@atlashub/smartstack-mcp 1.10.0 → 1.14.0

package/dist/index.js

@@ -558,7 +558,7 @@ var ConfigSchema = z.object({
 });
 var ValidateConventionsInputSchema = z.object({
   path: z.string().optional().describe("Project path to validate (default: SmartStack.app path)"),
-  checks: z.array(z.enum(["tables", "migrations", "services", "namespaces", "entities", "tenants", "controllers", "all"])).default(["all"]).describe("Types of checks to perform")
+  checks: z.array(z.enum(["tables", "migrations", "services", "namespaces", "entities", "tenants", "controllers", "layouts", "tabs", "all"])).default(["all"]).describe("Types of checks to perform")
 });
 var CheckMigrationsInputSchema = z.object({
   projectPath: z.string().optional().describe("EF Core project path"),
@@ -914,7 +914,7 @@ var validateConventionsTool = {
         type: "array",
         items: {
           type: "string",
-          enum: ["tables", "migrations", "services", "namespaces", "entities", "tenants", "controllers", "all"]
+          enum: ["tables", "migrations", "services", "namespaces", "entities", "tenants", "controllers", "layouts", "tabs", "all"]
         },
         description: "Types of checks to perform",
         default: ["all"]
@@ -925,7 +925,7 @@ var validateConventionsTool = {
 async function handleValidateConventions(args, config) {
   const input = ValidateConventionsInputSchema.parse(args);
   const projectPath = input.path || config.smartstack.projectPath;
-  const checks = input.checks.includes("all") ? ["tables", "migrations", "services", "namespaces", "entities", "tenants", "controllers"] : input.checks;
+  const checks = input.checks.includes("all") ? ["tables", "migrations", "services", "namespaces", "entities", "tenants", "controllers", "layouts", "tabs"] : input.checks;
   logger.info("Validating conventions", { projectPath, checks });
   const result = {
     valid: true,
@@ -955,6 +955,12 @@ async function handleValidateConventions(args, config) {
   if (checks.includes("controllers")) {
     await validateControllerRoutes(structure, config, result);
   }
+  if (checks.includes("layouts")) {
+    await validateLayouts(structure, config, result);
+  }
+  if (checks.includes("tabs")) {
+    await validateTabs(structure, config, result);
+  }
   result.valid = result.errors.length === 0;
   result.summary = generateSummary(result, checks);
   return formatResult(result);
@@ -1385,6 +1391,132 @@ async function validateControllerRoutes(structure, _config, result) {
     });
   }
 }
+async function validateLayouts(structure, _config, result) {
+  if (!structure.web) {
+    result.warnings.push({
+      type: "warning",
+      category: "layouts",
+      message: "Web project not found, skipping layout validation"
+    });
+    return;
+  }
+  const layoutFiles = await findFiles("**/layouts/**/*.tsx", { cwd: structure.web });
+  if (layoutFiles.length === 0) {
+    result.warnings.push({
+      type: "warning",
+      category: "layouts",
+      message: "No layout files found in web/src/layouts/"
+    });
+    return;
+  }
+  for (const file of layoutFiles) {
+    const content = await readText(file);
+    const fileName = path6.basename(file);
+    const lines = content.split("\n");
+    let hasMaxWidth = false;
+    for (const line of lines) {
+      if (line.trim().startsWith("//") || line.trim().startsWith("*")) continue;
+      if (/className.*max-w-/.test(line)) {
+        hasMaxWidth = true;
+        break;
+      }
+    }
+    if (hasMaxWidth) {
+      result.errors.push({
+        type: "error",
+        category: "layouts",
+        message: `Layout "${fileName}" uses max-w-* constraint which limits content width`,
+        file: path6.relative(structure.root, file),
+        suggestion: "Remove max-w-* class. Content should occupy full available width."
+      });
+    }
+    let hasStandardPadding = false;
+    for (const line of lines) {
+      if (line.trim().startsWith("//") || line.trim().startsWith("*")) continue;
+      if (/className.*lg:px-10/.test(line)) {
+        hasStandardPadding = true;
+        break;
+      }
+    }
+    if (!hasStandardPadding) {
+      result.warnings.push({
+        type: "warning",
+        category: "layouts",
+        message: `Layout "${fileName}" may be missing standard horizontal padding`,
+        file: path6.relative(structure.root, file),
