# Frontend Agent Task List
> **Doc Owner:** Active frontend implementation team (human + agent)
> **Review Trigger:** Update when work starts, completes, changes priority, or moves to an archive.
> Use this file to track steps for complex features or bug fixes.
> **Status:** Stable — ongoing development.
> **Scope:** Active/open work only. Completed detail lives in archive files.

## ✅ LCI October — Pres Mgmt Restoration (complete 2026-06-16)

These features regressed over the last 6 months and must be working before the LCI conference. Reference commit for original working implementation: `bb993a102`.

**2026-06-16:** Pres Mgmt's config sync architecture was overhauled the same day this list's LCI event data was used for live testing — `lock_config` removed (was causing "sometimes works" reports tied to save history, not current settings), POC/Location list-table column bugs fixed (admin setting was being silently ignored), QR display fixed to match the intended global-default-with-trusted-override design, and the Config page got a documentation pass (title tooltips, POC settings split into its own section). None of this touches the open items below, but anyone picking those up should know the sync layer underneath them is in a meaningfully different (and better-understood) state now. Full incident log: `PROJECT__AE_Events_PressMgmt_Config_Cleanup.md`.

### Session POC (Champion/Moderator) — `session_view.svelte`

**Root cause of visible bugs:** The POC section is placed *below* the session hero card as a separate disconnected block. In the original it was part of a structured `<ul>` with the session name, code, datetime, location, and description all together. The current layout looks and feels wrong to users.

- [x] **[Pres Mgmt] POC section — move inside session hero card** (2026-06-12) Restructured hero card as a `<ul>` with datetime, room, and POC as rows inside the card. Session name and code are now always visible (not just in edit_mode — that was a bug).
- [x] **[Pres Mgmt] POC assignment — "Select Person" flow broken** (2026-06-12) Gated the select editor on `person_options_loaded` (`Object.keys($slct.person_obj_kv).length > 0`). "Select Person" button renders as "Reload Person" after list is loaded.
- [x] **[Pres Mgmt] Email Session POC sign-in link — UI missing** (2026-06-12) Restored email button in POC row with `sending/sent/error` state feedback. Shown when `require__session_agree && show__email_access_link && poc_person_primary_email`.
- [x] **[Pres Mgmt] Copy Session POC access link — UI missing from session view** (2026-06-12) Restored inline `MyClipboard` copy button in POC row for trusted staff. Shown when `show__copy_access_link && trusted_access && poc_sign_in_url`.

### Presenter Sign-In

- [x] **[Pres Mgmt] Presenter email sign-in link routes to wrong page** (fixed 2026-06-12, commit `e05602b87`; verified 2026-06-16) `email_sign_in__event_presenter()` now builds a URL to `/session/[session_id]?...&presenter_id=...&presentation_id=...` instead of `/presenter/[id]` — confirmed in `ae_events__event_presenter.ts`. Verified `sign_in_out.svelte` (mounted on the session page) reads `presenter_id`/`presentation_id` from the URL and grants presenter-level auth via `auth__kv.presenter`/`auth__kv.presentation`, not just session read access.
- [x] **[Pres Mgmt] Presenter agreement not enforced before file upload** (fixed 2026-06-16) `presenter_is_authed` only checked sign-in state, never `.agree`, so a presenter could upload without agreeing whenever `require__presenter_agree` was on. Added a new derived `presenter_agree_ok` (`trusted_access || !require__presenter_agree || auth__event_presenter_obj.agree`) and `presenter_can_upload` (`presenter_is_authed && presenter_agree_ok`) in `presenter/[presenter_id]/+page.svelte`, and swapped it in everywhere the upload UI/file-list permissions are gated (both the default view and the `manage_files` alt view — the latter's `public_access` identity bypass is preserved but still requires `presenter_agree_ok`). Also added an inline warning message in place of the upload section when signed in but pending agreement, instead of it just silently disappearing.

### Session POC Sign-In

- [x] **[Pres Mgmt] `session_page_menu.svelte` sign-in prop** (verified correct, 2026-06-16) `event_session_id={$lq__event_session_obj?.event_session_id}` — confirmed this is the real session ID from the loaded session object, not the raw URL param. The sign-in component's separate `url_session_id` (parsed from a `session_id` query param) is intentionally a different thing — it's only used for the POC/Champion sign-in link shape, not the presenter flow, which relies on the route's own `[session_id]` path param via this prop. No bug found.

---

## 🚧 Launcher/Electron — Wallpaper Reliability (post-CMSC)

- [ ] **[Launcher/Electron] Wallpaper reliability**
  - [ ] Use timestamp/randomized temp filename so macOS always sees a new path.
  - [ ] Add resilient reconciliation loop or event-driven reapply on display topology changes.

