@jmruthers/pace-core 0.2.7 → 0.5.1

package/dist/chunk-BEZRLNK3.js

@@ -1,1744 +0,0 @@
-import {
-  Button,
-  Dialog,
-  DialogContent,
-  DialogDescription,
-  DialogHeader,
-  DialogTitle,
-  init_Button,
-  init_Dialog
-} from "./chunk-ETEJVKYK.js";
-import {
-  AccessLevel,
-  init_unified
-} from "./chunk-YDJW5XTN.js";
-import {
-  DebugLogger,
-  init_debugLogger,
-  init_organisationContext,
-  setOrganisationContext
-} from "./chunk-2V3Y6YBC.js";
-import {
-  __esm,
-  __export
-} from "./chunk-PLDDJCW6.js";
-
-// src/providers/AuthProvider.tsx
-import { createContext, useContext, useState, useEffect, useCallback, useMemo } from "react";
-import { AuthError } from "@supabase/supabase-js";
-import { jsx } from "react/jsx-runtime";
-function AuthProvider({ children, supabaseClient }) {
-  const [user, setUser] = useState(null);
-  const [session, setSession] = useState(null);
-  const [authLoading, setAuthLoading] = useState(true);
-  const [authError, setAuthError] = useState(null);
-  useEffect(() => {
-    const handleError = (event) => {
-      if (event.error?.message?.includes("AuthSessionMissingError") || event.error?.message?.includes("Auth session missing")) {
-        console.warn("[AuthProvider] Suppressing AuthSessionMissingError during logout");
-        event.preventDefault();
-        return false;
-      }
-    };
-    const handleUnhandledRejection = (event) => {
-      if (event.reason?.message?.includes("AuthSessionMissingError") || event.reason?.message?.includes("Auth session missing")) {
-        console.warn("[AuthProvider] Suppressing unhandled AuthSessionMissingError");
-        event.preventDefault();
-        return false;
-      }
-    };
-    window.addEventListener("error", handleError);
-    window.addEventListener("unhandledrejection", handleUnhandledRejection);
-    return () => {
-      window.removeEventListener("error", handleError);
-      window.removeEventListener("unhandledrejection", handleUnhandledRejection);
-    };
-  }, []);
-  useEffect(() => {
-    if (!supabaseClient) return;
-    const loadInitialUser = async () => {
-      try {
-        const response = await supabaseClient.auth.getUser();
-        const { data: { user: initialUser }, error } = response || { data: { user: null }, error: null };
-        if (error) {
-          console.warn("Failed to get initial user:", error);
-          setAuthLoading(false);
-          return;
-        }
-        if (initialUser) {
-          setUser(initialUser);
-        }
-        setAuthLoading(false);
-      } catch (error) {
-        console.error("Error loading initial user:", error);
-        setAuthLoading(false);
-      }
-    };
-    const timeoutId = setTimeout(() => {
-      if (authLoading && !user && !session) {
-        loadInitialUser();
-      }
-    }, 100);
-    return () => clearTimeout(timeoutId);
-  }, [supabaseClient, authLoading, user, session]);
-  useEffect(() => {
-    if (!supabaseClient) {
-      setAuthLoading(false);
-      return;
-    }
-    const timeoutId = setTimeout(() => {
-      if (authLoading) {
-        console.warn("AuthProvider: Auth loading timeout reached");
-        setAuthLoading(false);
-      }
-    }, 2e3);
-    try {
-      DebugLogger.log("AuthProvider", "Setting up auth state change listener...");
-      const authStateChange = supabaseClient.auth.onAuthStateChange(
-        (event, session2) => {
-          try {
-            DebugLogger.log("AuthProvider", "Auth state changed:", event, session2?.user?.email);
-            clearTimeout(timeoutId);
-            if (event === "SIGNED_OUT") {
-              DebugLogger.log("AuthProvider", "User signed out, clearing all state");
-              setSession(null);
-              setUser(null);
-              setAuthLoading(false);
-              setAuthError(null);
-            } else {
-              setSession(session2);
-              setUser(session2?.user ?? null);
-              setAuthLoading(false);
-              if (session2) {
-                setAuthError(null);
-              }
-            }
-          } catch (error) {
-            console.warn("[AuthProvider] Error in auth state change handler:", error);
-            setAuthLoading(false);
-          }
-        }
-      );
-      const subscription = authStateChange?.data?.subscription || authStateChange;
-      return () => {
-        clearTimeout(timeoutId);
-        if (subscription && typeof subscription.unsubscribe === "function") {
-          DebugLogger.log("AuthProvider", "Cleaning up auth state listener");
-          subscription.unsubscribe();
-        }
-      };
-    } catch (error) {
-      console.error("AuthProvider: Error setting up auth state change listener:", error);
-      if (error instanceof Error && !error.message.includes("No API key found") && !error.message.includes("AuthSessionMissingError") && !error.message.includes("Auth session missing")) {
-        setAuthError(error);
-      }
-      setAuthLoading(false);
-      clearTimeout(timeoutId);
-      return () => {
-      };
-    }
-  }, [supabaseClient]);
-  const signIn = useCallback(async (email, password) => {
-    if (!supabaseClient) {
-      const error = new Error("No Supabase client provided");
-      setAuthError(error);
-      return { error };
-    }
-    setAuthLoading(true);
-    setAuthError(null);
-    try {
-      const { error } = await supabaseClient.auth.signInWithPassword({ email, password: password || "" });
-      if (error) {
-        setAuthError(error);
-      }
-      return { error };
-    } catch (err) {
-      const authError2 = err;
-      setAuthError(authError2);
-      return { error: authError2 };
-    } finally {
-      setAuthLoading(false);
-    }
-  }, [supabaseClient]);
-  const signUp = useCallback(async (email, password) => {
-    if (!supabaseClient) {
-      const error = new Error("No Supabase client provided");
-      setAuthError(error);
-      return { error };
-    }
-    setAuthError(null);
-    try {
-      const { error } = await supabaseClient.auth.signUp({ email, password });
-      if (error) {
-        setAuthError(error);
-      }
-      return { error };
-    } catch (err) {
-      const authError2 = err;
-      setAuthError(authError2);
-      return { error: authError2 };
-    }
-  }, [supabaseClient]);
-  const signOut = useCallback(async () => {
-    DebugLogger.log("AuthProvider", "signOut called");
-    setAuthLoading(false);
-    if (!supabaseClient) {
-      DebugLogger.log("AuthProvider", "No supabase client, clearing state manually");
-      setUser(null);
-      setSession(null);
-      setAuthError(null);
-      return { error: null };
-    }