+        suggestion: "Use lg:px-10 for consistent horizontal padding across layouts"
+      });
+    }
+    let hasScrollPattern = false;
+    for (const line of lines) {
+      if (line.trim().startsWith("//") || line.trim().startsWith("*")) continue;
+      if (/className.*h-full/.test(line) && /className.*overflow-auto/.test(line)) {
+        hasScrollPattern = true;
+        break;
+      }
+    }
+    if (!hasScrollPattern) {
+      result.warnings.push({
+        type: "warning",
+        category: "layouts",
+        message: `Layout "${fileName}" may be missing scroll container pattern`,
+        file: path6.relative(structure.root, file),
+        suggestion: "Use h-full overflow-auto for proper internal scrolling"
+      });
+    }
+  }
+}
+async function validateTabs(structure, _config, result) {
+  if (!structure.web) {
+    result.warnings.push({
+      type: "warning",
+      category: "tabs",
+      message: "Web project not found, skipping tab validation"
+    });
+    return;
+  }
+  const pageFiles = await findFiles("**/pages/**/*.tsx", { cwd: structure.web });
+  let tabPagesCount = 0;
+  let hookUsageCount = 0;
+  for (const file of pageFiles) {
+    const content = await readText(file);
+    const fileName = path6.basename(file);
+    const lines = content.split("\n");
+    let hasTabPattern = false;
+    for (const line of lines) {
+      const trimmed = line.trim();
+      if (trimmed.startsWith("//") || trimmed.startsWith("*") || trimmed.startsWith("/*") || trimmed === "") {
+        continue;
+      }
+      if (/<Tabs|<TabList|activeTab\s*[,=})]|setActiveTab\s*[({]/.test(line)) {
+        hasTabPattern = true;
+        break;
+      }
+    }
+    if (hasTabPattern) {
+      tabPagesCount++;
+      const usesHook = content.includes("useTabNavigation");
+      if (usesHook) {
+        hookUsageCount++;
+      } else {
+        result.errors.push({
+          type: "error",
+          category: "tabs",
+          message: `Page "${fileName}" has tabs but doesn't use useTabNavigation hook`,
+          file: path6.relative(structure.root, file),
+          suggestion: "Use useTabNavigation hook to sync tab state with URL: const { activeTab, setActiveTab } = useTabNavigation(defaultTab, VALID_TABS)"
+        });
+      }
+    }
+  }
+  if (tabPagesCount > 0) {
+    result.warnings.push({
+      type: "warning",
+      category: "tabs",
+      message: `Tab summary: ${hookUsageCount}/${tabPagesCount} pages with tabs use useTabNavigation hook`
+    });
+  }
+}
 function generateSummary(result, checks) {
   const parts = [];
   parts.push(`Checks performed: ${checks.join(", ")}`);
@@ -1822,6 +1954,10 @@ var scaffoldExtensionTool = {
             type: "boolean",
             description: "For feature type: generate repository pattern"
           },
+          withSeedData: {
+            type: "boolean",
+            description: "For entity type: generate centralized SeedData file in Seeding/Data/{Domain}/"
+          },
           entityProperties: {
             type: "array",
             items: {
@@ -2346,6 +2482,119 @@ public class {{name}}Configuration : IEntityTypeConfiguration<{{name}}>
   result.instructions.push("- CreatedAt, UpdatedAt, CreatedBy, UpdatedBy (audit)");
   result.instructions.push("- IsDeleted, DeletedAt, DeletedBy (soft delete)");
   result.instructions.push("- RowVersion (concurrency)");
+  if (options?.withSeedData) {
+    result.instructions.push("");
+    result.instructions.push("### Seed Data");
+    await scaffoldSeedData(name, options, structure, config, result, dryRun);
+  }
+}
+async function scaffoldSeedData(name, options, structure, config, result, dryRun = false) {
+  const tablePrefix = options?.tablePrefix || "ref_";
+  const domainMap = {
+    "auth_": "Authorization",
+    "nav_": "Navigation",
+    "usr_": "User",
+    "wkf_": "Communications",
+    "cfg_": "Configuration",
+    "ai_": "AI",
+    "entra_": "Entra",
+    "ref_": "Reference",
+    "support_": "Support",
+    "loc_": "Localization"
+  };
+  const domain = options?.seedDataDomain || domainMap[tablePrefix] || "Reference";
+  const isSystemEntity = options?.isSystemEntity || false;
+  const seedDataTemplate = `using SmartStack.Domain.{{domainNamespace}};
+
+namespace SmartStack.Infrastructure.Persistence.Seeding.Data.{{domain}};
+
+/// <summary>
