archived + `PROJECT__AE_Events_Badges_Review_Print.md`; email delivery and permission-source + unification remain active follow-ups. +- Audited Site Passcode Security against current source. It remains an active high-priority + project because plaintext client storage and local passcode comparison are still present. ### Next archive candidates (review + approve) - Older style-review snapshots once current style guide references are centralized. @@ -65,7 +73,7 @@ Monthly lightweight review: ## 5) Immediate Follow-Up Tasks -1. Run a quarterly archive review: identify stale `PROJECT__` docs with no TODO or index linkage and move them to `documentation/archive/`. -2. Review `AE__Permissions_and_Security.md` against current permission helpers and IDAA authentication behavior. +1. Continue quarterly archive reviews for remaining stale `PROJECT__` docs; the Journals and Badges projects were archived on 2026-06-12, while Site Passcode Security remains active. +2. Continue the broader permission-helper and IDAA authentication review; the Site Passcode section was source-verified on 2026-06-12. 3. Review module docs against current routes and store names rather than relying only on filename/header freshness. 4. Add a lightweight reusable link-check script if manual path validation becomes frequent. diff --git a/documentation/README__Docs_Index.md b/documentation/README__Docs_Index.md index ce2df497..a83280b5 100644 --- a/documentation/README__Docs_Index.md +++ b/documentation/README__Docs_Index.md @@ -55,8 +55,6 @@ Use this file as the routing map for project documentation. - `documentation/PROJECT__IDAA_Stores_Svelte5_Migration_2026.md` - `documentation/PROJECT__Use_AE_API_V3_CRUD_upgrade.md` - `documentation/PROJECT__AE_Events_PressMgmt_Config_Cleanup.md` -- `documentation/PROJECT__AE_Events_Badges_Review_Print.md` -- `documentation/PROJECT__AE_UI_Journals_Module_Update_2026.md` - `documentation/PROJECT__AE_Object_Field_Editor_V3_upgrade.md` - `documentation/PROJECT__AE_Site_Passcode_Security.md` diff --git a/documentation/TODO__Agents.md b/documentation/TODO__Agents.md index 3bf3393c..1b7965f5 100644 --- a/documentation/TODO__Agents.md +++ b/documentation/TODO__Agents.md @@ -72,6 +72,16 @@ wrong to users. - [x] **[Badges] Epson C3500 fanfold badge layout** — `badge_4x6_fanfold` layout CSS created, wired, and documented. First live use: Axonius Adapt DC, June 9, 2026. (2026-05-15) +### Badges follow-ups + +- [ ] **[Badges] Implement review-link email delivery** — current Email Link actions only show + placeholder alerts. Send to `event_badge.email`, never the attendee-editable `email_override`. +- [ ] **[Badges] Unify review and kiosk edit permissions** — remote review reads + `event.mod_badges_json.edit_permissions`; print controls read template `cfg_json.controls_cfg`. + Define precedence or consolidate them so both flows enforce one documented policy. +- [ ] **[Badges] Use template badge types in search filter** — replace the hardcoded badge-type + list in `ae_comp__badge_search.svelte` with the active template's `badge_type_list`. + --- ## 🚧 V3 CRUD Migration (Surgical Cleanup) @@ -85,6 +95,19 @@ Finalizing the 100% adoption of V3 Standard endpoints and retirement of legacy w ## 🚧 High Priority Workstreams +### [Security] Site Passcode JWT Migration + +- [ ] **[Security] Verify `/authenticate_passcode` deployment** — confirm explicit role priority, + complete role flags, `auth_type: 'passcode'`, per-role TTLs, and minimum length validation. +- [ ] **[Security] Replace local passcode comparison** — migrate + `e_app_access_type.svelte` to server verification, JWT storage, and pending/error UI. +- [ ] **[Security] Remove client-side passcode delivery/storage** — stop caching + `access_code_kv_json`, remove `site_access_code_kv` from auth state, and remove passcode logging. +- [ ] **[Security] Enforce passcode JWT expiry on restore** — expired passcode sessions must + return to anonymous without affecting user-login JWT handling. + +Reference: `documentation/PROJECT__AE_Site_Passcode_Security.md`. + ### [Stores] Svelte 4 → Svelte 5 State Migration The app uses `svelte-persisted-store` (coarse reactivity). Migration target: replace with Svelte 5 `PersistedState` (from `runed`) for fine-grained updates. See `PROJECT__Stores_Svelte5_Migration.md`. @@ -120,6 +143,15 @@ uses `build_tmp_sort` (overrides generic encoding in its `specific_processor`). ### [Journals] Journal Entry Config follow-ups - [ ] **[Journals] Entry passcode secondary auth** — implement `passcode_hash` comparison. +- [ ] **[Journals] Quick Add/import encryption behavior** — both creation paths currently + create plaintext entries; define the intended privacy UX and add encryption support before + claiming that these paths