---

## 🚧 Badges follow-ups (post-Axonius DC, downgraded 2026-06-16)

Axonius DC (June 9) is done — the show happened and the badge layout work that was 🔴 for it is complete. Downgraded from 🔴 to 🚧; these are normal backlog now, no event deadline attached. Revisit before the next badge-printing event.

- [ ] **[Badges] Implement review-link email delivery** — current Email Link actions only show placeholder alerts. Send to `event_badge.email`, never the attendee-editable `email_override`.
- [ ] **[Badges] Unify review and kiosk edit permissions** — remote review reads `event.mod_badges_json.edit_permissions`; print controls read template `cfg_json.controls_cfg`. Define precedence or consolidate them so both flows enforce one documented policy.
- [ ] **[Badges] Use template badge types in search filter** — replace the hardcoded badge-type list in `ae_comp__badge_search.svelte` with the active template's `badge_type_list`. Checked 2026-06-16: confirmed still not done — the list is still hardcoded ("Axonius 2026 badge type codes") with its own `// TODO: drive this from the event's badge templates` comment above it.

---

## 🚧 AE Obj Field Editor — `_new` Rewrite (planning, 2026-06-16)

`element_ae_obj_field_editor.svelte` is getting a parallel-run rewrite: Skeleton UI → Tailwind/Flowbite, removes the dead `object_reload` prop, fixes datetime format conversion (currently the caller's job, one-directional), fixes a latent select-binding type-coercion landmine, adds `email`/`url`/`tel` field types, adds generics for `current_value`/`draft_value`. Both versions run side by side until all 8 call sites are migrated and verified; see `PROJECT__AE_Obj_Field_Editor_New.md` for the full plan and migration order. Not started yet — no code written.

---

## 🚧 V3 CRUD Migration (Surgical Cleanup)
Finalizing the 100% adoption of V3 Standard endpoints and retirement of legacy wrappers.

- [ ] **[Core] Legacy Utility Helpers** — Refactor `ae_core_functions.ts` to use V3 helpers.
- [ ] **[Cleanup] Delete Legacy Wrappers** — Once all callsites are migrated, remove `src/lib/ae_api/api_get__crud_obj_id.ts` and the legacy exports from `api.ts`.

---

## 🚧 High Priority Workstreams

### [Security] Site Passcode JWT Migration

- [ ] **[Security] Verify `/authenticate_passcode` deployment** — confirm explicit role priority, complete role flags, `auth_type: 'passcode'`, per-role TTLs, and minimum length validation.
- [ ] **[Security] Replace local passcode comparison** — migrate `e_app_access_type.svelte` to server verification, JWT storage, and pending/error UI.
- [ ] **[Security] Remove client-side passcode delivery/storage** — stop caching `access_code_kv_json`, remove `site_access_code_kv` from auth state, and remove passcode logging.
- [ ] **[Security] Enforce passcode JWT expiry on restore** — expired passcode sessions must return to anonymous without affecting user-login JWT handling.

Reference: `documentation/PROJECT__AE_Site_Passcode_Security.md`.

### [Stores] Svelte 4 → Svelte 5 State Migration
The app uses `svelte-persisted-store` (coarse reactivity). Migration target: replace with Svelte 5 `PersistedState` (from `runed`) for fine-grained updates. See `PROJECT__Stores_Svelte5_Migration.md`.

- [x] **Events module — COMPLETE (2026-06-11):** `events_loc` fully retired. All 5 sub-stores (`badges_loc`, `leads_loc`, `pres_mgmt_loc`, `launcher_loc`, `events_auth_loc`) are on `PersistedState`. Unused fields also pruned from `ae_stores.ts` and `ae_idaa_stores.ts`.
- [ ] **`idaa_loc` → PersistedState** — Highest remaining priority. Root cause of the IDAA "Access Denied" corruption bug (`ae_loc` bootstrap writes stomp on `authenticated_access`). Promote `novi_*` identity fields and `archives/bb/recovery_meetings` sub-objects.
- [ ] **`ae_loc` → PersistedState** — Largest scope. Extract `auth_loc` sub-store first (the identity/permission fields are what get corrupted). Defer full migration until after `idaa_loc`.
- [ ] **Non-persisted writables** (`ae_sess`, `slct`, etc.) — Low priority; no coarse-reactivity problem.

### [Data Layer] IDB sorting + content version rollout
Sorting baseline is now `build_tmp_sort` (ASC chain, no `.reverse()` on tmp-sort lists).

**⚠️ Exception:** `ae_events__event.ts` and `ae_events__event_session.ts` use **legacy encoding** (`priority ? 1 : 0`, priority=true→`'1'`). Their sort comparators must remain **descending** until the modules are migrated to `build_tmp_sort`. `ae_events__event_presentation.ts` already uses `build_tmp_sort` (overrides generic encoding in its `specific_processor`). See `CLIENT__IDAA_and_customized_mods.md` → "Sort Encoding" for full table.