+/// Donnees seed pour {{name}}.
+/// Centralise les IDs et donnees d'initialisation.
+/// </summary>
+public static class {{name}}SeedData
+{
+    // ============================================================
+    // IDs - Documenter chaque ID avec son role
+    // ============================================================
+
+    /// <summary>ID exemple - A remplacer par vos IDs</summary>
+    public static readonly Guid ExampleId = Guid.Parse("{{exampleGuid}}");
+
+    // ============================================================
+    // CODES / CONSTANTS
+    // ============================================================
+
+    public const string ExampleCode = "example";
+
+    // ============================================================
+    // SEED DATA
+    // ============================================================
+
+    /// <summary>
+    /// Retourne toutes les donnees seed pour {{name}}.
+    /// Appel\xE9 depuis {{name}}Configuration.HasData()
+    /// </summary>
+    public static object[] GetSeedData()
+    {
+        var seedDate = SeedConstants.SeedDate;
+
+        return new object[]
+        {
+            // Exemple - A remplacer par vos donnees
+            new
+            {
+                Id = ExampleId,
+{{#unless isSystemEntity}}
+                TenantId = (Guid?)null, // Seed data systeme sans tenant
+{{/unless}}
+                Code = ExampleCode,
+                // TODO: Ajouter les proprietes specifiques
+                IsDeleted = false,
+                CreatedAt = seedDate
+            }
+        };
+    }
+}
+`;
+  const exampleGuid = "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g, (c) => {
+    const r = Math.random() * 16 | 0;
+    const v = c === "x" ? r : r & 3 | 8;
+    return v.toString(16);
+  });
+  const context = {
+    name,
+    domain,
+    domainNamespace: domain,
+    isSystemEntity,
+    exampleGuid
+  };
+  const seedDataContent = Handlebars.compile(seedDataTemplate)(context);
+  const projectRoot = config.smartstack.projectPath;
+  const infraPath = structure.infrastructure || path8.join(projectRoot, "Infrastructure");
+  const seedDataPath = path8.join(infraPath, "Persistence", "Seeding", "Data", domain);
+  const seedDataFilePath = path8.join(seedDataPath, `${name}SeedData.cs`);
+  validatePathSecurity(seedDataFilePath, projectRoot);
+  if (!dryRun) {
+    await ensureDirectory(seedDataPath);
+    await writeText(seedDataFilePath, seedDataContent);
+  }
+  result.files.push({ path: seedDataFilePath, content: seedDataContent, type: "created" });
+  result.instructions.push(`SeedData file generated in Seeding/Data/${domain}/`);
+  result.instructions.push("");
+  result.instructions.push("Update your Configuration to use centralized SeedData:");
+  result.instructions.push("```csharp");
+  result.instructions.push(`// In ${name}Configuration.cs`);
+  result.instructions.push(`using SmartStack.Infrastructure.Persistence.Seeding.Data.${domain};`);
+  result.instructions.push("");
+  result.instructions.push(`builder.HasData(${name}SeedData.GetSeedData());`);
+  result.instructions.push("```");
+  result.instructions.push("");
+  result.instructions.push("Pattern to follow:");
+  result.instructions.push("1. Define public static readonly Guid IDs");
+  result.instructions.push("2. Define const string codes");
+  result.instructions.push("3. Implement GetSeedData() returning object[]");
+  result.instructions.push("4. Reference other SeedData IDs for foreign keys");
 }
 async function scaffoldController(name, options, structure, config, result, dryRun = false) {
   const namespace = options?.namespace || `${config.conventions.namespaces.api}.Controllers`;
@@ -3658,7 +3907,7 @@ async function handleSuggestMigration(args, config) {
 async function findExistingMigrations(structure, config, context) {
   const migrations = [];
   const infraPath = structure.infrastructure || path10.join(config.smartstack.projectPath, "Infrastructure");
-  const migrationsPath = path10.join(infraPath, "Migrations");
+  const migrationsPath = path10.join(infraPath, "Persistence", "Migrations");
   try {
     const migrationFiles = await findFiles("*.cs", { cwd: migrationsPath });
     const migrationPattern = /^(\w+)_v(\d+\.\d+\.\d+)_(\d+)_(\w+)\.cs$/;
@@ -3705,7 +3954,6 @@ function compareVersions2(a, b) {
 }
 