honor entry E2EE. +- [ ] **[Journals] Remove decrypted-content console preview** — + `ae_journals_decryption.ts` logs the first 30 plaintext characters after successful decryption. + Never log private journal content. +- [ ] **[Journals] Confirm outbound email-sharing requirement** — the archived UI project listed + this as unfinished, but no implementation exists. Confirm product/security requirements before + creating an email workflow for private journal content. --- diff --git a/documentation/PROJECT__AE_Events_Badges_Review_Print.md b/documentation/archive/PROJECT__AE_Events_Badges_Review_Print.md similarity index 92% rename from documentation/PROJECT__AE_Events_Badges_Review_Print.md rename to documentation/archive/PROJECT__AE_Events_Badges_Review_Print.md index bb4801bf..a287566d 100644 --- a/documentation/PROJECT__AE_Events_Badges_Review_Print.md +++ b/documentation/archive/PROJECT__AE_Events_Badges_Review_Print.md @@ -1,11 +1,17 @@ -# PROJECT: AE Events Badges — Review Form & Print Font Controls +# Archived Project: AE Events Badges — Review Form & Print Font Controls **Created:** 2026-02-27 -**Last Updated:** 2026-03-18 +**Completed and Archived:** 2026-06-12 +**Last Verified Against Source:** 2026-06-12 **Branch:** `ae_app_3x_llm` -**Priority:** HIGH — first live event is Axonius, NYC, mid-April 2026 **Owner:** Scott Idem / One Sky IT -**Status:** ✅ TASK 1 COMPLETE | ✅ TASK 2 COMPLETE | ✅ TASK 3 COMPLETE | ✅ TASK 4.1 COMPLETE | ⏳ TASK 4.0 OPEN +**Status:** Complete — review form, kiosk controls, auto-scaling, QR rendering, layouts, and print tracking are implemented. + +The original project scope is complete and this document is retained as implementation history. +Current behavior is documented in `documentation/MODULE__AE_Events_Badges.md` and +`documentation/MODULE__AE_Events_Badge_Templates.md`. Remaining email-delivery and permission-config +unification work is tracked in `documentation/TODO__Agents.md`. Planning statements later in this +archived document describe the state at the time they were written and are not current instructions. --- @@ -44,32 +50,24 @@ Both flows should respect the same permission model: - Permissions are configured per-event in `event.mod_badges_json.edit_permissions`. Hardcoded defaults are used until that config is implemented. -**Current gap (TASK 4):** The print page edit button is currently gated to trusted_access only. -It needs to be accessible to attendees at the kiosk (with appropriate field-level gating), -matching the permission model already implemented in `ae_comp__badge_review_form.svelte`. +**Task 4 outcome:** The print controls now implement field-level editing. Authenticated users +can edit template-approved fields, trusted staff can correct names, and trusted staff in global +Edit Mode can edit all fields. First printing is available at public kiosk access; reprinting +requires trusted access plus Edit Mode. Remote review uses event-level `edit_permissions`, while +the print controls currently use template-level `controls_cfg`; unification is tracked separately. --- -## Next Up for Badges (TASK 4) +## Task 4 Outcomes -### 0. Kiosk Editing — Print Page Permission Model Alignment -**This is the most important gap before the first live event.** +### 0. Kiosk Editing — Complete -Currently the print page edit button is staff-only (trusted_access gate). At the kiosk, -attendees need to be able to edit their own fields (same attendee-level permissions as the -review form), with staff-only fields gated appropriately. +`ae_comp__badge_print_controls.svelte` provides the inline controls and live preview. Its default +authenticated fields are title, affiliations, location, lead tracking, and pronouns; template +`controls_cfg` can narrow the fields shown and editable. Email delivery remains a placeholder; +when implemented it must send to `event_badge.email`, never `email_override`. -Work needed: -- Wire the same `can_edit_fields` / `can_edit(field)` permission logic into the print page - that `ae_comp__badge_review_form.svelte` already uses. -- The edit panel on the print page should show attendee-editable fields to all authenticated - users, and staff-only fields to trusted_access+. -- The badge render (v1 or v2) should update live as the attendee edits fields. -- Consider whether the print page needs its own inline edit panel (sidebar or overlay) - or whether it should share/reuse the review form component alongside the badge render. -- **Do NOT use `email_override` as the send-to address** — always use `event_badge.email`. - -### 1. Auto-Scaling Badge Text — In Progress +### 1. Auto-Scaling Badge Text — Complete `ae_comp__badge_obj_view.svelte` using `element_fit_text.svelte` (binary search auto-scale). Toggle between v1 (heuristic) and