Scott.Idem/OSIT-AE-App-Svelte
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
52c9e765a0228cef7eda0efa03f95e7a4e41c7ae
OSIT-AE-App-Svelte/documentation/AGENT_TODO.md
Scott Idem e2e120456e Enhanced Events Launcher Location loading and instructions. 
Implemented explicit 'enabled' and 'hidden' parameter support in the Event data layer ('load_ae_obj_id__event').

Updated the Events Launcher layout and background sync engine to proactively fetch all enabled locations (including hidden ones), ensuring the room select list is complete and stays updated.

Refined 'launcher_file_cont.svelte' to only display native-specific file opening instructions when 'app_mode' is 'native'.

Updated AGENT_TODO.md to reflect task completion and new priorities.
2026-02-19 17:54:21 -05:00

1.9 KiB
Raw Blame History

Frontend Agent Task List

Use this file to track steps for complex features or bug fixes. Status: 🔴 Sev-1 Security Incident Recovery / Stabilized.

📋 Active Task: Post-Incident Security Recovery

  • Step 1: Conduct full audit of PUBLIC_AE_API_SECRET_KEY usage. Determine if it can be moved to server-side only.
  • Step 2: Replace simulation tests (tests/verify_jwt_logic.js) with real Playwright integration tests hitting the local dev API.
  • Step 3: Implement formal error boundaries for 403/401 API responses to provide user-friendly "Session Expired" or "Access Denied" UI.

🚧 Upcoming High Priority

  • Events Launcher: Investigate why not all Event Locations are showing in the select options list. Modify event loading to include the full location list.
  • CRUD v2 Refactor: Finalize retirement of Element_ae_crud_v2.svelte in favor of V3 Editor.
  • Temp Cleanup: Auto-removal of native .tmp files older than 24h.

Completed Recently

  • [API] Event File V3 Mapping: Implemented inc_hosted_file support and mapped prefixed backend fields (hosted_file_hash_sha256, etc.) to flat properties.
  • [UI] Badge Rendering Fix: Refactored badge_template lookup to use V3 Triple ID pattern.
  • [API] event_session Search Fix: Resolved 400 error (Unauthorized search field 'account_id') via backend update.
  • [Security] Purged redundant x-aether-api-token from frontend and notified backend.
  • [Security] Fixed misplaced Access-Control-Allow-Origin request headers.
  • [Security] Implemented "Account ID Scavenging" to fix hydration race conditions.
  • [API] Unified all CRUD helpers to standard V3 /v3/crud/... paths.
  • [Framework] Implemented AE_Obj_Field_Editor_V3 with Svelte 5 Runes.
  • [IDAA] Verify Bulletin Board and Recovery Meetings functionality.
Reference in New Issue View Git Blame Copy Permalink