 // src/tools/generate-permissions.ts
-import Handlebars2 from "handlebars";
 import path11 from "path";
 var HTTP_METHOD_TO_ACTION = {
   "GET": "read",
@@ -3722,17 +3970,21 @@ var generatePermissionsTool = {
   name: "generate_permissions",
   description: `Generate RBAC permissions for SmartStack controllers.
 
-Automatically creates permissions following the convention: {navRoute}.{action}
+Analyzes NavRoute attributes and outputs HasData() C# code to add to PermissionConfiguration.cs.
+
+IMPORTANT: This tool does NOT generate migrations with raw SQL (forbidden by SmartStack conventions).
+Instead, it outputs HasData() code that must be manually added to the Configuration file.
 
 Example:
   navRoute: "platform.administration.entra"
-  Generates:
+  Outputs HasData() code for:
+    - platform.administration.entra.*
     - platform.administration.entra.read
     - platform.administration.entra.create
     - platform.administration.entra.update
     - platform.administration.entra.delete
 
-Can also generate EF Core migration to seed permissions in database.`,
+After adding to PermissionConfiguration.cs, run: dotnet ef migrations add <MigrationName>`,
   inputSchema: {
     type: "object",
     properties: {
@@ -3750,15 +4002,10 @@ Can also generate EF Core migration to seed permissions in database.`,
         default: true,
         description: "Include standard CRUD actions (read, create, update, delete)"
       },
-      generateMigration: {
+      includeWildcard: {
         type: "boolean",
         default: true,
-        description: "Generate EF Core migration to seed permissions in database"
-      },
-      dryRun: {
-        type: "boolean",
-        default: false,
-        description: "Preview without writing files or creating migration"
+        description: "Include wildcard permission (e.g., personal.myspace.tenants.*)"
       }
     }
   }
@@ -3769,8 +4016,7 @@ async function handleGeneratePermissions(args, config) {
       navRoute: args.navRoute,
       actions: args.actions || [],
       includeStandardActions: args.includeStandardActions !== false,
-      generateMigration: args.generateMigration !== false,
-      dryRun: args.dryRun === true
+      includeWildcard: args.includeWildcard !== false
     };
     const structure = await findSmartStackStructure(config.smartstack.projectPath);
     if (!structure) {
@@ -3782,16 +4028,17 @@ async function handleGeneratePermissions(args, config) {
       permissions = generatePermissionsForNavRoute(
         options.navRoute,
         options.actions || [],
-        options.includeStandardActions || false
+        options.includeStandardActions || false,
+        options.includeWildcard || false
       );
-      report = `## Permissions Generated for NavRoute: ${options.navRoute}
+      report = `## Permissions for NavRoute: ${options.navRoute}
 
