Compare commits
7 Commits
35c4341c34
...
1e2c9d9b74
| Author | SHA1 | Date | |
|---|---|---|---|
|
1e2c9d9b74 | ||
|
|
e64001cf63 | ||
|
|
4137d8677d | ||
|
|
19d0145d00 | ||
|
|
9d44b9341c | ||
|
|
bc67ff5798 | ||
|
|
f87ab10251 |
@@ -148,6 +148,8 @@ This section documents the exact way Aether uses the Novi API for the IDAA integ
|
||||
|
||||
- **All-or-nothing policy:** If the Novi API key is not configured or the verification call fails, the Novi-based access path is denied. The layout explicitly prevents child routes from rendering while verification is in-flight to avoid flashing "Access Denied".
|
||||
|
||||
- **Rate limits (Novi API):** 20 calls/second · 600 calls/minute · 100,000 calls/day. The layout handles 429 responses with a 10-second flat backoff and one retry. If the retry also returns 429, access is denied and a "Reload / Retry" button is shown. The 5-minute TTL cache on successful verification prevents repeated calls during normal use.
|
||||
|
||||
### Verification Flow (implementation)
|
||||
|
||||
1. The IDAA iframe loads Aether pages with a `?uuid=<uuid>&iframe=true` param.
|
||||
@@ -544,7 +546,8 @@ ae_loc.idaa_loc = { novi_uuid: 'test-uuid-value', ... };
|
||||
---
|
||||
|
||||
## IDAA Novi Groups and Moderators
|
||||
IDAA Couples Meeting = "e9e162f0-3d03-4241-9682-340135ec3fb8"
|
||||
|
||||
### IDAA Couples Meeting = "e9e162f0-3d03-4241-9682-340135ec3fb8"
|
||||
|
||||
"Gregory X Boehm" "00ee764c-7559-496b-9d18-40d3e9092c0c"
|
||||
"Kee B. PARK" "24ab3297-bfce-473c-9311-4b31e3a8974f"
|
||||
@@ -553,10 +556,17 @@ IDAA Couples Meeting = "e9e162f0-3d03-4241-9682-340135ec3fb8"
|
||||
"Owen Lander" "9671a2c4-ff95-48c2-bcde-5c6eba95cded"
|
||||
"Susan Park" "4a9f94c5-d766-4808-ab76-117c9e43903a"
|
||||
|
||||
"Student/Resident Meeting Moderators" "d76d2c00-962d-40f6-a2e8-ed9c85594d96"
|
||||
### "Student/Resident Meeting Moderators" "d76d2c00-962d-40f6-a2e8-ed9c85594d96"
|
||||
|
||||
"Melissa Eve Valasky" "182d1db3-caa9-41bc-b04a-2facc6859aeb"
|
||||
"Steven L. Klein" "5724aad7-6d89-47e7-8943-966fd22911bd"
|
||||
|
||||
### "IDAA BIPOC Meeting" "873d3ad0-2605-4ccf-824c-638c16b2b9cf"
|
||||
|
||||
"Paula Lynn Bailey-Walton" "68383ba2-0989-4860-9ea6-073f9698df67"
|
||||
"Tasha Hudson" "03d5408c-3c13-4c3a-a93f-49871f9050b1"
|
||||
|
||||
|
||||
---
|
||||
|
||||
**Document Status:** ✅ Current
|
||||
|
||||
@@ -46,17 +46,15 @@ for the full checklist and prep plan.
|
||||
`static/ae-print-badge.css` behind `html.debug_outlines` class (toggled by the "Show debug
|
||||
outlines" checkbox in the controls panel, trusted-only). Won't appear in print unless explicitly
|
||||
enabled. No action needed. (verified 2026-03-18)
|
||||
- [ ] **Zebra ZC10L Linux driver** — install CUPS driver package ahead of time; verify card prints
|
||||
before burning rental time on driver setup. Check Zebra's site for Linux/CUPS driver.
|
||||
- [x] **Zebra ZC10L Linux driver** — installed CUPS driver; verified card prints. (2026-03-27)
|
||||
- [x] **`style_href` wired** — `print/+page.svelte` already loads `style_href` via `<svelte:head>`
|
||||
and it's in `properties_to_save`. (verified 2026-03-18)
|
||||
- [x] **`duplex=0` hides badge back** — `duplex` is in `properties_to_save`; v2 badge render
|
||||
gates `{#if show_badge_back}` on `duplex != null && !!duplex`. Set `duplex=0` on the template
|
||||
to suppress the back section for single-sided PVC. (verified 2026-03-18)
|
||||
- [ ] **Set up test event + PVC template** in dev DB with `layout: badge_3.5x5.5_pvc`,
|
||||
`duplex=0`, a few badge records with varied name lengths, HTML in fields, different badge_type_codes.
|
||||
- [ ] **Test data set:** include edge cases — very long name, HTML markup in name/affiliations,
|
||||
badge with no affiliations, badge with all ticket/option codes set.
|
||||
- [x] **Set up test event + PVC template** in dev DB with `layout: badge_3.5x5.5_pvc`,
|
||||
`duplex=0`, badge records with varied name lengths, HTML in fields, different badge_type_codes,
|
||||
edge cases (very long name, HTML markup, no affiliations, all ticket/option codes). (2026-03-27)
|
||||
|
||||
### [Leads] Exhibitor Lead Scanning — IN PROGRESS (demo-ready prep)
|
||||
Module is substantially built as a PWA (no Electron). Core flow works end-to-end.