-    DebugLogger.log("AuthProvider", "Pre-clearing state before signOut call");
-    setUser(null);
-    setSession(null);
-    setAuthError(null);
-    try {
-      DebugLogger.log("AuthProvider", "Calling supabase signOut");
-      const signOutPromise = supabaseClient.auth.signOut();
-      const timeoutPromise = new Promise(
-        (_, reject) => setTimeout(() => reject(new Error("SignOut timeout")), 3e3)
-      );
-      const { error } = await Promise.race([signOutPromise, timeoutPromise]);
-      if (error && !error.message?.includes("SignOut timeout")) {
-        console.error("[AuthProvider] signOut error:", error);
-      }
-      DebugLogger.log("AuthProvider", "signOut process completed");
-      return { error: null };
-    } catch (err) {
-      console.warn("[AuthProvider] signOut exception (ignored):", err);
-      return { error: null };
-    }
-  }, [supabaseClient]);
-  const resetPassword = useCallback(async (email) => {
-    if (!supabaseClient) {
-      const error = new Error("No Supabase client provided");
-      setAuthError(error);
-      return { error };
-    }
-    setAuthError(null);
-    try {
-      const { error } = await supabaseClient.auth.resetPasswordForEmail(email);
-      if (error) {
-        setAuthError(error);
-      }
-      return { error };
-    } catch (err) {
-      const authError2 = err;
-      setAuthError(authError2);
-      return { error: authError2 };
-    }
-  }, [supabaseClient]);
-  const updatePassword = useCallback(async (password) => {
-    if (!supabaseClient) return { error: new AuthError("Supabase client not available.", 500) };
-    const { error } = await supabaseClient.auth.updateUser({ password });
-    if (error) {
-      setAuthError(error);
-    }
-    return { error };
-  }, [supabaseClient]);
-  const refreshSession = useCallback(async () => {
-    if (!supabaseClient) {
-      const error = new Error("No Supabase client provided");
-      setAuthError(error);
-      return { error };
-    }
-    setAuthError(null);
-    try {
-      const { error } = await supabaseClient.auth.refreshSession();
-      if (error) {
-        setAuthError(error);
-      }
-      return { error };
-    } catch (err) {
-      const authError2 = err;
-      setAuthError(authError2);
-      return { error: authError2 };
-    }
-  }, [supabaseClient]);
-  const isAuthenticated = !!user;
-  const contextValue = useMemo(() => ({
-    user,
-    session,
-    isAuthenticated,
-    authLoading,
-    authError,
-    error: authError,
-    // Alias for backward compatibility
-    supabase: supabaseClient || null,
-    signIn,
-    signUp,
-    signOut,
-    resetPassword,
-    updatePassword,
-    refreshSession
-  }), [
-    user,
-    session,
-    isAuthenticated,
-    authLoading,
-    authError,
-    supabaseClient,
-    signIn,
-    signUp,
-    signOut,
-    resetPassword,
-    updatePassword,
-    refreshSession
-  ]);
-  return /* @__PURE__ */ jsx(AuthContext.Provider, { value: contextValue, children });
-}
-var AuthContext, useAuth;
-var init_AuthProvider = __esm({
-  "src/providers/AuthProvider.tsx"() {
-    "use strict";
-    init_debugLogger();
-    AuthContext = createContext(void 0);
-    useAuth = () => {
-      const context = useContext(AuthContext);
-      if (!context) {
-        throw new Error("useAuth must be used within an AuthProvider");
-      }
-      return context;
-    };
-  }
-});
-
-// src/providers/RBACProvider.tsx
-import { createContext as createContext2, useContext as useContext2, useState as useState2, useEffect as useEffect2, useCallback as useCallback2, useMemo as useMemo2 } from "react";
-import { jsx as jsx2 } from "react/jsx-runtime";
-function RBACProvider({
-  children,
-  supabaseClient,
-  user,
-  session,
-  appName,
-  enableRBAC = false,
-  persistState = true,
-  enablePersistence,
-  requireOrganisationContext: _requireOrganisationContext = true
-}) {
-  const shouldPersist = enablePersistence !== void 0 ? enablePersistence : persistState;
-  const [permissions, setPermissions] = useState2({});
-  const [roles, setRoles] = useState2([]);
-  const [accessLevel, setAccessLevel] = useState2("viewer" /* VIEWER */);
-  const [rbacLoading, setRbacLoading] = useState2(false);
-  const [rbacError, setRbacError] = useState2(null);
-  const [selectedEventId, setSelectedEventId] = useState2(null);
-  const [appConfig, setAppConfig] = useState2(null);
-  const [userEventAccess, setUserEventAccess] = useState2([]);
-  const [eventAccessLoading, setEventAccessLoading] = useState2(false);
-  const [selectedOrganisationId, _setSelectedOrganisationId] = useState2(null);
-  useEffect2(() => {
-    if (!supabaseClient) return;
-    const loadAppConfig = async () => {
-      try {
-        const { getCurrentAppName } = await import("./appNameResolver-7GHF5ED2.js");
-        const resolvedAppName = getCurrentAppName() || appName;
-        const { data: appData, error: appError } = await supabaseClient.from("rbac_apps").select("id").eq("name", resolvedAppName).eq("is_active", true).single();
-        if (appError || !appData) {
-          console.warn("App not found or inactive:", resolvedAppName);
-          setAppConfig({
-            supports_direct_access: false,
-            requires_event: true
-          });
-          return;
-        }
-        const response = await supabaseClient.rpc("get_app_config", {
-          p_app_id: appData.id
-        });
-        const { data } = response || {};
-        if (data && data.length > 0) {
-          setAppConfig({
-            supports_direct_access: data[0].supports_direct_access,
-            requires_event: data[0].requires_event
-          });
-        } else {
-          setAppConfig({
-            supports_direct_access: false,
-            requires_event: true
-          });
-        }
-      } catch (error) {
-        console.warn("Clearing corrupted localStorage data");
-        if (typeof localStorage !== "undefined") {
-          localStorage.removeItem(STORAGE_KEYS.SELECTED_EVENT);
-        }
-        console.warn("Failed to load app configuration:", error);
-        setAppConfig({
-          supports_direct_access: false,
-          requires_event: true
-        });
-      }
-    };
-    loadAppConfig();
-  }, [supabaseClient, appName]);
-  useEffect2(() => {
-    const isSuperAdmin = user?.user_metadata?.globalRole === "super_admin";
-    if (isSuperAdmin) {
-      setRoles(["super_admin"]);
-    } else {
-      setRoles([]);
-    }
-  }, [user]);
-  useEffect2(() => {
-    if (!shouldPersist) return;
-    try {
-      const persistedEvent = localStorage.getItem(STORAGE_KEYS.SELECTED_EVENT);
-      if (persistedEvent) {
