diff --git a/common/auth/src/authorizer/mod.rs b/common/auth/src/authorizer/mod.rs
index 3d3e11067..b39348de9 100644
--- a/common/auth/src/authorizer/mod.rs
+++ b/common/auth/src/authorizer/mod.rs
@@ -32,7 +32,7 @@ impl Authorizer {
         permission: Permission,
     ) -> Result<(), AuthorizationError> {
         if self.config.is_none() {
-            log::warn!("Authorization disabled, all permissions granted");
+            log::debug!("Authorization disabled, all permissions granted");
             return Ok(());
         }
 
diff --git a/modules/fundamental/src/purl/endpoints/test.rs b/modules/fundamental/src/purl/endpoints/test.rs
index 363380b0c..a488d9e47 100644
--- a/modules/fundamental/src/purl/endpoints/test.rs
+++ b/modules/fundamental/src/purl/endpoints/test.rs
@@ -15,6 +15,8 @@ use trustify_common::model::PaginatedResults;
 use trustify_common::purl::Purl;
 use trustify_module_ingestor::graph::Graph;
 use trustify_test_context::{call::CallService, TrustifyContext};
+use urlencoding::encode;
+use uuid::Uuid;
 
 async fn setup(db: &Database, graph: &Graph) -> Result<(), anyhow::Error> {
     let log4j = graph
@@ -290,12 +292,23 @@ async fn qualified_packages_filtering(ctx: &TrustifyContext) -> Result<(), anyho
     setup(&ctx.db, &ctx.graph).await?;
     let app = caller(ctx).await?;
 
-    let uri = "/api/v1/purl?q=type%3Dmaven";
-    let request = TestRequest::get().uri(uri).to_request();
+    let uri = format!("/api/v1/purl?q={}", encode("ty=maven"));
+    let request = TestRequest::get().uri(&uri).to_request();
     let response: PaginatedResults<PurlSummary> = app.call_and_read_body_json(request).await;
-
     assert_eq!(3, response.items.len());
 
+    ctx.ingestor
+        .graph()
+        .ingest_qualified_package(
+            &Purl::from_str("pkg:rpm/fedora/curl@7.50.3-1.fc25?arch=i386")?,
+            &ctx.db,
+        )
+        .await?;
+    let uri = format!("/api/v1/purl?q={}", encode("ty=rpm&arch=i386"));
+    let request = TestRequest::get().uri(&uri).to_request();
+    let response: PaginatedResults<PurlSummary> = app.call_and_read_body_json(request).await;
+    assert_eq!(1, response.items.len());
+
     Ok(())
 }
 
@@ -325,7 +338,7 @@ async fn package_with_status(ctx: &TrustifyContext) -> Result<(), anyhow::Error>
     let request = TestRequest::get().uri(&uri).to_request();
     let response: Value = app.call_and_read_body_json(request).await;
 
-    log::debug!("{response:#?}");
+    assert_eq!(uuid, Uuid::parse_str(response["uuid"].as_str().unwrap())?);
 
     Ok(())
 }
diff --git a/modules/fundamental/src/purl/service/mod.rs b/modules/fundamental/src/purl/service/mod.rs
index ce32e4e6e..21e2ae784 100644
--- a/modules/fundamental/src/purl/service/mod.rs
+++ b/modules/fundamental/src/purl/service/mod.rs
@@ -16,7 +16,7 @@ use tracing::instrument;
 use trustify_common::{
     db::{
         limiter::LimiterTrait,
-        query::{Filtering, Query},
+        query::{Filtering, IntoColumns, Query},
     },
     model::{Paginated, PaginatedResults},
     purl::{Purl, PurlErr},
@@ -309,29 +309,14 @@ impl PurlService {
         paginated: Paginated,
         connection: &C,
     ) -> Result<PaginatedResults<PurlSummary>, Error> {
-        // TODO: this would be the condition used to select from jsonb name key
-        let _unused_condition = Expr::cust_with_exprs(
-            "$1->>'name' ~~* $2",
-            [
-                qualified_purl::Column::Purl.into_simple_expr(),
-                SimpleExpr::Value(format!("%{}%", query.q).into()),
-            ],
-        );
-
-        // TODO: we need to figure out how we bring in querying keys of jsonb column in query.rs
         let limiter = qualified_purl::Entity::find()
-            .left_join(versioned_purl::Entity)
-            .filter(
-                Condition::any().add(
-                    versioned_purl::Column::BasePurlId.in_subquery(
-                        base_purl::Entity::find()
-                            .filtering(query)?
-                            .select_only()
-                            .column(base_purl::Column::Id)
-                            .into_query(),
-                    ),
-                ),
-            )
+            .filtering_with(
+                query,
+                qualified_purl::Entity
+                    .columns()
+                    .json_keys("purl", &["ty", "namespace", "name", "version"])
+                    .json_keys("qualifiers", &["arch", "type", "repository_url"]),
+            )?
             .limiting(connection, paginated.offset, paginated.limit);
 
         let total = limiter.total().await?;
diff --git a/modules/fundamental/src/purl/service/test.rs b/modules/fundamental/src/purl/service/test.rs
index f159fdfef..32e435b25 100644
--- a/modules/fundamental/src/purl/service/test.rs
+++ b/modules/fundamental/src/purl/service/test.rs
@@ -626,10 +626,12 @@ async fn statuses(ctx: &TrustifyContext) -> Result<(), anyhow::Error> {
 
     let uuid = results.items[0].head.uuid;
 
-    let _results = service
+    let results = service
         .purl_by_uuid(&uuid, Default::default(), &ctx.db)
         .await?;
 
+    assert_eq!(uuid, results.unwrap().head.uuid);
+
     Ok(())
 }