|
||||
|
||||
@@ -259,7 +259,7 @@ export async function create_ae_obj__event_badge({
|
||||
|
||||
const result = await api.create_nested_obj({
|
||||
api_cfg,
|
||||
parent_type: 'event',
|
||||
parent_type: 'event_person',
|
||||
parent_id: event_id,
|
||||
child_type: 'event_badge',
|
||||
fields: data_kv,
|
||||
|
||||
42
src/lib/ae_events/ae_events__event_person.ts
Normal file
42
src/lib/ae_events/ae_events__event_person.ts
Normal file
@@ -0,0 +1,42 @@
|
||||
import type { key_val } from '$lib/stores/ae_stores';
|
||||
import { api } from '$lib/api/api';
|
||||
|
||||
const ae_promises: key_val = {};
|
||||
|
||||
/**
|
||||
* create_ae_obj__event_person
|
||||
* Creates a new event_person record linked to an event.
|
||||
* Used as the first step of manual one-off badge creation.
|
||||
* The returned event_person_id is then passed to create_ae_obj__event_badge.
|
||||
*/
|
||||
export async function create_ae_obj__event_person({
|
||||
api_cfg,
|
||||
event_id,
|
||||
data_kv,
|
||||
params = {},
|
||||
log_lvl = 0
|
||||
}: {
|
||||
api_cfg: any;
|
||||
event_id: string;
|
||||
data_kv: key_val;
|
||||
params?: key_val;
|
||||
log_lvl?: number;
|
||||
}): Promise<any | null> {
|
||||
if (log_lvl) {
|
||||
console.log(
|
||||
`*** create_ae_obj__event_person() *** event_id=${event_id}`
|
||||
);
|
||||
}
|
||||
|
||||
ae_promises.create__event_person = await api.create_nested_obj({
|
||||
api_cfg,
|
||||
parent_type: 'event',
|
||||
parent_id: event_id,
|
||||
child_type: 'event_person',
|
||||
fields: data_kv,
|
||||
params,
|
||||
log_lvl
|
||||
});
|
||||
|
||||
return ae_promises.create__event_person;
|
||||
}
|
||||
@@ -33,6 +33,8 @@ import * as event_presenter from '$lib/ae_events/ae_events__event_presenter';
|
||||
|
||||
import * as event_badge from '$lib/ae_events/ae_events__event_badge';
|
||||
|
||||
import { create_ae_obj__event_person } from '$lib/ae_events/ae_events__event_person';
|
||||
|
||||
import * as event_badge_template from '$lib/ae_events/ae_events__event_badge_template';
|
||||
|
||||
const export_obj = {
|
||||
@@ -46,6 +48,9 @@ const export_obj = {
|
||||
update_ae_obj__event: event.update_ae_obj__event,
|
||||
sync_config__event_pres_mgmt: event.sync_config__event_pres_mgmt,
|
||||
|
||||
// Event Person
|
||||
create_ae_obj__event_person: create_ae_obj__event_person,
|
||||
|
||||
// Event Badges
|
||||
load_ae_obj_id__event_badge: event_badge.load_ae_obj_id__event_badge,
|
||||
load_ae_obj_li__event_badge: event_badge.load_ae_obj_li__event_badge,
|
||||
|
||||
@@ -21,6 +21,12 @@ const idaa_local_data_struct: key_val = {
|
||||
// True after a successful Novi API verification (UUID confirmed to be a real Novi member).
|
||||
// False on load, on verification failure, or for non-Novi sign-in paths.
|
||||
novi_verified: false,
|
||||
// Timestamp (ms since epoch) when the last successful verification occurred.
|
||||
// Used to cache verification results and avoid repeated Novi API calls.
|
||||
novi_verified_ts: null,
|
||||
// If set to a ms timestamp, verification attempts should be skipped until this time.
|
||||
// Used to honor rate-limits and Retry-After behavior.
|
||||
novi_rate_limited_until: null,
|
||||
// Populated from $ae_loc.site_cfg_json at IDAA layout mount — not managed here.
|
||||
// See routes/idaa/(idaa)/+layout.svelte for the override logic.
|
||||
novi_admin_li: [],
|
||||
|
||||
@@ -28,8 +28,32 @@ import { events_func } from '$lib/ae_events/ae_events_functions';
|
||||
|
||||
import Comp_badge_search from './ae_comp__badge_search.svelte';
|
||||
import Comp_badge_obj_li from './ae_comp__badge_obj_li.svelte';
|
||||
import Comp_badge_create_form from './ae_comp__badge_create_form.svelte';
|
||||
|
||||
import { LoaderCircle } from '@lucide/svelte';
|
||||
import { LoaderCircle, UserPlus } from '@lucide/svelte';
|
||||
|
||||
// Load templates for this event so the create form can show the selector and
|
||||
// derive badge_type_code_li from whichever template the user picks.