-        setSelectedEventId(JSON.parse(persistedEvent));
-      }
-    } catch (error) {
-      console.warn("Clearing corrupted localStorage data");
-      localStorage.removeItem(STORAGE_KEYS.SELECTED_EVENT);
-    }
-  }, [shouldPersist]);
-  useEffect2(() => {
-    if (!shouldPersist) return;
-    try {
-      if (selectedEventId) {
-        localStorage.setItem(
-          STORAGE_KEYS.SELECTED_EVENT,
-          JSON.stringify(selectedEventId)
-        );
-      } else {
-        localStorage.removeItem(STORAGE_KEYS.SELECTED_EVENT);
-      }
-    } catch (error) {
-      console.warn("Clearing corrupted localStorage data");
-      localStorage.removeItem(STORAGE_KEYS.SELECTED_EVENT);
-      console.warn("Failed to persist auth state:", error);
-    }
-  }, [selectedEventId, shouldPersist]);
-  const refreshPermissions = useCallback2(async (eventId) => {
-    if (!supabaseClient || !user || !appConfig || !session) {
-      DebugLogger.log("RBACProvider", "refreshPermissions: Missing required dependencies, clearing permissions");
-      setPermissions({});
-      setRoles([]);
-      setAccessLevel("viewer" /* VIEWER */);
-      return;
-    }
-    const isSuperAdmin = user?.user_metadata?.globalRole === "super_admin";
-    if (isSuperAdmin) {
-      setPermissions({
-        "admin:create": true,
-        "admin:read": true,
-        "admin:update": true,
-        "admin:delete": true,
-        "users:create": true,
-        "users:read": true,
-        "users:update": true,
-        "users:delete": true,
-        "events:create": true,
-        "events:read": true,
-        "events:update": true,
-        "events:delete": true
-      });
-      setRoles(["super_admin"]);
-      setAccessLevel("admin" /* ADMIN */);
-      return;
-    }
-    const shouldLoadDirectPermissions = !eventId && !appConfig.requires_event;
-    const shouldLoadEventPermissions = eventId;
-    const shouldClearPermissions = !eventId && appConfig.requires_event;
-    if (shouldClearPermissions) {
-      setPermissions({});
-      setRoles([]);
-      setAccessLevel("viewer" /* VIEWER */);
-      return;
-    }
-    if (!shouldLoadDirectPermissions && !shouldLoadEventPermissions) {
-      return;
-    }
-    setRbacLoading(true);
-    setRbacError(null);
-    try {
-      const { getCurrentAppName } = await import("./appNameResolver-7GHF5ED2.js");
-      const resolvedAppName = getCurrentAppName() || appName;
-      const { data: appData, error: appError } = await supabaseClient.from("rbac_apps").select("id").eq("name", resolvedAppName).eq("is_active", true).single();
-      if (appError || !appData) {
-        console.warn("App not found or inactive:", resolvedAppName);
-        setRbacLoading(false);
-        return;
-      }
-      const { data, error } = await supabaseClient.rpc("get_rbac_permissions", {
-        p_user_id: user.id,
-        p_app_id: appData.id,
-        p_event_id: eventId || null,
-        p_organisation_id: selectedOrganisationId || null
-      });
-      if (error) {
-        throw error;
-      }
-      const { permissions: permissions2, roles: roles2, access_level } = transformRBACPermissions(data, appName);
-      setPermissions(permissions2);
-      setRoles(roles2);
-      setAccessLevel(access_level);
-    } catch (err) {
-      setRbacError(err);
-    } finally {
-      setRbacLoading(false);
-    }
-  }, [supabaseClient, user, session, appName, appConfig, selectedOrganisationId]);
-  const loadUserEventAccess = useCallback2(async () => {
-    if (!supabaseClient || !user || !session) {
-      DebugLogger.log("RBACProvider", "loadUserEventAccess: Missing required dependencies, clearing event access");
-      setUserEventAccess([]);
-      return;
-    }
-    setEventAccessLoading(true);
-    try {
-      const { getCurrentAppName } = await import("./appNameResolver-7GHF5ED2.js");
-      const resolvedAppName = getCurrentAppName() || appName;
-      const { data: appData, error: appError } = await supabaseClient.from("rbac_apps").select("id").eq("name", resolvedAppName).eq("is_active", true).single();
-      if (appError || !appData) {
-        console.warn("App not found or inactive:", resolvedAppName);
-        setEventAccessLoading(false);
-        return;
-      }
-      const { data, error } = await supabaseClient.from("rbac_event_app_roles").select(`
-          event_id,
-          role,
-          granted_at
-        `).eq("user_id", user.id).eq("app_id", appData.id);
-      if (error) {
-        console.error("Failed to load user event access:", error);
-        setUserEventAccess([]);
-        return;
-      }
-      const eventAccess = data?.map((item) => ({
-        event_id: item.event_id,
-        event_name: "Unknown Event",
-        // Event details not available in this query
-        event_description: null,
-        // Not available in this schema
-        start_date: "",
-        // Event date not available in this query
-        end_date: "",
-        // Event date not available in this query
-        event_status: "unknown",
-        // Not available in this schema
-        app_id: appData.id,
-        access_level: item.role,
-        // Map role to access_level
-        granted_at: item.granted_at,
-        organisation_id: ""
-        // Will be populated from event's organisation_id if needed
-      })) || [];
-      setUserEventAccess(eventAccess);
-    } catch (error) {
-      console.warn("Clearing corrupted localStorage data");
-      localStorage.removeItem(STORAGE_KEYS.SELECTED_EVENT);
-      console.error("Error loading user event access:", error);
-      setUserEventAccess([]);
-    } finally {
-      setEventAccessLoading(false);
-    }
-  }, [supabaseClient, user, session, appName]);
-  const getUserEventAccess = useCallback2((eventId) => {
-    return userEventAccess.find((access) => access.event_id === eventId);
-  }, [userEventAccess]);
-  useEffect2(() => {
-    if (!user || !appConfig || !session) {
-      DebugLogger.log("RBACProvider", "Skipping permission refresh - no user, session, or app config");
-      return;
-    }
-    const isSuperAdmin = user?.user_metadata?.globalRole === "super_admin";
-    if (isSuperAdmin) {
-      setPermissions({
-        "admin:create": true,
-        "admin:read": true,
-        "admin:update": true,
-        "admin:delete": true,
-        "users:create": true,
-        "users:read": true,
-        "users:update": true,
-        "users:delete": true,
-        "events:create": true,
-        "events:read": true,
-        "events:update": true,
-        "events:delete": true
-      });
-      setRoles(["super_admin"]);
-      setAccessLevel("admin" /* ADMIN */);
-      return;
-    }
