761fa69824
Fixed three issues in ae_comp__badge_obj_view.svelte:
1. Bug: {#await} block used src={qr_data_url} (the Promise) instead of src={result}
(the resolved data URL) — QR image never displayed correctly on badge front.
2. Layout: .special div had no flex context; added flex-row + items-end so the QR
sits at the bottom-right of the body section via ml-auto.
3. Cleanup: removed dead second QR block that awaited event_badge_qr_id_get_promise
(always null), which could never render.
Also marks CRUD v2 refactor as complete in TODO__Agents.md.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
5.9 KiB
5.9 KiB
Frontend Agent Task List
Use this file to track steps for complex features or bug fixes. Status: 🔴 Sev-1 Security Incident Recovery / Stabilized.
📋 Active Task: Post-Incident Security Recovery
- Step 1: Conduct full audit of
PUBLIC_AE_API_SECRET_KEYusage. Determine if it can be moved to server-side only. - Step 2: Replace simulation tests (
tests/verify_jwt_logic.js) with real Playwright integration tests hitting the local dev API. - Step 3: Implement formal error boundaries for 403/401 API responses to provide user-friendly "Session Expired" or "Access Denied" UI.
🚧 Upcoming High Priority
[Badges] Remaining badge work before first live event
- QR code on badge front:
ae_comp__badge_obj_view.svelte— display QR on the printed face when template hasshow_qr(or equivalent) toggled on. Use same QR generation as review form (core_func.js_generate_qr_code). See TASK 4 inPROJECT__AE_Events_Badges_Review_Print.md. - Badge print controls UX polish: Scott has improvements in mind — TBD next session.
File:
ae_comp__badge_print_controls.svelte.
[Leads] Exhibitor Lead Scanning — NEXT MAJOR FEATURE
QR code scan at exhibitor booth → capture attendee badge data. Gated by allow_tracking on
the badge. Check if documentation/MODULE__AE_Events_Leads.md exists for full spec.
Key questions before starting: which routes, does the Electron app scan, what does the
lead record look like in the DB?
[General]
CRUD v2 Refactor: Finalize retirement of✅ Done (2026-03-05) — all non-IDAA usages migrated; IDAA had zero usages.Element_ae_crud_v2.sveltein favor of V3 Editor.- Temp Cleanup: Auto-removal of native
.tmpfiles older than 24h. window.print()for badge print button: Wire the existinghandle_print_badge()to triggerwindow.print(). Browser print works well across Chrome/Chromium/Firefox — no Electron needed.- Input Field Audit: Several input fields are missing
name/idattributes ordata-testid. Known examples: badge override fields inae_comp__badge_obj_view.svelte; template name input inae_comp__badge_template_form.svelte. Matters for: accessibility, autofill, label associations, and test targeting. (For tests, usegetByLabel()rather thaninput[value*=...]which only checks the HTML attribute, not the Svelte-bound DOM property.)
✅ Completed Recently
- [Badges] Badge Print Controls Panel: New
ae_comp__badge_print_controls.svelte— per-field accordion with inline edit forms, font size controls, access-level gating. Fixed-right-edge layout replaces collapsedflex-1panel. (2026-03-02, branchae_app_3x_llm) - [Badges] badge_type_override coupling: Selecting badge type from dropdown now saves both
badge_type_code_overrideANDbadge_type_overrideinae_comp__badge_obj_view.svelte,ae_comp__badge_review_form.svelte, andae_comp__badge_print_controls.svelte. - [Badges] Layout CSS system:
data-layoutattribute,@pageinjection,style_hreffor per-template CSS files. Two templates:badge_layout_epson_4x5_fanfold.css,badge_layout_zebra_zc10l_pvc.css. - [Badges] Duplex field wiring: Badge back hidden for single-sided templates.
- [Badges] Badge Review Form: Complete with QR code, field edits, access-level gating, accessibility toggle, help modal. (
ae_comp__badge_review_form.svelte) - [API] V3 Lookup System Integration: Implemented standardized
/v3/lookup/endpoints for Countries, Subdivisions, and Time Zones. Added support foronly_priorityfiltering in IDAA editors. - [UI] Events Launcher Location Fix: Resolved room select list issues by ensuring all enabled/hidden locations are proactively loaded and synced.
- [API] Event File V3 Mapping: Implemented
inc_hosted_filesupport and mapped prefixed backend fields (hosted_file_hash_sha256, etc.) to flat properties. - [UI] Badge Rendering Fix: Refactored
badge_templatelookup to use V3 Triple ID pattern. - [API] event_session Search Fix: Resolved 400 error (
Unauthorized search field ‘account_id’) via backend update. - [Security] Purged redundant
x-aether-api-tokenfrom frontend and notified backend. - [Security] Fixed misplaced
Access-Control-Allow-Originrequest headers. - [Security] Implemented "Account ID Scavenging" to fix hydration race conditions.
- [API] Unified all CRUD helpers to standard V3
/v3/crud/...paths. - [Framework] Implemented
AE_Obj_Field_Editor_V3with Svelte 5 Runes. - [IDAA] Verify Bulletin Board and Recovery Meetings functionality.
- [Badges] Multi-word fulltext search fix: Split query on whitespace, apply AND logic per word.
"scott idem"now matches records containing both words. (dc0f3066) - [Badges] Print button implemented:
handle_print_badge()incrementsprint_count, recordsprint_first_datetime/print_last_datetime. Button has loading/done/error states. (d1ded2d4) - [Badges]
data-testidattributes added to badge view interactive elements (badge-edit-btn,badge-save-btn,badge-cancel-btn,badge-print-btn,badge-professional-title-input) for reliable test targeting. - [Tests] Attendee badge workflow test passing:
event_badge_attendee_workflow.test.ts— navigate → edit professional title → save (verify PATCH body) → print (verify count/timestamps) → return to search. (d1ded2d4) - [Tests] All badge data integrity tests fixed: All 6 tests in
event_badge_data_integrity.test.tsnow pass. Root causes: (1) search mock used nested URL instead of flat/v3/crud/event_badge/search, (2) template list mock used nested URL instead of flat withfor_obj_id, (3) missing_randomID fields in mock badge objects, (4) CSSinput[value*=...]selector doesn’t work for Svelte-bound inputs — fixed togetByLabel(). (f5e98b8c)