v2 (auto-scale) on the print page via the `v1`/`v2` header button. Heights tuned per layout in `fit_heights` derived object. Still needs visual tuning with real badges. @@ -105,10 +103,11 @@ badge data, gated by `allow_tracking` on the badge. ## Implementation Status -### ⏳ TASK 4.0: Kiosk Editing — NOT STARTED (updated 2026-03-18) -Print page edit access needs to be opened to attendee-level permissions, not just trusted_access. -The permission model, field list, and `can_edit()` helper from `ae_comp__badge_review_form.svelte` -should be the reference. See Design Intent section above. +### ✅ TASK 4.0: Kiosk Editing — COMPLETE (verified 2026-06-12) +The print controls implement authenticated field editing, trusted name correction, trusted + Edit +Mode full editing, and live preview. The print path uses template `controls_cfg`; the review path +uses event `mod_badges_json.edit_permissions`. Aligning those configuration sources is a follow-up, +not a blocker to the completed kiosk controls. **Note (2026-03-18):** `style_href` and `duplex` are both fully implemented and verified in code — the MODULE doc TODO list was stale. `duplex` is in `properties_to_save`; v2 badge render gates diff --git a/documentation/PROJECT__AE_UI_Journals_Module_Update_2026.md b/documentation/archive/PROJECT__AE_UI_Journals_Module_Update_2026.md similarity index 93% rename from documentation/PROJECT__AE_UI_Journals_Module_Update_2026.md rename to documentation/archive/PROJECT__AE_UI_Journals_Module_Update_2026.md index c97730c6..16496b2f 100644 --- a/documentation/PROJECT__AE_UI_Journals_Module_Update_2026.md +++ b/documentation/archive/PROJECT__AE_UI_Journals_Module_Update_2026.md @@ -1,9 +1,15 @@ -# Aether Journals UI Update (2026) +# Archived Project: Aether Journals UI Update (2026) -> **Status:** 🚧 Phase 4 Active (Security/Encryption Blockers remain; Journal Entry config rework in progress) -> **Last Updated:** 2026-05-05 +> **Status:** Completed and archived 2026-06-12 +> **Last Verified Against Source:** 2026-06-12 > **Primary Agent:** Frontend SvelteKit Agent +The UI modernization scope is complete: V3 CRUD, Quick Add, Append/Prepend, +import/export, auto-save, configuration modals, decryption isolation, and the +Journals style pass are implemented. Unfinished security and product follow-ups +were transferred to `documentation/TODO__Agents.md`; current operational behavior +and limitations live in `documentation/MODULE__AE_Journals.md`. + ## 1. Project Overview This document outlines the modernization of the Journals module UI in the SvelteKit frontend (`aether_app_sveltekit`). The primary goals are to fully leverage the generic V3 API architecture and introduce high-velocity productivity features for journal management. @@ -29,7 +35,7 @@ This document outlines the modernization of the Journals module UI in the Svelte * **Definitions:** `app/ae_obj_types_def.py` -> `app/object_definitions/journals.py` * **Endpoints:** `/v3/crud/journal/...` and `/v3/crud/journal_entry/...` -### Frontend (In Progress) +### Frontend (Completed UI modernization scope) * **State Management:** `src/lib/ae_journals/ae_journals_stores.ts` * **Local Storage:** Dexie.js (`db_journals`) * **API Client:** `src/lib/api/api.ts` -> `get_ae_obj` @@ -68,7 +74,7 @@ This document outlines the modernization of the Journals module UI in the Svelte - [x] Implement Bulk Export/Import system. - [x] Establish centralized Export Template engine. -### Phase 4: Polish & Security (ACTIVE) +### Phase 4: Polish & Security (UI scope complete; security follow-ups transferred) - [x] Implement Auto-Save toggle and visual status indicators. - [x] Extract decryption workflow to non-reactive helper. - [x] **Standardize Configuration Modals:** Refactored Module, Journal, and Entry configuration into a unified tabbed UI. @@ -81,9 +87,9 @@ This document outlines the modernization of the Journals module UI in the Svelte - [x] **Dark mode fixes:** Entry content hover, journal view section/description background and text colors. - [x] **Modal close button:** All 3 config modals use `dismissable={false}` + explicit `` button in header snippet for correct right-aligned placement. - [x] **Global select padding:** Added `padding-inline: 0.5rem` to `@layer base` in `app.css` (safe — utility `px-*` classes override it where intentional). -- [ ] Solidify E2EE passcode system for Journals and Entries. -- [ ] Audit encryption flow for Quick Added and Imported entries. -- [ ] Integrate Outbound Email sharing. +- [ ] Solidify E2EE passcode system for Journals and Entries. See active task list. +- [ ] Audit encryption flow for Quick Added and Imported entries. See active task list. +- [ ] Integrate Outbound Email sharing. Deferred pending product confirmation. ---