-    if (selectedEventId) {
-      refreshPermissions(selectedEventId);
-    } else if (!appConfig.requires_event) {
-      refreshPermissions();
-    } else {
-      setPermissions({});
-      setRoles([]);
-      setAccessLevel("viewer" /* VIEWER */);
-    }
-  }, [selectedEventId, user, session, appConfig, refreshPermissions]);
-  useEffect2(() => {
-    let isMounted = true;
-    if (user && session) {
-      DebugLogger.log("RBACProvider", "Loading user event access for authenticated user");
-      loadUserEventAccess().catch((error) => {
-        if (isMounted) {
-          console.error("Error loading user event access:", error);
-        }
-      });
-    } else {
-      DebugLogger.log("RBACProvider", "Clearing user event access - no user or session");
-      if (isMounted) {
-        setUserEventAccess([]);
-      }
-    }
-    return () => {
-      isMounted = false;
-    };
-  }, [user, session, loadUserEventAccess]);
-  const hasPermission = useCallback2((permission) => {
-    const hasPerm = !!permissions[permission];
-    return hasPerm;
-  }, [permissions]);
-  const hasAnyPermission = useCallback2((perms) => perms.some((p) => !!permissions[p]), [permissions]);
-  const hasAllPermissions = useCallback2((perms) => perms.every((p) => !!permissions[p]), [permissions]);
-  const hasRole = useCallback2((role) => {
-    const isSuperAdmin = user?.user_metadata?.globalRole === "super_admin";
-    if (role.toLowerCase() === "super_admin") {
-      return isSuperAdmin;
-    }
-    return roles.includes(role);
-  }, [roles, user]);
-  const hasAccessLevel = useCallback2((level) => {
-    const levels = Object.values(AccessLevel);
-    return levels.indexOf(accessLevel) >= levels.indexOf(level);
-  }, [accessLevel]);
-  const canAccess = useCallback2((resource, action) => {
-    const permission = `${resource}:${action}`;
-    const hasAccess = hasPermission(permission);
-    return hasAccess;
-  }, [hasPermission]);
-  const validatePermission = useCallback2(async (permission) => hasPermission(permission), [hasPermission]);
-  const validateAccess = useCallback2(async (resource, action) => {
-    return Promise.resolve(canAccess(resource, action));
-  }, [canAccess]);
-  const contextValue = useMemo2(() => ({
-    permissions,
-    roles,
-    accessLevel,
-    rbacLoading,
-    rbacError,
-    selectedEventId,
-    appConfig,
-    userEventAccess,
-    eventAccessLoading,
-    // Organisation context
-    selectedOrganisationId,
-    requireOrganisationContext: () => {
-      if (!selectedOrganisationId) {
-        throw new Error("Organisation context is required but not available");
-      }
-      return selectedOrganisationId;
-    },
-    hasPermission,
-    hasAnyPermission,
-    hasAllPermissions,
-    hasRole,
-    hasAccessLevel,
-    canAccess,
-    validatePermission,
-    validateAccess,
-    refreshPermissions,
-    setSelectedEventId,
-    // New RBAC system support
-    rbacEnabled: enableRBAC,
-    rbacContext: void 0,
-    // Will be populated by useRBAC hook when enabled
-    loadUserEventAccess,
-    getUserEventAccess
-  }), [
-    permissions,
-    roles,
-    accessLevel,
-    rbacLoading,
-    rbacError,
-    selectedEventId,
-    appConfig,
-    userEventAccess,
-    eventAccessLoading,
-    selectedOrganisationId,
-    hasPermission,
-    hasAnyPermission,
-    hasAllPermissions,
-    hasRole,
-    hasAccessLevel,
-    canAccess,
-    validatePermission,
-    validateAccess,
-    refreshPermissions,
-    setSelectedEventId,
-    enableRBAC,
-    loadUserEventAccess,
-    getUserEventAccess
-  ]);
-  return /* @__PURE__ */ jsx2(RBACContext.Provider, { value: contextValue, children });
-}
-var RBACContext, useRBAC, STORAGE_KEYS, transformRBACPermissions;
-var init_RBACProvider = __esm({
-  "src/providers/RBACProvider.tsx"() {
-    "use strict";
-    init_unified();
-    init_debugLogger();
-    RBACContext = createContext2(void 0);
-    useRBAC = () => {
-      const context = useContext2(RBACContext);
-      if (!context) {
-        throw new Error("useRBAC must be used within an RBACProvider");
-      }
-      return context;
-    };
-    STORAGE_KEYS = {
-      SELECTED_EVENT: "pace-core-selected-event"
-    };
-    transformRBACPermissions = (rbacData, _appName) => {
-      const permissions = {};
-      let roles = [];
-      let access_level = "viewer" /* VIEWER */;
-      if (!rbacData || !Array.isArray(rbacData)) {
-        return { permissions: {}, roles: ["viewer"], access_level: "viewer" /* VIEWER */ };
-      }
-      const superAdminPerm = rbacData.find((p) => p.permission_type === "all_permissions");
-      if (superAdminPerm) {
-        return {
-          permissions: { "all:all": true },
-          roles: ["super"],
-          access_level: "super" /* SUPER */
-        };
-      }
-      const eventAppPerms = rbacData.filter((p) => p.permission_type === "event_app_access");
-      if (eventAppPerms.length > 0) {
-        const role = eventAppPerms[0].role_name;
-        switch (role) {
-          case "event_admin":
-            access_level = "admin" /* ADMIN */;
-            roles = ["admin"];
-            break;
-          case "planner":
-            access_level = "planner" /* PLANNER */;
-            roles = ["planner"];
-            break;
-          case "participant":
-            access_level = "participant" /* PARTICIPANT */;
-            roles = ["participant"];
-            break;
-          case "editor":
-            access_level = "editor" /* EDITOR */;
-            roles = ["editor"];
-            break;
-          case "viewer":
-          default:
-            access_level = "viewer" /* VIEWER */;
-            roles = ["viewer"];
-            break;
-        }
-        const basePermissions = ["read"];
-        if (["event_admin", "planner"].includes(role)) {
-          basePermissions.push("create", "update");
-        }
-        if (role === "event_admin") {
-          basePermissions.push("delete");
-        }
-        basePermissions.forEach((operation) => {
-          permissions[`default:${operation}`] = true;
-        });
-      }
-      const orgPerms = rbacData.filter((p) => p.permission_type === "organisation_access");
-      if (orgPerms.length > 0) {
-        const role = orgPerms[0].role_name;
-        if (role === "org_admin") {
-          access_level = "admin" /* ADMIN */;
-          roles = ["admin"];
-          ["create", "read", "update", "delete"].forEach((operation) => {
-            permissions[`default:${operation}`] = true;
-          });
-        }
-      }
-      return { permissions, roles, access_level };
-    };
-  }
-});
-
-// src/hooks/useInactivityTracker.ts