 `;
       report += formatPermissionsReport(permissions);
     } else {
       const scannedPermissions = await scanControllersForPermissions(structure.api || structure.root);
       permissions = scannedPermissions;
-      report = `## Permissions Generated from All Controllers
+      report = `## Permissions from All Controllers
 
 `;
       report += `Total controllers scanned: ${getUniqueNavRouteCount(permissions)}
@@ -3801,53 +4048,51 @@ async function handleGeneratePermissions(args, config) {
 `;
       report += formatPermissionsReport(permissions);
     }
-    if (options.generateMigration && !options.dryRun) {
-      const migrationResult = await generatePermissionMigration(
-        structure.api || structure.root,
-        permissions,
-        config
-      );
-      report += `
+    report += `
 
-## Migration Generated
+## HasData() Code for PermissionConfiguration.cs
 
 `;
-      report += `File: ${migrationResult.filePath}
+    report += `\u26A0\uFE0F **IMPORTANT**: Do NOT use migrationBuilder.Sql() - it's forbidden by SmartStack conventions.
 `;
-      report += `Migration name: ${migrationResult.migrationName}
+    report += `Add this code to \`PermissionConfiguration.cs\` in the HasData() section, then create a migration.
 
 `;
-      report += `### Next Steps
+    report += generateHasDataCode(permissions, options.navRoute || "custom");
+    report += `
+
+### Next Steps
 
 `;
-      report += `1. Review the generated migration
-`;
-      report += `2. Run: \`dotnet ef database update\`
+    report += `1. Add the module ID variable in GetSeedData() method
 `;
-      report += `3. Verify permissions in auth_Permissions table
+    report += `2. Add the HasData entries to the return array
 `;
-    } else if (options.dryRun) {
-      report += `
-
-## Dry Run Mode
-
+    report += `3. Run: \`dotnet ef migrations add <MigrationName> -o Persistence/Migrations\`
 `;
-      report += `No files were created. Remove 'dryRun: true' to generate migration.
+    report += `4. Run: \`dotnet ef database update\`
 `;
-    }
     return report;
   } catch (error) {
     logger.error("Error generating permissions:", error);
     throw error;
   }
 }
-function generatePermissionsForNavRoute(navRoute, customActions, includeStandardActions) {
+function generatePermissionsForNavRoute(navRoute, customActions, includeStandardActions, includeWildcard = true) {
   const permissions = [];
   const parts = navRoute.split(".");
   const context = parts[0];
   if (parts.length < 3) {
     throw new Error(`Invalid NavRoute format: ${navRoute}. Expected format: context.application.module`);
   }
+  if (includeWildcard) {
+    permissions.push({
+      code: `${navRoute}.*`,
+      name: formatPermissionName(navRoute, "Full Access"),
+      description: `Full ${parts[parts.length - 1]} management`,
+      category: context
+    });
+  }
   const actions = includeStandardActions ? [...STANDARD_ACTIONS, ...customActions] : customActions;
   for (const action of actions) {
     const code = `${navRoute}.${action}`;
@@ -3986,87 +4231,54 @@ function getUniqueNavRouteCount(permissions) {
   );
   return navRoutes.size;
 }
-async function generatePermissionMigration(backendRoot, permissions, config) {
-  const templatePath = path11.join(
-    process.cwd(),
-    "templates",
-    "migrations",
-    "seed-permissions.cs.hbs"
-  );
-  let template;
-  try {
-    template = await readText(templatePath);
-  } catch {
-    template = getSeedPermissionsTemplate();
-  }
-  const handlebars = Handlebars2.create();
-  const compiled = handlebars.compile(template);
-  const timestamp = (/* @__PURE__ */ new Date()).toISOString().replace(/[-:T.]/g, "").slice(0, 14);
-  const migrationName = `SeedPermissions_${timestamp}`;
-  const content = compiled({
-    migrationName,
-    permissions,
-    timestamp
-  });
-  const migrationsPath = path11.join(
-    backendRoot,
-    "Infrastructure",
-    "Data",
-    "Migrations",
-    "Core"
-  );
-  await ensureDirectory(migrationsPath);
-  const filePath = path11.join(migrationsPath, `${migrationName}.cs`);
-  validatePathSecurity(filePath, config.smartstack.projectPath);
-  await writeText(filePath, content);
-  logger.info(`Generated permission migration: ${filePath}`);
-  return {
-    filePath,
-    migrationName
-  };
-}
-function getSeedPermissionsTemplate() {
-  return `using Microsoft.EntityFrameworkCore.Migrations;
-
-namespace SmartStack.Infrastructure.Data.Migrations.Core;
+function generateHasDataCode(permissions, navRoute) {
+  const parts = navRoute.split(".");
+  const moduleName = parts.length >= 3 ? parts[parts.length - 1] : "custom";
+  const moduleVarName = `${moduleName}ModuleId`;
+  let code = "```csharp\n";
+  code += `// 1. Add module ID variable (get from NavigationModuleSeedData.cs)
+`;
+  code += `var ${moduleVarName} = Guid.Parse("XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"); // TODO: Replace with actual ID
 
