From d99e9ee1b0beb46f867348ce1291c6cbcced341d Mon Sep 17 00:00:00 2001 From: Scott Idem Date: Wed, 19 Nov 2025 12:12:29 -0500 Subject: [PATCH] refactor(events): Centralize editable fields for event objects - Implemented a whitelist for editable fields for the 'event' object type to prevent sending read-only fields in POST/PATCH requests. - Created a new file to define the editable fields. - Modified and to use this whitelist. - Removed the temporary cleaning logic from the event settings page. - Corrected Svelte 5 to in event settings components. - Updated Dexie interfaces for badge, badge_template, and device to use string IDs. --- .../ae_events__event.editable_fields.ts | 50 +++++++++++++ src/lib/ae_events/ae_events__event.ts | 28 +++++++- src/lib/ae_events/db_events.ts | 6 +- .../events/[event_id]/settings/+page.svelte | 70 +++++++++---------- ...comp__event_settings_abstracts_form.svelte | 2 +- ...ae_comp__event_settings_badges_form.svelte | 2 +- .../ae_comp__event_settings_basic_form.svelte | 2 +- .../ae_comp__event_settings_form.svelte | 2 +- ...comp__event_settings_pres_mgmt_form.svelte | 2 +- 9 files changed, 115 insertions(+), 49 deletions(-) create mode 100644 src/lib/ae_events/ae_events__event.editable_fields.ts diff --git a/src/lib/ae_events/ae_events__event.editable_fields.ts b/src/lib/ae_events/ae_events__event.editable_fields.ts new file mode 100644 index 00000000..8df89a3e --- /dev/null +++ b/src/lib/ae_events/ae_events__event.editable_fields.ts @@ -0,0 +1,50 @@ +export const editable_fields = [ + 'code', + 'conference', + 'type', + 'name', + 'summary', + 'description', + 'start_datetime', + 'end_datetime', + 'timezone', + 'location_address_json', + 'location_text', + 'attend_json', + 'attend_text', + 'status', + 'mod_abstracts_json', + 'mod_badges_json', + 'mod_exhibits_json', + 'mod_meetings_json', + 'mod_pres_mgmt_json', + 'cfg_json', + 'enable', + 'hide', + 'priority', + 'sort', + 'group', + 'notes', + 'contact_li_json', + 'external_person_id', + 'physical', + 'virtual', + 'recurring', + 'recurring_pattern', + 'recurring_start_time', + 'recurring_end_time', + 'recurring_text', + 'weekday_sunday', + 'weekday_monday', + 'weekday_tuesday', + 'weekday_wednesday', + 'weekday_thursday', + 'weekday_friday', + 'weekday_saturday', + 'attend_url', + 'attend_url_text', + 'attend_url_code', + 'attend_url_passcode', + 'attend_phone', + 'attend_phone_passcode' +]; diff --git a/src/lib/ae_events/ae_events__event.ts b/src/lib/ae_events/ae_events__event.ts index 13810e9c..48c975e3 100644 --- a/src/lib/ae_events/ae_events__event.ts +++ b/src/lib/ae_events/ae_events__event.ts @@ -596,13 +596,20 @@ export async function create_ae_obj__event({ return false; } + const cleaned_data_kv = Object.keys(data_kv) + .filter((key) => editable_fields.includes(key)) + .reduce((obj, key) => { + obj[key] = data_kv[key]; + return obj; + }, {}); + ae_promises.create__event = await api .create_ae_obj_crud({ api_cfg: api_cfg, obj_type: 'event', fields: { account_id_random: account_id, - ...data_kv + ...cleaned_data_kv }, key: api_cfg.api_crud_super_key, params: params, @@ -700,6 +707,8 @@ export async function delete_ae_obj_id__event({ return ae_promises.delete__event_obj; } +import { editable_fields } from './ae_events__event.editable_fields'; + // Updated 2024-09-25 export async function update_ae_obj__event({ api_cfg, @@ -719,13 +728,26 @@ export async function update_ae_obj__event({ if (log_lvl) { console.log(`*** update_ae_obj__event() *** event_id=${event_id}`, data_kv); } - // ae_promises.update__event_obj = 'test'; + + const cleaned_data_kv = Object.keys(data_kv) + .filter((key) => editable_fields.includes(key)) + .reduce((obj, key) => { + obj[key] = data_kv[key]; + return obj; + }, {}); + + // Rename 'account_id' to 'account_id_random' if present + if (cleaned_data_kv.account_id !