|
||||
$effect(() => {
|
||||
const event_id = $events_slct?.event_id;
|
||||
if (!event_id) return;
|
||||
events_func.load_ae_obj_li__event_badge_template({
|
||||
api_cfg: $ae_api,
|
||||
event_id,
|
||||
log_lvl: 0
|
||||
});
|
||||
});
|
||||
|
||||
let lq__badge_template_li = $derived(
|
||||
liveQuery(async () => {
|
||||
const event_id = $events_slct?.event_id;
|
||||
if (!event_id) return [];
|
||||
return await db_events.badge_template
|
||||
.where('event_id')
|
||||
.equals(event_id)
|
||||
.sortBy('name');
|
||||
})
|
||||
);
|
||||
// *** Initialization & Store Guard ***
|
||||
// Ensure all search fields are initialized to prevent circular undefined triggers
|
||||
if ($events_loc.badges) {
|
||||
@@ -52,6 +76,7 @@ if ($events_loc.badges) {
|
||||
// Variables
|
||||
let show_create_badge_modal: boolean = $state(false);
|
||||
let show_upload_badge_modal: boolean = $state(false);
|
||||
let create_badge_dialog: HTMLDialogElement | undefined = $state();
|
||||
|
||||
let event_badge_id_li: Array<string> = $state([]);
|
||||
let search_debounce_timer: any = null;
|
||||
@@ -362,6 +387,49 @@ async function handle_search_refresh(params: any) {
|
||||
<Comp_badge_search event_id={$events_slct?.event_id ?? ''} log_lvl={1}
|
||||
></Comp_badge_search>
|
||||
|
||||
{#if $ae_loc.edit_mode}
|
||||
<div class="flex justify-end px-4">
|
||||
<button
|
||||
type="button"
|
||||
class="btn btn-sm preset-tonal-primary border-primary-500 border"
|
||||
onclick={() => {
|
||||
show_create_badge_modal = true;
|
||||
create_badge_dialog?.showModal();
|
||||
}}>
|
||||
<UserPlus size="1em" />
|
||||
Create Badge
|
||||
</button>
|
||||
</div>
|
||||
{/if}
|
||||
|
||||
<!-- Create Badge modal — native <dialog> for focus trap + backdrop.
|
||||
Clicking the backdrop closes it. The form remounts each open so state is fresh. -->
|
||||
<dialog
|
||||
bind:this={create_badge_dialog}
|
||||
class="w-full max-w-lg rounded-xl border border-gray-200 bg-white p-0 shadow-2xl dark:border-gray-700 dark:bg-gray-900"
|
||||
onclick={(e) => { if (e.target === create_badge_dialog) { create_badge_dialog?.close(); show_create_badge_modal = false; } }}
|
||||
onclose={() => { show_create_badge_modal = false; }}>
|
||||
<div class="border-surface-200-800 border-b px-5 py-3">
|
||||
<h2 class="text-surface-900-50 text-base font-semibold">Create Badge</h2>
|
||||
</div>
|
||||
{#if show_create_badge_modal}
|
||||
<Comp_badge_create_form
|
||||
event_id={$events_slct?.event_id ?? ''}
|
||||
template_li={$lq__badge_template_li ?? []}
|
||||
onsuccess={() => {
|
||||
create_badge_dialog?.close();
|
||||
show_create_badge_modal = false;
|
||||
// Trigger a remote-first refresh so the new badge appears in results
|
||||
$events_loc.badges.search_version = ($events_loc.badges.search_version ?? 0) + 1;
|
||||
$events_loc.badges.qry__remote_first = true;
|
||||
}}
|
||||
oncancel={() => {
|
||||
create_badge_dialog?.close();
|
||||
show_create_badge_modal = false;
|
||||
}} />
|
||||
{/if}
|
||||
</dialog>
|
||||
|
||||
{#if $events_sess?.badges?.search_status === 'loading' && event_badge_id_li.length === 0}
|
||||
<div
|
||||
class="flex flex-col items-center justify-center p-10 text-center opacity-50">
|
||||
@@ -371,3 +439,13 @@ async function handle_search_refresh(params: any) {
|
||||
{:else}
|
||||
<Comp_badge_obj_li {lq__event_badge_obj_li} log_lvl={1}></Comp_badge_obj_li>
|
||||
{/if}
|
||||
|
||||
<style>
|
||||
dialog {
|
||||
margin: auto;
|
||||
}
|
||||
dialog::backdrop {
|
||||
background: rgb(0 0 0 / 0.55);
|
||||
backdrop-filter: blur(3px);
|
||||
}
|
||||
</style>
|
||||
|
||||
@@ -1,20 +1,38 @@
|
||||
<script lang="ts">
|
||||
// import { createEventDispatcher } from 'svelte';
|
||||
import { Loader2 } from '@lucide/svelte';
|
||||
import type { key_val } from '$lib/stores/ae_stores';
|
||||
import { events_func } from '$lib/ae_events/ae_events_functions';
|
||||
import { ae_api } from '$lib/stores/ae_stores';
|
||||
import { api } from '$lib/api/api';
|
||||
|
||||
interface Props {
|
||||
event_id: string;
|
||||
/** Template list for this event. Drives the template selector and badge_type_code_li. */
|
||||
template_li?: Array<{ event_badge_template_id?: string | null; name?: string | null; badge_type_list?: string | null }>;
|
||||
onsuccess?: (badge: any) => void;
|
||||
oncancel?: () => void;
|
||||
}
|
||||
|
||||
let { event_id, onsuccess, oncancel }: Props = $props();
|
||||
// Fallback badge type list used only when no template is loaded yet or the selected
|
||||
// template has no badge_type_list defined.
|
||||
const default_badge_type_code_li = [
|
||||
{ code: 'current_member', name: 'Member' },
|
||||
{ code: 'inactive_member', name: 'Non-Member' },
|
||||
{ code: 'guest', name: 'Guest' },
|
||||
{ code: 'ex_all', name: 'Exhibitor' },
|
||||
{ code: 'staff', name: 'Staff' },
|
||||
{ code: 'test', name: 'Test' }
|
||||
];
|
||||
|
||||
// const dispatch = createEventDispatcher();
|
||||
let {
|
||||
event_id,
|
||||
template_li = [],
|
||||
onsuccess,
|
||||
oncancel
|
||||
}: Props = $props();
|
||||
|
||||
let given_name: string = $state('');
|
||||
let family_name: string = $state('');
|
||||
let full_name_override: string = $state('');
|
||||
let professional_title_override: string = $state('');
|
||||
let affiliations_override: string = $state('');
|
||||
@@ -23,124 +41,242 @@ let email: string = $state('');
|
||||
let allow_tracking: boolean = $state(false);
|
||||
let badge_type_code: string = $state('');
|
||||
|
||||
let submit_status: string = $state('idle'); // idle, loading, success, error
|
||||
// Auto-select the first template when only one is available; otherwise let the user pick.