-/// <summary>
-/// Seed permissions generated from NavRoute controllers
-/// Generated on {{timestamp}}
-/// </summary>
-public partial class {{migrationName}} : Migration
-{
-    protected override void Up(MigrationBuilder migrationBuilder)
-    {
-        // Insert permissions
-        {{#each permissions}}
-        migrationBuilder.Sql(@"
-            IF NOT EXISTS (SELECT 1 FROM core.auth_Permissions WHERE Code = '{{code}}')
-            BEGIN
-                INSERT INTO core.auth_Permissions (Id, Code, Name, Description, IsDeleted, CreatedAt, UpdatedAt)
-                VALUES (
-                    NEWID(),
-                    '{{code}}',
-                    '{{name}}',
-                    '{{description}}',
-                    0,
-                    GETUTCDATE(),
-                    GETUTCDATE()
-                );
-            END
-        ");
-        {{/each}}
-    }
-
-    protected override void Down(MigrationBuilder migrationBuilder)
-    {
-        // Remove seeded permissions
-        {{#each permissions}}
-        migrationBuilder.Sql(@"DELETE FROM core.auth_Permissions WHERE Code = '{{code}}'");
-        {{/each}}
+`;
+  code += `// 2. Add these entries to the HasData() return array:
+`;
+  for (const perm of permissions) {
+    const isWildcard = perm.code.endsWith(".*");
+    const action = perm.code.split(".").pop();
+    const guidPlaceholder = generatePlaceholderGuid();
+    if (isWildcard) {
+      code += `new { Id = Guid.Parse("${guidPlaceholder}"), Path = "${perm.code}", Level = PermissionLevel.Module, IsWildcard = true, ModuleId = ${moduleVarName}, Description = "${perm.description}", CreatedAt = seedDate },
+`;
+    } else {
+      const actionEnum = getActionEnum(action || "read");
+      code += `new { Id = Guid.Parse("${guidPlaceholder}"), Path = "${perm.code}", Level = PermissionLevel.Module, Action = PermissionAction.${actionEnum}, IsWildcard = false, ModuleId = ${moduleVarName}, Description = "${perm.description}", CreatedAt = seedDate },
+`;
     }
-}
+  }
+  code += "```\n";
+  code += "\n\u26A0\uFE0F **IMPORTANT**: Replace all GUIDs with randomly generated ones using:\n";
+  code += "```powershell\n";
+  code += `1..${permissions.length} | ForEach-Object { [guid]::NewGuid().ToString() }
 `;
+  code += "```\n";
+  return code;
+}
+function generatePlaceholderGuid() {
+  return "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX";
+}
+function getActionEnum(action) {
+  const actionMap = {
+    "read": "Read",
+    "create": "Create",
+    "update": "Update",
+    "delete": "Delete",
+    "assign": "Assign",
+    "execute": "Execute",
+    "export": "Export",
+    "import": "Import"
+  };
+  return actionMap[action.toLowerCase()] || action.charAt(0).toUpperCase() + action.slice(1);
 }
 async function readDirectoryRecursive(dir) {
   const files = [];
@@ -4086,7 +4298,7 @@ async function readDirectoryRecursive(dir) {
 }
 