== undefined) { + cleaned_data_kv.account_id_random = cleaned_data_kv.account_id; + delete cleaned_data_kv.account_id; + } + ae_promises.update__event_obj = await api .update_ae_obj_id_crud({ api_cfg: api_cfg, obj_type: 'event', obj_id: event_id, - fields: data_kv, + fields: cleaned_data_kv, // <--- This is the payload being sent key: api_cfg.api_crud_super_key, params: params, return_obj: true, diff --git a/src/lib/ae_events/db_events.ts b/src/lib/ae_events/db_events.ts index 4e3a1d60..7d1429a4 100644 --- a/src/lib/ae_events/db_events.ts +++ b/src/lib/ae_events/db_events.ts @@ -99,7 +99,7 @@ export interface Event { // Updated 2025-10-06 export interface Badge { - id: number; + id: string; // id_random: string; event_badge_id: string; event_badge_id_random: string; @@ -190,7 +190,7 @@ export interface Badge { // Updated 2025-10-06 export interface Badge_template { - id: number; + id: string; // id_random: string; event_id: string; @@ -249,7 +249,7 @@ export interface Badge_template { // Updated 2024-10-16 export interface Device { - id: number; + id: string; // id_random: string; event_device_id: string; // event_device_id_random: string; diff --git a/src/routes/events/[event_id]/settings/+page.svelte b/src/routes/events/[event_id]/settings/+page.svelte index 43f51bef..195267f4 100644 --- a/src/routes/events/[event_id]/settings/+page.svelte +++ b/src/routes/events/[event_id]/settings/+page.svelte @@ -72,8 +72,8 @@ General Config (cfg_json)
- - + +
{#if cfg_json_view === 'form'} - + {/if}
@@ -104,10 +103,10 @@ Presentation Management (mod_pres_mgmt_json)
- -
@@ -128,12 +127,11 @@ event_obj.mod_pres_mgmt_json = e.detail; }} /> - + {/if}
@@ -142,8 +140,8 @@ Badges (mod_badges_json)
- - + +
{#if badges_json_view === 'form'} - + {/if}
@@ -175,10 +172,10 @@ Abstracts (mod_abstracts_json)
- -
@@ -199,11 +196,10 @@ event_obj.mod_abstracts_json = e.detail; }} /> - + {/if}
@@ -222,11 +218,10 @@ event_obj.mod_exhibits_json = e.detail; }} /> - + @@ -244,11 +239,10 @@ event_obj.mod_meetings_json = e.detail; }} /> - + diff --git a/src/routes/events/[event_id]/settings/ae_comp__event_settings_abstracts_form.svelte b/src/routes/events/[event_id]/settings/ae_comp__event_settings_abstracts_form.svelte index 54525c0c..6bedc639 100644 --- a/src/routes/events/[event_id]/settings/ae_comp__event_settings_abstracts_form.svelte +++ b/src/routes/events/[event_id]/settings/ae_comp__event_settings_abstracts_form.svelte @@ -95,5 +95,5 @@ - + diff --git a/src/routes/events/[event_id]/settings/ae_comp__event_settings_badges_form.svelte b/src/routes/events/[event_id]/settings/ae_comp__event_settings_badges_form.svelte index 26048445..3510f7a8 100644 --- a/src/routes/events/[event_id]/settings/ae_comp__event_settings_badges_form.svelte +++ b/src/routes/events/[event_id]/settings/ae_comp__event_settings_badges_form.svelte @@ -86,5 +86,5 @@ - + diff --git a/src/routes/events/[event_id]/settings/ae_comp__event_settings_basic_form.svelte b/src/routes/events/[event_id]/settings/ae_comp__event_settings_basic_form.svelte index 5cd22e34..a7299672 100644 --- a/src/routes/events/[event_id]/settings/ae_comp__event_settings_basic_form.svelte +++ b/src/routes/events/[event_id]/settings/ae_comp__event_settings_basic_form.svelte @@ -70,5 +70,5 @@ - + diff --git a/src/routes/events/[event_id]/settings/ae_comp__event_settings_form.svelte b/src/routes/events/[event_id]/settings/ae_comp__event_settings_form.svelte index bf5248aa..b6c14f31 100644 --- a/src/routes/events/[event_id]/settings/ae_comp__event_settings_form.svelte +++ b/src/routes/events/[event_id]/settings/ae_comp__event_settings_form.svelte @@ -28,5 +28,5 @@ - + diff --git a/src/routes/events/[event_id]/settings/ae_comp__event_settings_pres_mgmt_form.svelte b/src/routes/events/[event_id]/settings/ae_comp__event_settings_pres_mgmt_form.svelte index 61414323..b2a2abea 100644 --- a/src/routes/events/[event_id]/settings/ae_comp__event_settings_pres_mgmt_form.svelte +++ b/src/routes/events/[event_id]/settings/ae_comp__event_settings_pres_mgmt_form.svelte @@ -134,5 +134,5 @@ - +