|
||||
// event_badge_template_id is sent to the API so the badge renders with the correct layout.
|
||||
let selected_template_id: string = $state('');
|
||||
$effect(() => {
|
||||
if (template_li.length === 1 && template_li[0].event_badge_template_id) {
|
||||
selected_template_id = template_li[0].event_badge_template_id;
|
||||
}
|
||||
});
|
||||
|
||||
// Example badge type codes (from ae_comp__badge_search.svelte)
|
||||
let badge_type_code_li = [
|
||||
{ code: 'current_member', name: 'Member' },
|
||||
{ code: 'inactive_member', name: 'Non-Member' },
|
||||
{ code: 'current_member_trainee', name: 'Trainee Member' },
|
||||
{ code: 'inactive_member_trainee', name: 'Trainee Non-Member' },
|
||||
{ code: 'ex_all', name: 'Exhibitor All Access' },
|
||||
{ code: 'ex_booth', name: 'Exhibitor Booth Staff' },
|
||||
{ code: 'hftx', name: 'HFTX Master Academy' },
|
||||
{ code: 'mcs', name: 'MCS Master Academy' },
|
||||
{ code: 'pediatric', name: 'Pediatric' },
|
||||
{ code: 'guest', name: 'Guest' },
|
||||
{ code: 'staff', name: 'Staff' },
|
||||
{ code: 'volunteer', name: 'Volunteer' },
|
||||
{ code: 'test', name: 'Test' }
|
||||
];
|
||||
// Derive badge type options from the selected template's badge_type_list JSON.
|
||||
// Fall back to the hardcoded default when no template is selected or its list is empty.
|
||||
let badge_type_code_li = $derived.by(() => {
|
||||
const tmpl = template_li.find((t) => t.event_badge_template_id === selected_template_id);
|
||||
if (!tmpl?.badge_type_list) return default_badge_type_code_li;
|
||||
try {
|
||||
const parsed = JSON.parse(tmpl.badge_type_list);
|
||||
return Array.isArray(parsed) && parsed.length > 0 ? parsed : default_badge_type_code_li;
|
||||
} catch {
|
||||
return default_badge_type_code_li;
|
||||
}
|
||||
});
|
||||
|
||||
// Only show the name override field if the user explicitly wants to customize it.
|
||||
// The preview below the name fields shows what the badge will display — if that looks
|
||||
// good they don't need to touch this.
|
||||
let show_name_override: boolean = $state(false);
|
||||
|
||||
// Live preview of what will print on the badge if no override is set
|
||||
let full_name_preview = $derived(
|
||||
[given_name.trim(), family_name.trim()].filter(Boolean).join(' ') || '—'
|
||||
);
|
||||
|
||||
// 'idle' | 'creating_person' | 'creating_badge' | 'success' | 'error'
|
||||
let submit_status: string = $state('idle');
|
||||
let error_msg: string = $state('');
|
||||
|
||||
async function handle_submit(event: Event) {
|
||||
event.preventDefault();
|
||||
submit_status = 'loading';
|
||||
const data_to_create: key_val = {
|
||||
full_name_override,
|
||||
professional_title_override,
|
||||
affiliations_override,
|
||||
location_override,
|
||||
email,
|
||||
allow_tracking,
|
||||
badge_type_code
|
||||
};
|
||||
submit_status = 'creating_person';
|
||||
error_msg = '';
|
||||
|
||||
// Step 1: Create event_person — the identity record for this attendee.
|
||||
// The V3 create endpoint returns { event_person_id }.
|
||||
// We pass event_person_id to the badge so the backend resolves the FK.
|
||||
let new_person: { event_person_id?: string; obj_id?: string; } | null = null;
|
||||
try {
|
||||
const new_badge = await events_func.create_ae_obj__event_badge({
|
||||
const person_data: key_val = { given_name, family_name, email };
|
||||
new_person = await events_func.create_ae_obj__event_person({
|
||||
api_cfg: $ae_api,
|
||||
event_id: event_id,
|
||||
data_kv: data_to_create
|
||||
event_id,
|
||||
data_kv: person_data
|
||||
});
|
||||
if (new_badge) {
|
||||
} catch (err) {
|
||||
console.error('Error creating event_person:', err);
|
||||
submit_status = 'error';
|
||||
error_msg = 'Failed to create attendee record.';
|
||||
return;
|
||||
}
|
||||
|
||||
const event_person_id = new_person?.event_person_id || new_person?.obj_id;
|
||||
if (!event_person_id) {
|
||||
submit_status = 'error';
|
||||
error_msg = 'Attendee record created but returned no ID.';
|
||||
return;
|
||||
}
|
||||
|
||||
// Step 2: Create event_badge nested under event.
|
||||
// POST /v3/crud/event/{event_id}/event_badge/
|
||||
// Passing event_person_id so the backend links the badge to the person.
|
||||
// Backend needs to handle event_badge creation without injecting event_id as a column
|
||||
// (event_badge gets event_id through event_person in the view, not as a direct FK).
