From e16a28cc2908c5c6e807ea3848461c9c282d59fd Mon Sep 17 00:00:00 2001
From: Scott Idem <stidem@gmail.com>
Date: Mon, 15 Dec 2025 16:07:26 -0500
Subject: [PATCH] Work on checking or guessing permissions based on Novi URL
 params.

---
 src/routes/idaa/(idaa)/+layout.svelte         |  19 ++-
 .../(idaa)/video_conferences/+page.svelte     |   3 +-
 static/idaa_novi_iframe_jitsi_meeting.html    | 135 +++---------------
 3 files changed, 43 insertions(+), 114 deletions(-)

diff --git a/src/routes/idaa/(idaa)/+layout.svelte b/src/routes/idaa/(idaa)/+layout.svelte
index 2a8f21ab..486d9494 100644
--- a/src/routes/idaa/(idaa)/+layout.svelte
+++ b/src/routes/idaa/(idaa)/+layout.svelte
@@ -75,7 +75,24 @@
             // Resetting these just in case...
             $idaa_loc.bb.qry__hidden == 'not_hidden';
             $idaa_loc.bb.qry__enabled == 'enabled';
-        } else if ($ae_loc.iframe) {
+        // NOTE: This is sort of temporary while we work on getting Jisti working with IDAA's Novi site.
+        } else if (
+            $ae_loc?.iframe &&
+            $idaa_loc?.novi_uuid?.length == 36
+        ) {
+            $ae_loc.access_type = 'authenticated';
+            $ae_loc.super_access = false;
+            $ae_loc.manager_access = false;
+            $ae_loc.administrator_access = false;
+            $ae_loc.trusted_access = false;
+            $ae_loc.public_access = false;
+            $ae_loc.authenticated_access = true;
+            $ae_loc.anonymous_access = true;
+
+            // Resetting these just in case...
+            $idaa_loc.bb.qry__hidden == 'not_hidden';
+            $idaa_loc.bb.qry__enabled == 'enabled';
+        } else if ($ae_loc?.iframe) {
             $ae_loc.access_type = 'anonymous';
             $ae_loc.super_access = false;
             $ae_loc.manager_access = false;
diff --git a/src/routes/idaa/(idaa)/video_conferences/+page.svelte b/src/routes/idaa/(idaa)/video_conferences/+page.svelte
index e6869544..c0a301d0 100644
--- a/src/routes/idaa/(idaa)/video_conferences/+page.svelte
+++ b/src/routes/idaa/(idaa)/video_conferences/+page.svelte
@@ -513,8 +513,9 @@
 		Re-initialize Jitsi
 	</button>
 
+	<!-- https://jitsi.github.io/handbook/docs/dev-guide/dev-guide-iframe-commands/ -->
 	<button
-		onclick={() => jitsi_api && jitsi_api.executeCommand('endMeeting')}
+		onclick={() => jitsi_api && jitsi_api.executeCommand('endConference')}
 		class="mt-2 px-2 py-1 bg-red-200 text-white rounded hover:bg-red-400"
 	>
 		<span class="fas fa-phone-slash" aria-hidden="true"></span>
diff --git a/static/idaa_novi_iframe_jitsi_meeting.html b/static/idaa_novi_iframe_jitsi_meeting.html
index 0aa6e001..924ddf9f 100644
--- a/static/idaa_novi_iframe_jitsi_meeting.html
+++ b/static/idaa_novi_iframe_jitsi_meeting.html
@@ -10,6 +10,20 @@
 <!-- START: Copy below this point -->
 <!-- IMPORTANT: This <script> element and <p> element below are for using in an iframe in the IDAA Nov site. One Sky IT's Jitsi meeting iframe -->
 
+<!-- IDAA OSIT iframe container element for Novi - Jitsi Meeting iframe -->
+<p>
+    <iframe
+        width="100%"
+        height="950"
+        id="ae_idaa_jitsi_meeting_iframe"
+        src=""
+        style="min-height: 750px; height: min-content; max-height: 2048px"
+        class="ae_idaa_iframe"
+        allow="camera; microphone; fullscreen; display-capture; autoplay; clipboard-write"
+        allowfullscreen
+    ></iframe>
+</p>
+
 <!-- IDAA and Novi specific JavaScript to get current Novi user info and load Jitsi iframe -->
 <script>
     let novi_customer_uid = '<%=Novi.User.CustomerUniqueId%>'; // NOTE: The Novi UUID for the current current user/customer
@@ -49,122 +63,19 @@
 
     let idaa_ae_iframe_height = null;
 
+    let idaa_ae_iframe_element = document.getElementById(
+        'ae_idaa_jitsi_meeting_iframe'
+    );
+
+    idaa_ae_iframe_element.src =
+        `${idaa_osit_ae_api_root_url}?uuid=${novi_customer_uid}&iframe=true&key=${idaa_osit_ae_site_key}&room=${room_name}&incoming_msg_sound=${incoming_msg_sound}&participant_joined_sound=${participant_joined_sound}&participant_left_sound=${participant_left_sound}&reaction_sound=${reaction_sound}&raise_hand_sound=${raise_hand_sound}&start_muted=${start_muted}&start_hidden=${start_hidden}&reactions_muted=${reactions_muted}`
+        ;
+
+
     // IN PROGRESS: The Novi API fetch to get current user info is being moved to the Svelte page that hosts the iframe (https://domain.tld/idaa/video_conferences). Only the bare minimum info will be passed to the iframe via URL params. Pretty much just the Novi Customer GUID (UUID). The Svelte page will fetch the rest of the user info from the Novi API and then load the iframe with all the correct params. That same page also checks the Novi groups to see if the user is a moderator in one of those.
 