-import { useState as useState3, useEffect as useEffect3, useCallback as useCallback3, useRef } from "react";
-function throttle(func, limit) {
-  let inThrottle;
-  return function(...args) {
-    if (!inThrottle) {
-      func.apply(this, args);
-      inThrottle = true;
-      setTimeout(() => inThrottle = false, limit);
-    }
-  };
-}
-function useInactivityTracker({
-  idleTimeoutMs = 30 * 60 * 1e3,
-  // 30 minutes
-  warnBeforeMs = 60 * 1e3,
-  // 1 minute
-  onIdle,
-  onWarning,
-  onActivity,
-  enabled = true,
-  storageKey = "pace-core-inactivity",
-  channelName = "pace-core-inactivity"
-} = {}) {
-  const [isIdle, setIsIdle] = useState3(false);
-  const [timeRemaining, setTimeRemaining] = useState3(idleTimeoutMs);
-  const [showWarning, setShowWarning] = useState3(false);
-  const [isTracking, setIsTracking] = useState3(false);
-  useEffect3(() => {
-    if (!enabled) {
-      setIsTracking(false);
-      setIsIdle(false);
-      setShowWarning(false);
-      setTimeRemaining(idleTimeoutMs);
-    }
-  }, [enabled, idleTimeoutMs]);
-  const timeoutRef = useRef(null);
-  const warningTimeoutRef = useRef(null);
-  const countdownIntervalRef = useRef(null);
-  const lastActivityRef = useRef(Date.now());
-  const channelRef = useRef(null);
-  const clearTimers = useCallback3(() => {
-    if (timeoutRef.current) {
-      clearTimeout(timeoutRef.current);
-      timeoutRef.current = null;
-    }
-    if (warningTimeoutRef.current) {
-      clearTimeout(warningTimeoutRef.current);
-      warningTimeoutRef.current = null;
-    }
-    if (countdownIntervalRef.current) {
-      clearInterval(countdownIntervalRef.current);
-      countdownIntervalRef.current = null;
-    }
-  }, []);
-  const resetActivity = useCallback3((skipActivityCallback = false) => {
-    if (!enabled) return;
-    const now = Date.now();
-    lastActivityRef.current = now;
-    clearTimers();
-    setIsIdle(false);
-    setShowWarning(false);
-    setTimeRemaining(idleTimeoutMs);
-    if (!skipActivityCallback) {
-      onActivity?.();
-    }
-    const warningTime = idleTimeoutMs - warnBeforeMs;
-    if (warningTime > 0) {
-      warningTimeoutRef.current = setTimeout(() => {
-        setShowWarning(true);
-        onWarning?.();
-      }, warningTime);
-    }
-    timeoutRef.current = setTimeout(() => {
-      setIsIdle(true);
-      onIdle?.();
-    }, idleTimeoutMs);
-    countdownIntervalRef.current = setInterval(() => {
-      const elapsed = Date.now() - lastActivityRef.current;
-      const remaining = Math.max(0, idleTimeoutMs - elapsed);
-      setTimeRemaining(remaining);
-      if (remaining === 0) {
-        clearTimers();
-      }
-    }, 1e3);
-    try {
-      localStorage.setItem(storageKey, now.toString());
-    } catch (error) {
-      console.warn("[useInactivityTracker] Failed to persist activity time:", error);
-    }
-    try {
-      if (channelRef.current) {
-        channelRef.current.postMessage({ type: "activity", timestamp: now });
-      }
-    } catch (error) {
-      console.warn("[useInactivityTracker] Failed to broadcast activity:", error);
-    }
-  }, [enabled, idleTimeoutMs, warnBeforeMs, onIdle, onWarning, onActivity, storageKey, clearTimers]);
-  const startTracking = useCallback3(() => {
-    if (!enabled) return;
-    setIsTracking(false);
-    setIsIdle(false);
-    setShowWarning(false);
-    setTimeRemaining(idleTimeoutMs);
-    clearTimers();
-    setIsTracking(true);
-    try {
-      if (typeof BroadcastChannel !== "undefined") {
-        channelRef.current = new BroadcastChannel(channelName);
-        channelRef.current.onmessage = (event) => {
-          if (event.data.type === "activity") {
-            lastActivityRef.current = event.data.timestamp;
-            resetActivity();
-          }
-        };
-      }
-    } catch (error) {
-      console.warn("[useInactivityTracker] Failed to set up cross-tab communication:", error);
-    }
-    try {
-      const persistedTime = localStorage.getItem(storageKey);
-      if (persistedTime) {
-        const persistedTimestamp = parseInt(persistedTime, 10);
-        const elapsed = Date.now() - persistedTimestamp;
-        if (elapsed < idleTimeoutMs) {
-          lastActivityRef.current = persistedTimestamp;
-          const remaining = idleTimeoutMs - elapsed;
-          setTimeRemaining(remaining);
-          if (remaining <= warnBeforeMs) {
-            setShowWarning(true);
-            onWarning?.();
-          }
-          if (remaining <= 0) {
-            setIsIdle(true);
-            onIdle?.();
-            return;
-          }
-        }
-      }
-    } catch (error) {
-      console.warn("[useInactivityTracker] Failed to check persisted activity time:", error);
-    }
-    const throttledResetActivity = throttle((event) => {
-      resetActivity();
-    }, 100);
-    const addEventListeners = () => {
-      ACTIVITY_EVENTS.forEach((event) => {
-        document.addEventListener(event, throttledResetActivity, { passive: true });
-      });
-    };
-    const removeEventListeners = () => {
-      ACTIVITY_EVENTS.forEach((event) => {
-        document.removeEventListener(event, throttledResetActivity);
-      });
-    };
-    addEventListeners();
-    resetActivity(true);
-    return () => {
-      removeEventListeners();
-      clearTimers();
-      if (channelRef.current) {
-        channelRef.current.close();
-        channelRef.current = null;
-      }
-    };
-  }, [enabled, isTracking, channelName, storageKey, idleTimeoutMs, warnBeforeMs, onIdle, onWarning]);
-  const stopTracking = useCallback3(() => {
-    setIsTracking(false);
-    clearTimers();
-    if (channelRef.current) {
-      channelRef.current.close();
-      channelRef.current = null;
-    }
-  }, [clearTimers]);
-  useEffect3(() => {
-    if (enabled) {
-      const cleanup = startTracking();
-      return cleanup;
-    } else {
-      stopTracking();
-    }
-  }, [enabled, idleTimeoutMs, warnBeforeMs]);
-  useEffect3(() => {
-    return () => {
-      clearTimers();
-      if (channelRef.current) {
-        channelRef.current.close();
-      }
-    };
-  }, [clearTimers]);
-  return {
-    isIdle,
-    timeRemaining,
-    showWarning,
-    resetActivity,
-    startTracking,
-    stopTracking,
-    isTracking
-  };
-}
-var ACTIVITY_EVENTS;
-var init_useInactivityTracker = __esm({
-  "src/hooks/useInactivityTracker.ts"() {
-    "use strict";
-    ACTIVITY_EVENTS = [
-      "mousedown",
-      "mousemove",
-      "mouseup",
-      "click",
-      "scroll",
-      "wheel",
-      "touchstart",
-      "touchmove",
-      "touchend",
-      "keydown",
-      "keyup",
-      "keypress",
-      "focus",
-      "blur",