 // src/tools/scaffold-tests.ts
-import Handlebars3 from "handlebars";
+import Handlebars2 from "handlebars";
 import path12 from "path";
 var scaffoldTestsTool = {
   name: "scaffold_tests",
@@ -4166,15 +4378,15 @@ var scaffoldTestsTool = {
     required: ["target", "name"]
   }
 };
-Handlebars3.registerHelper("pascalCase", (str) => {
+Handlebars2.registerHelper("pascalCase", (str) => {
   if (!str) return "";
   return str.charAt(0).toUpperCase() + str.slice(1);
 });
-Handlebars3.registerHelper("camelCase", (str) => {
+Handlebars2.registerHelper("camelCase", (str) => {
   if (!str) return "";
   return str.charAt(0).toLowerCase() + str.slice(1);
 });
-Handlebars3.registerHelper("unless", function(conditional, options) {
+Handlebars2.registerHelper("unless", function(conditional, options) {
   if (!conditional) {
     return options.fn(this);
   }
@@ -5516,7 +5728,7 @@ async function scaffoldEntityTests(name, options, testTypes, structure, config,
     ...options
   };
   if (testTypes.includes("unit")) {
-    const content = Handlebars3.compile(entityTestTemplate)(context);
+    const content = Handlebars2.compile(entityTestTemplate)(context);
     const testPath = path12.join(structure.root, "Tests", "Unit", "Domain", `${name}Tests.cs`);
     validatePathSecurity(testPath, structure.root);
     if (!dryRun) {
@@ -5530,7 +5742,7 @@ async function scaffoldEntityTests(name, options, testTypes, structure, config,
     });
   }
   if (testTypes.includes("security")) {
-    const securityContent = Handlebars3.compile(securityTestTemplate)({
+    const securityContent = Handlebars2.compile(securityTestTemplate)({
       ...context,
       nameLower: name.charAt(0).toLowerCase() + name.slice(1),
       apiNamespace: config.conventions.namespaces.api
@@ -5562,7 +5774,7 @@ async function scaffoldServiceTests(name, options, testTypes, structure, config,
     ...options
   };
   if (testTypes.includes("unit")) {
-    const content = Handlebars3.compile(serviceTestTemplate)(context);
+    const content = Handlebars2.compile(serviceTestTemplate)(context);
     const testPath = path12.join(structure.root, "Tests", "Unit", "Services", `${name}ServiceTests.cs`);
     validatePathSecurity(testPath, structure.root);
     if (!dryRun) {
@@ -5592,7 +5804,7 @@ async function scaffoldControllerTests(name, options, testTypes, structure, conf
     ...options
   };
   if (testTypes.includes("integration")) {
-    const content = Handlebars3.compile(controllerTestTemplate)(context);
+    const content = Handlebars2.compile(controllerTestTemplate)(context);
     const testPath = path12.join(structure.root, "Tests", "Integration", "Controllers", `${name}ControllerTests.cs`);
     validatePathSecurity(testPath, structure.root);
     if (!dryRun) {
@@ -5606,7 +5818,7 @@ async function scaffoldControllerTests(name, options, testTypes, structure, conf
     });
   }
   if (testTypes.includes("security")) {
-    const securityContent = Handlebars3.compile(securityTestTemplate)(context);
+    const securityContent = Handlebars2.compile(securityTestTemplate)(context);
     const securityPath = path12.join(structure.root, "Tests", "Security", `${name}SecurityTests.cs`);
     validatePathSecurity(securityPath, structure.root);
     if (!dryRun) {
@@ -5631,7 +5843,7 @@ async function scaffoldValidatorTests(name, options, testTypes, structure, confi
     ...options
   };
   if (testTypes.includes("unit")) {
-    const content = Handlebars3.compile(validatorTestTemplate)(context);
+    const content = Handlebars2.compile(validatorTestTemplate)(context);
     const testPath = path12.join(structure.root, "Tests", "Unit", "Validators", `${name}ValidatorTests.cs`);
     validatePathSecurity(testPath, structure.root);
     if (!dryRun) {
@@ -5658,7 +5870,7 @@ async function scaffoldRepositoryTests(name, options, testTypes, structure, conf
     ...options
   };
   if (testTypes.includes("integration")) {
-    const content = Handlebars3.compile(repositoryTestTemplate)(context);
+    const content = Handlebars2.compile(repositoryTestTemplate)(context);
     const testPath = path12.join(structure.root, "Tests", "Integration", "Repositories", `${name}RepositoryTests.cs`);
     validatePathSecurity(testPath, structure.root);
     if (!dryRun) {
@@ -10388,6 +10600,76 @@ All tenant-related tables use the \`tenant_\` prefix:
 