-    var novi_api_headers = new Headers();
-    novi_api_headers.append('Authorization', `Basic ${novi_api_key_for_idaa}`);
-
-    var requestOptions = {
-        method: 'GET',
-        headers: novi_api_headers,
-        redirect: 'follow'
-    };
-
-    let novi_api_get_customer_endpoint = `${novi_api_root_url}/customers/${novi_customer_uid}`;
-    console.log(`Novi API Get Customer Endpoint: ${novi_api_get_customer_endpoint}`);
-
-    fetch(novi_api_get_customer_endpoint, requestOptions)
-        // .then(response => response.text())
-        .then((response) => response.json())
-        .then((result) => {
-            novi_current_user_obj = result;
-            console.log(`Novi's Current User Obj:`, novi_current_user_obj);
-            // console.log(`Novi's Current User Obj (${novi_current_user_obj.Email}):`, novi_current_user_obj);
-
-            let full_name = novi_current_user_obj?.Name;
-            let first_name = novi_current_user_obj?.FirstName;
-            let last_initial = novi_current_user_obj?.LastName
-                ? novi_current_user_obj.LastName.charAt(0).toUpperCase() + '.'
-                : '';
-            if (last_initial) {
-                full_name = `${first_name} ${last_initial}`;
-            }
-            console.log(`Novi's Current User's Full Name: ${full_name}`);
-
-            let idaa_ae_iframe_element = document.getElementById(
-                'ae_idaa_jitsi_meeting_iframe'
-            );
-
-            idaa_ae_iframe_element.src =
-                `${idaa_osit_ae_api_root_url}?uuid=${novi_customer_uid}&email=${novi_current_user_obj.Email}&full_name=${full_name}&moderator=${is_moderator}&room=${room_name}&iframe=true&key=${idaa_osit_ae_site_key}&incoming_msg_sound=${incoming_msg_sound}&participant_joined_sound=${participant_joined_sound}&participant_left_sound=${participant_left_sound}&reaction_sound=${reaction_sound}&raise_hand_sound=${raise_hand_sound}&start_muted=${start_muted}&start_hidden=${start_hidden}&reactions_muted=${reactions_muted}`
-                ;
-
-            // url.searchParams.delete('event_id');
-            // history.pushState({}, '', url);
-        })
-        .catch((error) => console.log('error', error));
-
-    window.addEventListener('message', function (event) {
-        // console.log('Message received from the child:', event.data); // Message received from child
-
-        if (event.data) {
-            if (event.data.iframe_height) {
-                // console.log(`Got iframe height: ${event.data.iframe_height}`);
-                idaa_ae_iframe_height = event.data.iframe_height;
-
-                let idaa_ae_iframe_element = document.getElementById(
-                    'ae_idaa_novi_meeting_iframe'
-                );
-
-                // idaa_ae_iframe_element.style.height = idaa_ae_iframe_height;
-                idaa_ae_iframe_element.style.height = `${idaa_ae_iframe_height + 50}px`;
-            }
-
-            if (event.data.scroll_to !== undefined) {
-                console.log(`Got scroll_to: ${event.data.scroll_to}`);
-
-                let idaa_ae_iframe_element = document.getElementById(
-                    'ae_idaa_novi_meeting_iframe'
-                );
-                if (idaa_ae_iframe_element) {
-                    console.log(`Scrolling to: ${event.data.scroll_to}`);
-                    // window.scrollTo(0, 0); // This works for all current browsers
-                    window.scrollTo({
-                        top: 0,
-                        left: 0,
-                        behavior: 'smooth'
-                    });
-                    // idaa_ae_iframe_element.scrollTo({x: 0, y: 0}); // Scroll to top
-                    // document.body.scrollTo({x: 0, y: 0}); // Scroll to top
-                    // document.body.scrollTo({
-                    // top: 0,
-                    // behavior: 'smooth'
-                    // });
-                    // document.body.scrollTop = 0;
-                    // idaa_ae_iframe_element?.scrollTo(0, 0)
-                    // idaa_ae_iframe_element.scrollTo({
-                    // top: 0,
-                    // behavior: 'smooth'
-                    // });
-                    // idaa_ae_iframe_element.scrollTo({
-                    //     top: event.data.scroll_to,
-                    //     behavior: 'smooth'
-                    // });
-                } else {
-                    console.warn(
-                        `Element with ID "ae_idaa_jitsi_meeting_iframe" not found.`
-                    );
-                }
-            }
-        } else {
-            console.log(`No data in message? ${event}`);
-        }
-    });
 </script>
 
-<!-- IDAA OSIT iframe container element for Novi - Jitsi Meeting iframe -->
-<p>
-    <iframe
-        width="100%"
-        height="950"
-        id="ae_idaa_jitsi_meeting_iframe"
-        src=""
-        style="min-height: 750px; height: min-content; max-height: 2048px"
-        class="ae_idaa_iframe"
-        allow="camera; microphone; fullscreen; display-capture; autoplay; clipboard-write"
-        allowfullscreen
-    ></iframe>
-</p>
 
 <!-- Enable or disable sounds -->
 <div