- [ ] **[IDB Sort] Migrate `ae_events__event.ts` to `build_tmp_sort`** — requires bumping `IDB_CONTENT_VERSIONS.events.event` (currently v3) and switching all event sort comparators to ascending. Check all pages that sort events before doing this.
- [ ] **[IDB Sort] Roll out to `ae_events__event_session`** after sort behavior review.
- [ ] **[IDB Sort] Roll out to `ae_events__event_presenter`** after sort behavior review.
- [ ] **[IDB Sort] Roll out to `ae_events__event_location`** after sort behavior review.
- [ ] **[IDB Sort] Roll out to `ae_core__person` + `ae_core__account`** after sort behavior review.
- [ ] **[IDB Version] Roll out to `db_events.ts`** (session, presenter, badge, etc.).
- [ ] **[IDB Version] Roll out to `db_core.ts`** (site_domain, person, user).

### [Journals] Journal Entry Config follow-ups

- [ ] **[Journals] Entry passcode secondary auth** — implement `passcode_hash` comparison.
- [ ] **[Journals] Quick Add/import encryption behavior** — both creation paths currently create plaintext entries; define the intended privacy UX and add encryption support before claiming that these paths honor entry E2EE.
- [ ] **[Journals] Remove decrypted-content console preview** — `ae_journals_decryption.ts` logs the first 30 plaintext characters after successful decryption. Never log private journal content.
- [ ] **[Journals] Confirm outbound email-sharing requirement** — the archived UI project listed this as unfinished, but no implementation exists. Confirm product/security requirements before creating an email workflow for private journal content.

---

## 🧪 Testing & Optimization

- [ ] **[IDAA] IDB fast-path contact search** — parse `contact_li_json` in `search__event()`.
- [ ] **[IDAA] Optimize Recovery Meetings SQL VIEW and indexes.**
- [ ] **[IDAA / Events] Audit `default_qry_str` coverage** in all other event search pages.
- [ ] **[Launcher/VLC] Linux playback investigation** — fullscreen + pause-on-end flags.

---

## ⚙️ DevOps & Backend

- [ ] **[Cleanup] Remove unused legacy API wrappers** — `create_ae_obj_crud()`, `get_ae_obj_id_crud()`, and `update_ae_obj_id_crud()` are still exported from `api.ts` but no longer called anywhere in production code. V3 migration is 100% complete. Safe to delete: definitions in `api.ts` (lines 109-260), `src/lib/ae_api/api_get__crud_obj_id.ts`, unused wrapper in `ae_core_functions.ts` (`get_site_domain_obj_from_fqdn`, `update_ae_obj_id_crud`).
- [ ] **[Backend] `event_file` — add `cfg_json` column (post-CMSC)** — The per-file display override currently uses a localStorage workaround (`launcher_loc.current.file_display_overrides`) because `event_file` has no JSON blob column. Proper fix: add `cfg_json` to the `event_file` DB table, expose it through the FastAPI model, then migrate the frontend back to reading/writing the backend field (restoring global/cross-device persistence). Frontend code is in `launcher_file_cont.svelte` — search for `file_display_overrides`.
- [ ] **[Backend] Re-add `Access-Control-Allow-Private-Network: true` CORS header.**
- [x] **[DevOps] Service worker `skipWaiting` + `clients.claim`** — Root cause of "users see old code / can't reproduce in dev testing": the SW sat in waiting state until all tabs closed. IDAA members leave idaa.org open all day. Fixed 2026-06-03: both calls added to `src/service-worker.js`. See mistake #16 in `BOOTSTRAP__AI_Agent_Quickstart.md`.
- [ ] **[DevOps] Nginx proxy buffer tuning** — Buffer settings copied from PHP guide; not optimal for Node.js. `proxy_busy_buffers_size` technically exceeds safe limit. Re-examine when enabling compression (now re-enabled) stabilizes.
- [ ] **[DevOps] Simplify Dockerfile env file selection** — Use plain `.env` instead of `BUILD_MODE`.

---

## ✅ Completed (archived)
See the full completed history in:
[documentation/archive/TODO__Agents__ARCHIVE_2026-03.md](documentation/archive/TODO__Agents__ARCHIVE_2026-03.md)
[documentation/archive/TODO__Agents__ARCHIVE_2026-04.md](documentation/archive/TODO__Agents__ARCHIVE_2026-04.md)
[documentation/archive/TODO__Agents__ARCHIVE_2026-05.md](documentation/archive/TODO__Agents__ARCHIVE_2026-05.md)
[documentation/archive/TODO__Agents__ARCHIVE_2026-06.md](documentation/archive/TODO__Agents__ARCHIVE_2026-06.md)