-      "visibilitychange"
-    ];
-  }
-});
-
-// src/components/InactivityWarningModal/InactivityWarningModal.tsx
-import { useEffect as useEffect4, useState as useState4, useCallback as useCallback4 } from "react";
-import { Clock, AlertTriangle } from "lucide-react";
-import { jsx as jsx3, jsxs } from "react/jsx-runtime";
-function InactivityWarningModal({
-  isOpen,
-  timeRemaining,
-  onStaySignedIn,
-  onSignOutNow,
-  title = "Session Timeout Warning",
-  description = "You've been inactive for a while. Your session will expire soon for security reasons.",
-  className
-}) {
-  const [displayTime, setDisplayTime] = useState4(timeRemaining);
-  useEffect4(() => {
-    setDisplayTime(timeRemaining);
-  }, [timeRemaining]);
-  const formatTime = useCallback4((seconds) => {
-    const mins = Math.floor(seconds / 60);
-    const secs = seconds % 60;
-    return `${mins.toString().padStart(2, "0")}:${secs.toString().padStart(2, "0")}`;
-  }, []);
-  return /* @__PURE__ */ jsx3(Dialog, { open: isOpen, onOpenChange: (open) => !open && onStaySignedIn(), children: /* @__PURE__ */ jsxs(
-    DialogContent,
-    {
-      className: `sm:max-w-md ${className || ""}`,
-      preventCloseOnEscape: false,
-      preventCloseOnOutsideClick: true,
-      "data-testid": "inactivity-warning-modal",
-      children: [
-        /* @__PURE__ */ jsxs(DialogHeader, { children: [
-          /* @__PURE__ */ jsxs("div", { className: "flex items-center gap-3", children: [
-            /* @__PURE__ */ jsx3("div", { className: "flex-shrink-0", children: /* @__PURE__ */ jsx3(AlertTriangle, { className: "h-6 w-6 text-acc-600" }) }),
-            /* @__PURE__ */ jsx3("div", { children: /* @__PURE__ */ jsx3(DialogTitle, { className: "text-lg font-semibold text-main-900", children: title }) })
-          ] }),
-          /* @__PURE__ */ jsx3(DialogDescription, { className: "text-main-700 mt-2", children: description })
-        ] }),
-        /* @__PURE__ */ jsxs("div", { className: "space-y-6", children: [
-          /* @__PURE__ */ jsxs("div", { className: "text-center", children: [
-            /* @__PURE__ */ jsxs("div", { className: "inline-flex items-center gap-2 px-4 py-3 bg-acc-50 border border-acc-200 rounded-lg", children: [
-              /* @__PURE__ */ jsx3(Clock, { className: "h-5 w-5 text-acc-600" }),
-              /* @__PURE__ */ jsx3("span", { className: "text-2xl font-mono font-bold text-acc-700", children: formatTime(displayTime) })
-            ] }),
-            /* @__PURE__ */ jsx3("p", { className: "text-sm text-main-600 mt-2", children: "Time remaining before automatic logout" })
-          ] }),
-          /* @__PURE__ */ jsxs("div", { className: "flex flex-col sm:flex-row gap-3", children: [
-            /* @__PURE__ */ jsx3(
-              Button,
-              {
-                onClick: onStaySignedIn,
-                className: "flex-1 bg-main-600 hover:bg-main-700 text-main-50",
-                size: "lg",
-                children: "Stay Signed In"
-              }
-            ),
-            /* @__PURE__ */ jsx3(
-              Button,
-              {
-                onClick: onSignOutNow,
-                variant: "outline",
-                className: "flex-1 border-acc-300 text-acc-700 hover:bg-acc-50",
-                size: "lg",
-                children: "Sign Out Now"
-              }
-            )
-          ] }),
-          /* @__PURE__ */ jsx3("div", { className: "text-xs text-main-500 text-center", children: /* @__PURE__ */ jsx3("p", { children: "For security reasons, you'll be automatically signed out after 30 minutes of inactivity." }) })
-        ] })
-      ]
-    }
-  ) });
-}
-var init_InactivityWarningModal = __esm({
-  "src/components/InactivityWarningModal/InactivityWarningModal.tsx"() {
-    "use strict";
-    init_Dialog();
-    init_Button();
-  }
-});
-
-// src/providers/InactivityProvider.tsx
-import { createContext as createContext3, useContext as useContext3, useState as useState5, useEffect as useEffect5, useCallback as useCallback5, useMemo as useMemo3 } from "react";
-import { jsx as jsx4, jsxs as jsxs2 } from "react/jsx-runtime";
-function InactivityProvider({
-  children,
-  user,
-  session,
-  supabaseClient,
-  idleTimeoutMs = 30 * 60 * 1e3,
-  // 30 minutes
-  warnBeforeMs = 60 * 1e3,
-  // 60 seconds
-  onIdleLogout,
-  renderInactivityWarning,
-  dangerouslyDisableInactivity = false
-}) {
-  const [showInactivityWarning, setShowInactivityWarning] = useState5(false);
-  const [inactivityTimeRemaining, setInactivityTimeRemaining] = useState5(0);
-  useEffect5(() => {
-    if (typeof window !== "undefined") {
-      const isProduction = true;
-      if (isProduction && dangerouslyDisableInactivity) {
-        console.error("[InactivityProvider] CRITICAL: dangerouslyDisableInactivity is not allowed in production! Auto-enabling inactivity feature.");
-      }
-      if (!isProduction && dangerouslyDisableInactivity) {
-        console.warn("[InactivityProvider] Inactivity feature disabled for development. This will NOT work in production.");
-      }
-    }
-  }, [dangerouslyDisableInactivity]);
-  const isInactivityEnabled = typeof window !== "undefined" && (false ? !dangerouslyDisableInactivity : true);
-  const {
-    isIdle,
-    timeRemaining,
-    showWarning,
-    resetActivity,
-    startTracking,
-    stopTracking,
-    isTracking
-  } = useInactivityTracker({
-    idleTimeoutMs,
-    warnBeforeMs,
-    enabled: isInactivityEnabled && !!user && !!session,
-    onIdle: useCallback5(() => {
-      setShowInactivityWarning(false);
-      setInactivityTimeRemaining(0);
-      if (supabaseClient) {
-        supabaseClient.auth.signOut().catch((error) => {
-          console.error("[InactivityProvider] Error during idle logout:", error);
-        });
-      }
-      onIdleLogout?.("inactivity");
-    }, [supabaseClient, onIdleLogout]),
-    onWarning: useCallback5(() => {
-      setShowInactivityWarning(true);
-      setInactivityTimeRemaining(warnBeforeMs);
-    }, [warnBeforeMs]),
-    onActivity: useCallback5(() => {
-      setShowInactivityWarning(false);
-      setInactivityTimeRemaining(0);
-    }, [])
-  });
-  const handleIdleLogout = useCallback5(async () => {
-    setShowInactivityWarning(false);
-    setInactivityTimeRemaining(0);
-    stopTracking();
-    try {
-      if (supabaseClient) {
-        await supabaseClient.auth.signOut();
-      }
-    } catch (error) {
-      console.error("[InactivityProvider] Error during idle logout:", error);
-    }
-    onIdleLogout?.("inactivity");
-  }, [supabaseClient, onIdleLogout, stopTracking]);
-  const handleStaySignedIn = useCallback5(() => {