 ---
 
+## 10. Frontend Conventions
+
+### Layout Standards
+
+All context layouts MUST follow the AdminLayout pattern for consistent user experience.
+
+#### Standard Structure
+
+\`\`\`tsx
+<main className={\`pt-16 transition-all duration-300 \${
+  showSidebar ? (isCollapsed ? 'lg:pl-16' : 'lg:pl-64') : ''
+}\`}>
+  <div className="p-4 sm:p-6 lg:px-10 h-full overflow-auto">
+    <Outlet />
+  </div>
+</main>
+\`\`\`
+
+#### Layout Rules
+
+| Rule | Description |
+|------|-------------|
+| No \`max-w-*\` | Content MUST occupy full available width |
+| Horizontal padding | Use \`lg:px-10\` for consistent padding |
+| Scroll container | Use \`h-full overflow-auto\` for internal scrolling |
+| Sidebar conditional | \`showSidebar = !!currentAppCode\` |
+
+### Tab Navigation with URL
+
+Pages with tabs MUST synchronize tab state with URL for shareable links and browser navigation.
+
+#### useTabNavigation Hook
+
+\`\`\`tsx
+import { useTabNavigation } from '@/hooks/useTabNavigation';
+
+// 1. Define valid tabs
+const VALID_TABS = ['info', 'settings', 'permissions'] as const;
+type TabId = typeof VALID_TABS[number];
+
+// 2. Use the hook
+const { activeTab, setActiveTab } = useTabNavigation<TabId>('info', VALID_TABS);
+
+// 3. Use in JSX
+<button onClick={() => setActiveTab('settings')}>Settings</button>
+\`\`\`
+
+#### URL Behavior
+
+| URL | Active Tab |
+|-----|------------|
+| \`/page\` | Default tab (e.g., \`info\`) |
+| \`/page?tab=settings\` | \`settings\` |
+| \`/page?tab=invalid\` | Default tab (fallback) |
+
+#### Hook Characteristics
+
+- URL is clean for default tab (no \`?tab=\` parameter)
+- Invalid tabs fallback to default
+- Uses \`replace: true\` to avoid polluting browser history
+
+### Frontend Validation Checks
+
+| Check | Description |
+|-------|-------------|
+| \`layouts\` | Verify no \`max-w-*\` in content wrapper, standard padding present |
+| \`tabs\` | Verify \`useTabNavigation\` hook usage for pages with tabs |
+
+---
+
 ## Quick Reference
 
 | Category | Convention | Example |
@@ -10420,6 +10702,10 @@ All tenant-related tables use the \`tenant_\` prefix:
 | Validation | \`withValidation: true\` | FluentValidation validators |
 | Repository | \`withRepository: true\` | Interface + Implementation |
 | Migration naming | \`suggest_migration\` | {context}_v{version}_{seq}_{Desc} |
+| Layout wrapper | No \`max-w-*\` | Content fills available width |
+| Layout padding | \`lg:px-10\` | Standard horizontal padding |
+| Tab navigation | \`useTabNavigation\` hook | Sync tabs with URL |
+| Tab URL | \`?tab=name\` | Shareable deep links to tabs |
 
 ---