|
||||
submit_status = 'creating_badge';
|
||||
try {
|
||||
const badge_data: key_val = {
|
||||
event_person_id,
|
||||
event_badge_template_id: selected_template_id || null,
|
||||
given_name,
|
||||
family_name,
|
||||
email: email || null,
|
||||
full_name_override: full_name_override || null,
|
||||
professional_title_override: professional_title_override || null,
|
||||
affiliations_override: affiliations_override || null,
|
||||
location_override: location_override || null,
|
||||
allow_tracking,
|
||||
badge_type_code: badge_type_code || null
|
||||
};
|
||||
const new_badge = await api.create_nested_obj({
|
||||
api_cfg: $ae_api,
|
||||
parent_type: 'event_person',
|
||||
parent_id: event_person_id,
|
||||
child_type: 'event_badge',
|
||||
fields: badge_data
|
||||
});
|
||||
if (new_badge?.event_badge_id) {
|
||||
submit_status = 'success';
|
||||
// dispatch('success', new_badge);
|
||||
if (onsuccess) onsuccess(new_badge);
|
||||
} else {
|
||||
submit_status = 'error';
|
||||
// dispatch('error', 'Failed to create badge');
|
||||
error_msg = 'Badge record not returned from API.';
|
||||
}
|
||||
} catch (error) {
|
||||
} catch (err) {
|
||||
console.error('Error creating event_badge:', err);
|
||||
submit_status = 'error';
|
||||
console.error('Error creating badge:', error);
|
||||
// dispatch('error', error);
|
||||
error_msg = `Attendee record created (ID: ${event_person_id}) but badge creation failed.`;
|
||||
}
|
||||
}
|
||||
|
||||
function handle_cancel() {
|
||||
// dispatch('cancel');
|
||||
if (oncancel) oncancel();
|
||||
}
|
||||
|
||||
let is_submitting = $derived(
|
||||
submit_status === 'creating_person' || submit_status === 'creating_badge'
|
||||
);
|
||||
let step_label = $derived(
|
||||
submit_status === 'creating_person'
|
||||
? 'Creating attendee record…'
|
||||
: submit_status === 'creating_badge'
|
||||
? 'Creating badge…'
|
||||
: ''
|
||||
);
|
||||
</script>
|
||||
|
||||
<form onsubmit={handle_submit} class="space-y-4 p-4">
|
||||
<form onsubmit={handle_submit} class="space-y-4 p-5">
|
||||
<div class="grid grid-cols-2 gap-3">
|
||||
<label class="label">
|
||||
<span class="label-text">First Name</span>
|
||||
<input
|
||||
type="text"
|
||||
bind:value={given_name}
|
||||
class="input"
|
||||
required
|
||||
placeholder="Jane" />
|
||||
</label>
|
||||
<label class="label">
|
||||
<span class="label-text">Last Name</span>
|
||||
<input
|
||||
type="text"
|
||||
bind:value={family_name}
|
||||
class="input"
|
||||
required
|
||||
placeholder="Smith" />
|
||||
</label>
|
||||
</div>
|
||||
|
||||
<!-- Live badge name preview. If it looks right, no override needed. -->
|
||||
<div class="flex items-center justify-between gap-2 text-sm">
|
||||
<span class="text-surface-400">Badge will show:
|
||||
<span class="text-surface-900-50 font-semibold">{full_name_preview}</span>
|
||||
</span>
|
||||
<button
|
||||
type="button"
|
||||
class="text-primary-500 hover:text-primary-400 text-xs underline underline-offset-2"
|
||||
onclick={() => { show_name_override = !show_name_override; }}>
|
||||
{show_name_override ? 'Hide override' : 'Customize display name'}
|
||||
</button>
|
||||
</div>
|
||||
|
||||
{#if show_name_override}
|
||||
<label class="label">
|
||||
<span class="label-text">Display Name Override</span>
|
||||
<input
|
||||
type="text"
|
||||
bind:value={full_name_override}
|
||||
class="input"
|
||||
placeholder="e.g. Dr. Jane Smith, PhD" />
|
||||
</label>
|
||||
{/if}
|
||||
|
||||
<label class="label">
|
||||
<span>Full Name Override</span>
|
||||
<input type="text" bind:value={full_name_override} class="input" />
|
||||
<span class="label-text">Email</span>
|
||||
<input type="email" bind:value={email} class="input" placeholder="jane@example.com" />
|
||||
</label>
|
||||
{#if template_li.length > 1}
|
||||
<!-- Template selector — only shown when the event has multiple templates.