-    setShowInactivityWarning(false);
-    setInactivityTimeRemaining(0);
-    resetActivity();
-  }, [resetActivity]);
-  const handleSignOutNow = useCallback5(async () => {
-    setShowInactivityWarning(false);
-    setInactivityTimeRemaining(0);
-    stopTracking();
-    try {
-      if (supabaseClient) {
-        await supabaseClient.auth.signOut();
-      }
-    } catch (error) {
-      console.error("[InactivityProvider] Error during manual sign out:", error);
-    }
-    onIdleLogout?.("inactivity");
-  }, [supabaseClient, onIdleLogout, stopTracking]);
-  useEffect5(() => {
-    if (showWarning && timeRemaining > 0) {
-      setInactivityTimeRemaining(Math.ceil(timeRemaining / 1e3));
-    }
-  }, [showWarning, timeRemaining]);
-  const contextValue = useMemo3(() => ({
-    showInactivityWarning,
-    inactivityTimeRemaining,
-    isIdle,
-    timeRemaining,
-    showWarning,
-    isTracking,
-    resetActivity,
-    startTracking,
-    stopTracking,
-    handleIdleLogout,
-    handleStaySignedIn,
-    handleSignOutNow
-  }), [
-    showInactivityWarning,
-    inactivityTimeRemaining,
-    isIdle,
-    timeRemaining,
-    showWarning,
-    isTracking,
-    resetActivity,
-    startTracking,
-    stopTracking,
-    handleIdleLogout,
-    handleStaySignedIn,
-    handleSignOutNow
-  ]);
-  return /* @__PURE__ */ jsxs2(InactivityContext.Provider, { value: contextValue, children: [
-    children,
-    showInactivityWarning && (renderInactivityWarning ? renderInactivityWarning({
-      timeRemaining: inactivityTimeRemaining,
-      onStaySignedIn: handleStaySignedIn,
-      onSignOutNow: handleSignOutNow
-    }) : /* @__PURE__ */ jsx4(
-      InactivityWarningModal,
-      {
-        isOpen: showInactivityWarning,
-        timeRemaining: inactivityTimeRemaining,
-        onStaySignedIn: handleStaySignedIn,
-        onSignOutNow: handleSignOutNow
-      }
-    ))
-  ] });
-}
-var InactivityContext, useInactivity;
-var init_InactivityProvider = __esm({
-  "src/providers/InactivityProvider.tsx"() {
-    "use strict";
-    init_useInactivityTracker();
-    init_InactivityWarningModal();
-    InactivityContext = createContext3(void 0);
-    useInactivity = () => {
-      const context = useContext3(InactivityContext);
-      if (!context) {
-        throw new Error("useInactivity must be used within an InactivityProvider");
-      }
-      return context;
-    };
-  }
-});
-
-// src/providers/UnifiedAuthProvider.tsx
-var UnifiedAuthProvider_exports = {};
-__export(UnifiedAuthProvider_exports, {
-  UnifiedAuthProvider: () => UnifiedAuthProvider,
-  useUnifiedAuth: () => useUnifiedAuth
-});
-import { createContext as createContext4, useContext as useContext4, useMemo as useMemo4 } from "react";
-import { jsx as jsx5 } from "react/jsx-runtime";
-function UnifiedAuthContextProvider({
-  children,
-  appName,
-  ...props
-}) {
-  const auth = useAuth();
-  const rbac = useRBAC();
-  const inactivity = useInactivity();
-  const contextValue = useMemo4(() => ({
-    ...auth,
-    ...rbac,
-    ...inactivity,
-    appName,
-    isLoading: auth.authLoading || rbac.rbacLoading,
-    hasErrors: !!auth.authError || !!rbac.rbacError
-  }), [auth, rbac, inactivity, appName]);
-  return /* @__PURE__ */ jsx5(UnifiedAuthContext.Provider, { value: contextValue, children });
-}
-function AuthAwareProviders({
-  children,
-  supabaseClient,
-  appName,
-  persistState,
-  enablePersistence,
-  requireOrganisationContext,
-  enableRBAC,
-  idleTimeoutMs,
-  warnBeforeMs,
-  onIdleLogout,
-  renderInactivityWarning,
-  dangerouslyDisableInactivity
-}) {
-  const auth = useAuth();
-  return /* @__PURE__ */ jsx5(
-    RBACProvider,
-    {
-      supabaseClient,
-      user: auth.user,
-      session: auth.session,
-      appName,
-      enableRBAC,
-      persistState,
-      enablePersistence,
-      requireOrganisationContext,
-      children: /* @__PURE__ */ jsx5(
-        InactivityProvider,
-        {
-          user: auth.user,
-          session: auth.session,
-          supabaseClient,
-          idleTimeoutMs,
-          warnBeforeMs,
-          onIdleLogout,
-          renderInactivityWarning,
-          dangerouslyDisableInactivity,
-          children: /* @__PURE__ */ jsx5(
-            UnifiedAuthContextProvider,
-            {
-              appName,
-              supabaseClient,
-              persistState,
-              enablePersistence,
-              requireOrganisationContext,
-              enableRBAC,
-              idleTimeoutMs,
-              warnBeforeMs,
-              onIdleLogout,
-              renderInactivityWarning,
-              dangerouslyDisableInactivity,
-              children
-            }
-          )
-        }
-      )
-    }
-  );
-}
-function UnifiedAuthProvider({
-  children,
-  supabaseClient,
-  appName,
-  persistState = true,
-  enablePersistence,
-  requireOrganisationContext = true,
-  enableRBAC = false,
-  idleTimeoutMs = 30 * 60 * 1e3,
-  // 30 minutes
-  warnBeforeMs = 60 * 1e3,
-  // 60 seconds
-  onIdleLogout,
-  renderInactivityWarning,
-  dangerouslyDisableInactivity = false
-}) {
-  return /* @__PURE__ */ jsx5(AuthProvider, { supabaseClient, children: /* @__PURE__ */ jsx5(
-    AuthAwareProviders,
-    {
-      supabaseClient,
-      appName,
-      persistState,
-      enablePersistence,
-      requireOrganisationContext,
-      enableRBAC,
-      idleTimeoutMs,
-      warnBeforeMs,
-      onIdleLogout,
-      renderInactivityWarning,
-      dangerouslyDisableInactivity,
-      children
-    }
-  ) });
-}
-var UnifiedAuthContext, useUnifiedAuth;
-var init_UnifiedAuthProvider = __esm({
-  "src/providers/UnifiedAuthProvider.tsx"() {
-    "use strict";
-    init_AuthProvider();
-    init_RBACProvider();
-    init_InactivityProvider();
-    UnifiedAuthContext = createContext4(void 0);
-    useUnifiedAuth = () => {
-      const context = useContext4(UnifiedAuthContext);
-      if (!context) {
-        throw new Error("useUnifiedAuth must be used within a UnifiedAuthProvider");
-      }
-      return context;
-    };
-  }
-});
-
-// src/providers/OrganisationProvider.tsx
-var OrganisationProvider_exports = {};
-__export(OrganisationProvider_exports, {
-  OrganisationProvider: () => OrganisationProvider,
-  useOrganisations: () => useOrganisations
-});
-import { createContext as createContext5, useContext as useContext5, useState as useState6, useEffect as useEffect6, useCallback as useCallback6, useMemo as useMemo5 } from "react";
-import { useNavigate } from "react-router-dom";
-import { jsx as jsx6, jsxs as jsxs3 } from "react/jsx-runtime";
-function OrganisationProvider({ children }) {
-  const [selectedOrganisation, setSelectedOrganisation] = useState6(null);