|
||||
Single-template events auto-select; the selector would just add noise. -->
|
||||
<label class="label">
|
||||
<span class="label-text">Badge Template</span>
|
||||
<select bind:value={selected_template_id} class="select">
|
||||
<option value="">-- Select Template --</option>
|
||||
{#each template_li as tmpl (tmpl.event_badge_template_id)}
|
||||
<option value={tmpl.event_badge_template_id}>{tmpl.name}</option>
|
||||
{/each}
|
||||
</select>
|
||||
</label>
|
||||
{/if}
|
||||
<label class="label">
|
||||
<span>Professional Title Override</span>
|
||||
<input
|
||||
type="text"
|
||||
bind:value={professional_title_override}
|
||||
class="input" />
|
||||
</label>
|
||||
<label class="label">
|
||||
<span>Affiliations Override</span>
|
||||
<textarea bind:value={affiliations_override} class="textarea" rows="2"
|
||||
></textarea>
|
||||
</label>
|
||||
<label class="label">
|
||||
<span>Location Override</span>
|
||||
<input type="text" bind:value={location_override} class="input" />
|
||||
</label>
|
||||
<label class="label">
|
||||
<span>Email</span>
|
||||
<input type="email" bind:value={email} class="input" />
|
||||
</label>
|
||||
<label class="label flex items-center gap-2">
|
||||
<input type="checkbox" bind:checked={allow_tracking} class="checkbox" />
|
||||
<span>Allow Tracking</span>
|
||||
</label>
|
||||
<label class="label">
|
||||
<span>Badge Type</span>
|
||||
<span class="label-text">Badge Type</span>
|
||||
<select bind:value={badge_type_code} class="select">
|
||||
<option value="">-- Select Badge Type --</option>
|
||||
{#each badge_type_code_li as type_code_item (type_code_item.code)}
|
||||
<option value={type_code_item.code}
|
||||
>{type_code_item.name}</option>
|
||||
{#each badge_type_code_li as item (item.code)}
|
||||
<option value={item.code}>{item.name}</option>
|
||||
{/each}
|
||||
</select>
|
||||
</label>
|
||||
|
||||
<div class="flex justify-end gap-2">
|
||||
<hr class="border-surface-300-600" />
|
||||
|
||||
<label class="label">
|
||||
<span class="label-text">Professional Title <span class="text-surface-400 font-normal">(optional)</span></span>
|
||||
<input type="text" bind:value={professional_title_override} class="input" placeholder="e.g. Chief Medical Officer" />
|
||||
</label>
|
||||
<label class="label">
|
||||
<span class="label-text">Organization <span class="text-surface-400 font-normal">(optional)</span></span>
|
||||
<input type="text" bind:value={affiliations_override} class="input" placeholder="e.g. Acme Hospital" />
|
||||
</label>
|
||||
<label class="label">
|
||||
<span class="label-text">Location <span class="text-surface-400 font-normal">(optional)</span></span>
|
||||
<input type="text" bind:value={location_override} class="input" placeholder="City, State" />
|
||||
</label>
|
||||
<label class="flex items-center gap-2">
|
||||
<input type="checkbox" bind:checked={allow_tracking} class="checkbox" />
|
||||
<span class="text-sm">Allow lead tracking</span>
|
||||
</label>
|
||||
|
||||
{#if submit_status === 'error'}
|
||||
<p class="text-error-500 text-sm">{error_msg || 'An error occurred. Please try again.'}</p>
|
||||
{/if}
|
||||
|
||||
<div class="flex items-center justify-end gap-2">
|
||||
{#if is_submitting}
|
||||
<span class="text-surface-400 flex items-center gap-1 text-sm">
|
||||
<Loader2 size="1em" class="animate-spin" />
|
||||
{step_label}
|
||||
</span>
|
||||
{/if}
|
||||
<button
|
||||
type="button"
|
||||
class="btn preset-tonal-surface"
|
||||
disabled={is_submitting}
|
||||
onclick={handle_cancel}>Cancel</button>
|
||||
<button
|
||||
type="submit"
|
||||
class="btn preset-filled-primary"
|
||||
disabled={submit_status === 'loading'}>
|
||||
{#if submit_status === 'loading'}
|
||||
<Loader2 size="1em" class="animate-spin" aria-hidden="true" />
|
||||
{/if}
|
||||
disabled={is_submitting || !given_name || !family_name}>
|
||||
Create Badge
|
||||
</button>
|
||||
</div>
|
||||
</form>
|
||||
|
||||
{#if submit_status === 'success'}
|
||||
<p class="text-green-500">Badge created successfully!</p>
|
||||
{:else if submit_status === 'error'}
|
||||
<p class="text-red-500">Error creating badge. Please try again.</p>
|
||||
{/if}
|
||||
|
||||
@@ -26,15 +26,26 @@ interface Props {
|
||||
|
||||
let { data, children }: Props = $props();
|
||||
|
||||
// True while verification is in flight OR while waiting for site config to load.
|
||||
// Pre-initialized to true if a UUID is present so there is no flash of "Access Denied"
|
||||
// on first render before the effect has a chance to run.
|
||||
let novi_verifying: boolean = $state(
|
||||
typeof window !== 'undefined' &&
|
||||
!!new URLSearchParams(window.location.search).get('uuid')
|
||||
);
|
||||
// UUID is set by Novi when loading the iframe — fixed for this page's lifetime.
|
||||
// Impersonation causes a full iframe reload (new page load), not a SvelteKit navigation,
|
||||
// so reading this once is correct and avoids reactive noise from client-side navigation.
|
||||
// NOTE: If Novi ever adds dynamic impersonation (no full reload), this needs revisiting —
|
||||
// reintroduce $derived.by on data.url and the UUID-change guards removed in this commit.
|
||||
const url_uuid = browser ? new URLSearchParams(window.location.search).get('uuid') : null;
|
||||
|
||||
// Effect 1: Set URL origin and params (unchanged from original)
|
||||
// True while the Novi API call is in flight.
|
||||
// Pre-initialized to true when a UUID is present to prevent an "Access Denied" flash
|
||||
// before the effect has a chance to run on first render.
|
||||
let novi_verifying: boolean = $state(!!url_uuid);
|
||||
|
||||
// Concurrency guard — separate from novi_verifying (the UI spinner).
|
||||
// Do NOT use novi_verifying as a concurrency guard: it is pre-initialized to true,
|
||||
// which would cause the guard to fire immediately and skip verification entirely.
|
||||
let verify_in_flight = false;
|
||||
|
||||
const VERIFIED_TTL_MS_DEFAULT = 5 * 60 * 1000; // 5 minutes
|
||||
|
||||
// Effect 1: Set URL origin and params
|
||||
$effect(() => {
|
||||
untrack(() => {
|
||||
$ae_loc.url_origin = data.url.origin;
|
||||
@@ -47,54 +58,52 @@ $effect(() => {
|
||||
});
|
||||
|
||||
// Effect 2: Novi UUID verification
|
||||
// Only fires when a uuid is present in the URL (i.e. the Novi iframe path).
|
||||
// Non-Novi sign-in paths (User/Pass, shared passcode) will never have a uuid param,
|
||||
// so this block won't run for them — their permissions are unaffected.
|
||||
// The only reactive dependency is $ae_loc.site_cfg_json — the API key arrives async
|
||||
// via SWR background fetch and may not be populated on first render. Reading it outside
|
||||
// untrack() ensures the effect re-runs when the config loads.
|
||||
// The UUID is not reactive (read once above via window.location.search).
|
||||
$effect(() => {
|
||||
if (!browser) return;
|
||||
|
||||
const uuid = data.url.searchParams.get('uuid'); // tracked — re-runs if URL changes
|
||||
|
||||
// WHY tracked outside untrack: on first load the fast-path returns a stale Dexie
|
||||
// cache, so site_cfg_json may be missing novi_idaa_api_key when this effect first
|
||||
// runs. The background refresh in ae_core__site.ts pushes fresh cfg_json into
|
||||
// $ae_loc after the API responds. Tracking here means this effect re-runs at that
|
||||
// point and retries verification with the correct key — no manual reload needed.
|
||||
const site_cfg_json = $ae_loc.site_cfg_json;
|
||||
const site_cfg = $ae_loc.site_cfg_json || {};
|
||||
const api_key: string | null = site_cfg.novi_idaa_api_key ?? null;
|
||||
const api_root: string = site_cfg.novi_api_root_url ?? 'https://www.idaa.org/api';
|
||||
const admin_li: string[] = site_cfg.novi_admin_li ?? [];
|
||||
const trusted_li: string[] = site_cfg.novi_trusted_li ?? [];
|
||||
const ttl_ms: number = site_cfg.novi_verified_ttl_ms ?? VERIFIED_TTL_MS_DEFAULT;
|
||||
|
||||
untrack(() => {
|
||||
if (!uuid) {
|
||||
// No UUID in URL — non-Novi path, nothing to do here.
|
||||
if (!url_uuid) {
|
||||
// No UUID in URL — non-Novi path (user/pass or shared passcode sign-in).
|
||||
$idaa_loc.novi_verified = false;
|
||||
novi_verifying = false;
|
||||
return;
|
||||
}
|
||||
|
||||
// Already verified for this exact UUID — don't repeat the round-trip.
|
||||
// This guard fires when site_cfg_json changes for reasons unrelated to Novi.
|
||||
if ($idaa_loc.novi_verified && $idaa_loc.novi_uuid === uuid) {
|
||||
if (verify_in_flight) return;
|
||||
|
||||
// TTL cache: skip if this UUID was recently verified.
|
||||
// Prevents duplicate API calls when site_cfg_json updates multiple times (SWR pattern).
|
||||
const now = Date.now();
|
||||
if (
|
||||
$idaa_loc.novi_verified &&
|
||||
$idaa_loc.novi_uuid === url_uuid &&
|
||||
$idaa_loc.novi_verified_ts &&
|
||||
now - $idaa_loc.novi_verified_ts < ttl_ms
|
||||
) {
|
||||
if (log_lvl) console.log(`IDAA Layout: cached verification valid for ${url_uuid}`);
|
||||
novi_verifying = false;
|
||||
return;
|
||||
}
|
||||
|
||||
// Load admin/trusted lists from site config first — needed by verify function.
|
||||
// Only override if site_cfg_json actually provides them; falling back to [] would
|
||||
// silently overwrite the hardcoded defaults in ae_idaa_stores.ts.
|
||||
if (site_cfg_json?.novi_admin_li?.length) {
|
||||
$idaa_loc.novi_admin_li = site_cfg_json.novi_admin_li;
|
||||
}
|
||||
if (site_cfg_json?.novi_trusted_li?.length) {
|
||||
$idaa_loc.novi_trusted_li = site_cfg_json.novi_trusted_li;
|
||||
}
|
||||
// Load admin/trusted lists before calling verify.
|
||||
// Only override when site_cfg provides them — don't wipe hardcoded defaults with [].
|
||||
if (admin_li?.length) $idaa_loc.novi_admin_li = admin_li;
|
||||
if (trusted_li?.length) $idaa_loc.novi_trusted_li = trusted_li;
|
||||
|
||||
const novi_api_key = site_cfg_json?.novi_idaa_api_key ?? null;
|
||||
const novi_api_root_url =
|
||||
site_cfg_json?.novi_api_root_url ?? 'https://www.idaa.org/api';
|
||||
|
||||
// Fire-and-forget the async verification. After the first await, Svelte's
|
||||
// reactive tracking no longer applies, so writes to stores are safe.
|
||||
verify_in_flight = true;
|
||||
novi_verifying = true;
|
||||
verify_novi_uuid(uuid, novi_api_key, novi_api_root_url);
|
||||
verify_novi_uuid(url_uuid, api_key, api_root);
|
||||
});
|
||||
});
|
||||
|
||||
@@ -102,31 +111,28 @@ $effect(() => {
|
||||
* Verifies a Novi UUID against the Novi API and sets permissions accordingly.
|
||||
* "All or nothing" — if no API key is configured or the call fails, access is denied.
|
||||
* Called from within untrack(), so store writes here will not trigger reactive loops.
|
||||
* On a 429 rate-limit response, waits 10 seconds and retries once before failing.
|
||||
*/
|
||||
async function verify_novi_uuid(
|
||||
uuid: string,
|
||||
api_key: string | null,
|
||||
api_root_url: string
|
||||
api_root_url: string,
|
||||
is_retry: boolean = false
|
||||
) {
|
||||
console.log(`IDAA Layout: Starting Novi UUID verification for ${uuid}...`);
|
||||
if (!api_key) {
|
||||
// No Novi API key in site config. All-or-nothing means no UUID-based access.
|
||||
console.warn(
|
||||
'IDAA Layout: Novi API key not configured. UUID-based access denied.'
|
||||
);
|
||||
console.warn('IDAA Layout: Novi API key not configured. UUID-based access denied.');
|
||||
$idaa_loc.novi_uuid = null;
|
||||
$idaa_loc.novi_email = null;
|
||||
$idaa_loc.novi_full_name = null;
|
||||
$idaa_loc.novi_verified = false;
|
||||
verify_in_flight = false;
|
||||
novi_verifying = false;
|
||||
return;
|
||||
}
|
||||
|
||||
try {
|
||||
if (log_lvl > 1) {
|
||||
console.log(`IDAA Layout: Verifying Novi UUID ${uuid} via API...`);
|
||||
}
|
||||
|
||||
const headers = new Headers();
|
||||
headers.append('Authorization', `Basic ${api_key}`);
|
||||
const response = await fetch(`${api_root_url}/customers/${uuid}`, {
|
||||
@@ -134,10 +140,18 @@ async function verify_novi_uuid(
|
||||
headers
|
||||
});
|
||||
|
||||
if (response.status === 429) {
|
||||
if (is_retry) {
|
||||
throw new Error(`Novi API rate limited for UUID ${uuid} (retry also failed)`);
|
||||
}
|
||||
console.warn(`IDAA Layout: Novi API rate limited (429) for ${uuid}. Retrying in 10s...`);
|
||||
await new Promise<void>((resolve) => setTimeout(resolve, 10_000));
|
||||
await verify_novi_uuid(uuid, api_key, api_root_url, true);
|
||||
return;
|
||||
}
|
||||
|
||||
if (!response.ok) {
|
||||
throw new Error(
|
||||
`Novi API returned ${response.status} for UUID ${uuid}`
|
||||
);
|
||||
throw new Error(`Novi API returned ${response.status} for UUID ${uuid}`);
|
||||
}
|
||||
|
||||
const result = await response.json();
|
||||
@@ -161,6 +175,7 @@ async function verify_novi_uuid(
|
||||
$idaa_loc.novi_email = verified_email;
|
||||
$idaa_loc.novi_full_name = verified_name;
|
||||
$idaa_loc.novi_verified = true;
|
||||
$idaa_loc.novi_verified_ts = Date.now();
|
||||
|
||||
console.log(
|
||||
`IDAA Layout: Novi UUID verified. Name: ${verified_name}, Email: ${verified_email}`
|
||||
@@ -178,21 +193,12 @@ async function verify_novi_uuid(
|
||||
// PERMISSION UPGRADE STRATEGY: only apply if higher than current level.
|
||||
// This prevents a global 'manager' from being downgraded by the IDAA layout.
|
||||
const current_level = $ae_loc.access_type || 'anonymous';
|
||||
if (
|
||||
ae_util.compare_access_levels(target_novi_level, current_level) ===
|
||||
1
|
||||
) {
|
||||
if (ae_util.compare_access_levels(target_novi_level, current_level) === 1) {
|
||||
console.log(
|
||||
`IDAA Layout: Upgrading access from ${current_level} to ${target_novi_level} (Novi verified)`
|
||||
);
|
||||
const perms = ae_util.process_permission_checks(target_novi_level);
|
||||
$ae_loc = { ...$ae_loc, ...perms };
|
||||
} else {
|
||||
if (log_lvl > 1) {
|
||||
console.log(
|
||||
`IDAA Layout: Keeping current access ${current_level} (Novi level ${target_novi_level} is not an upgrade)`
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
// Reset BB query filters to safe defaults in case they were left in a non-default state.
|
||||
@@ -209,6 +215,7 @@ async function verify_novi_uuid(
|
||||
$idaa_loc.novi_full_name = null;
|
||||
$idaa_loc.novi_verified = false;
|
||||
} finally {
|
||||
verify_in_flight = false;
|
||||
novi_verifying = false;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -29,11 +29,15 @@
|
||||
let novi_customer_uid = '<%=Novi.User.CustomerUniqueId%>'; // NOTE: The Novi UUID for the current current user/customer
|
||||
console.log(`Novi's Current User's ID: ${novi_customer_uid}`);
|
||||
|
||||
let novi_group_uid = 'check-Novi-Group-UID';
|
||||
// let novi_category_id = ''; // Not in use yet or at all?
|
||||
|
||||
// NOTE: Change the room_name value to the desired Jitsi room name for the meeting.
|
||||
// Example meeting room names:
|
||||
// 'IDAA-Meeting' 'IDAA-Student-and-Resident-Meeting' 'IDAA-Couples-Meeting' 'IDAA-BIPOC-Meeting'
|
||||
let room_name = 'IDAA-Example-Meeting'; // // NOTE: Change this example meeting room name
|
||||
// Example meeting room names: 'IDAA-Meeting' 'IDAA-Student-and-Resident-Meeting'
|
||||
// let novi_group_id = ''; // Not in use yet
|
||||
// let novi_category_id = ''; // Not in use yet
|
||||
|
||||
|
||||
|
||||
// WARNING:Do *not* use relative paths here. They must be direct to the site OSIT is hosting for IDAA. This value must point to the Svelte Jitsi page.
|
||||
let idaa_osit_ae_api_root_url =
|
||||
@@ -50,7 +54,7 @@
|
||||
);
|
||||
|
||||
idaa_ae_iframe_element.src =
|
||||
`${idaa_osit_ae_api_root_url}?uuid=${novi_customer_uid}&iframe=true&key=${idaa_osit_ae_site_key}&room=${room_name}`
|
||||
`${idaa_osit_ae_api_root_url}?uuid=${novi_customer_uid}&g_uuid=${novi_group_uid}&iframe=true&key=${idaa_osit_ae_site_key}&room=${room_name}`
|
||||
;
|
||||
|
||||
</script>
|
||||
|
||||
Reference in New Issue
Block a user