-  const [organisations, setOrganisations] = useState6([]);
-  const [userMemberships, setUserMemberships] = useState6([]);
-  const [roleMapState, setRoleMapState] = useState6(/* @__PURE__ */ new Map());
-  const [isLoading, setIsLoading] = useState6(true);
-  const [error, setError] = useState6(null);
-  const [isContextReady, setIsContextReady] = useState6(false);
-  const { user, session, supabase, signOut } = useUnifiedAuth();
-  let navigate = null;
-  try {
-    navigate = useNavigate();
-  } catch (error2) {
-    navigate = null;
-  }
-  const setDatabaseOrganisationContext = useCallback6(async (organisation) => {
-    if (!supabase || !session) {
-      console.warn("[OrganisationProvider] No Supabase client or session available for setting organisation context");
-      setIsContextReady(false);
-      return;
-    }
-    try {
-      await setOrganisationContext(supabase, organisation.id);
-      DebugLogger.log("OrganisationProvider", "Database organisation context set to:", organisation.display_name);
-      setIsContextReady(true);
-    } catch (error2) {
-      console.error("[OrganisationProvider] Failed to set database organisation context:", error2);
-      setIsContextReady(false);
-    }
-  }, [supabase, session]);
-  useEffect6(() => {
-    if (selectedOrganisation && supabase && session) {
-      setIsContextReady(false);
-      (async () => {
-        await setDatabaseOrganisationContext(selectedOrganisation);
-      })();
-    } else {
-      setIsContextReady(false);
-    }
-  }, [selectedOrganisation, setDatabaseOrganisationContext, supabase, session]);
-  const loadUserOrganisations = useCallback6(async () => {
-    if (!user || !session || !supabase) {
-      DebugLogger.log("OrganisationProvider", "Clearing organisation state - no user, session, or supabase client");
-      setSelectedOrganisation(null);
-      setOrganisations([]);
-      setUserMemberships([]);
-      setIsLoading(false);
-      setError(null);
-      return;
-    }
-    setIsLoading(true);
-    setError(null);
-    try {
-      DebugLogger.log("OrganisationProvider", "Loading organisations for user:", user.id);
-      let memberships, membershipError;
-      try {
-        const result = await supabase.from("rbac_organisation_roles").select(`
-              id,
-              user_id,
-              organisation_id,
-              role,
-              status,
-              granted_at,
-              granted_by,
-              revoked_at,
-              revoked_by,
-              notes,
-              created_at,
-              updated_at
-            `).eq("user_id", user.id).eq("status", "active").is("revoked_at", null).in("role", ["org_admin", "leader", "member"]);
-        memberships = result.data;
-        membershipError = result.error;
-      } catch (queryError) {
-        membershipError = queryError;
-      }
-      if (membershipError) {
-        console.error("[OrganisationProvider] Error loading memberships:", membershipError);
-        throw membershipError;
-      }
-      DebugLogger.log("OrganisationProvider", "Raw memberships data:", memberships);
-      if (!memberships || memberships.length === 0) {
-        throw new Error("User has no active organisation memberships");
-      }
-      const organisationIds = memberships.map((m) => m.organisation_id);
-      const { data: organisations2, error: orgError } = await supabase.from("organisations").select("id, name, display_name, subscription_tier, settings, is_active, parent_id, created_at, updated_at").in("id", organisationIds);
-      if (orgError) {
-        console.error("[OrganisationProvider] Error loading organisations:", orgError);
-        throw orgError;
-      }
-      const roleMap = /* @__PURE__ */ new Map();
-      memberships?.forEach((membership) => {
-        roleMap.set(membership.organisation_id, membership.role);
-      });
-      const orgs = organisations2;
-      const activeOrgs = orgs.filter((org) => org.is_active);
-      if (activeOrgs.length === 0) {
-        throw new Error("User has no access to active organisations");
-      }
-      DebugLogger.log("OrganisationProvider", "Active organisations:", activeOrgs);
-      setOrganisations(activeOrgs);
-      setUserMemberships(memberships);
-      setRoleMapState(roleMap);
-      let initialOrg = null;
-      try {
-        const persistedOrgString = localStorage.getItem(STORAGE_KEYS2.SELECTED_ORGANISATION);
-        if (persistedOrgString) {
-          const persistedOrg = JSON.parse(persistedOrgString);
-          const validPersistedOrg = activeOrgs.find((org) => org.id === persistedOrg.id);
-          if (validPersistedOrg) {
-            initialOrg = validPersistedOrg;
-            DebugLogger.log("OrganisationProvider", "Restored persisted organisation:", initialOrg.display_name);
-          }
-        }
-      } catch (storageError) {
-        console.warn("[OrganisationProvider] Failed to restore persisted organisation:", storageError);
-      }
-      if (!initialOrg) {
-        const adminMembership = memberships.find((m) => m.role === "org_admin");
-        if (adminMembership) {
-          const foundOrg = organisations2.find((org) => org.id === adminMembership.organisation_id);
-          if (foundOrg) {
-            initialOrg = foundOrg;
-            DebugLogger.log("OrganisationProvider", "Selected org_admin organisation:", initialOrg.display_name);
-          }
-        }
-      }
-      if (!initialOrg) {
-        initialOrg = activeOrgs[0];
-        DebugLogger.log("OrganisationProvider", "Selected first organisation:", initialOrg.display_name);
-      }
-      if (!initialOrg) {
-        throw new Error("No valid organisation found for user");
-      }
-      setSelectedOrganisation(initialOrg);
-      localStorage.setItem(STORAGE_KEYS2.SELECTED_ORGANISATION, JSON.stringify(initialOrg));
-      DebugLogger.log("OrganisationProvider", "Organisation context established:", {
-        selectedOrganisation: initialOrg.display_name,
-        totalOrganisations: activeOrgs.length,
-        userRole: roleMap.get(initialOrg.id)
-      });
-    } catch (err) {
-      console.error("[OrganisationProvider] Failed to load organisations:", err);
-      setError(err);
-      setSelectedOrganisation(null);
-      setOrganisations([]);
-      setUserMemberships([]);
-      localStorage.removeItem(STORAGE_KEYS2.SELECTED_ORGANISATION);
-    } finally {
-      setIsLoading(false);
-    }
-  }, [user, session, supabase]);
-  useEffect6(() => {
-    loadUserOrganisations();
-  }, [loadUserOrganisations]);
-  const handleLogoutAndRedirect = useCallback6(async () => {
-    try {
-      await signOut();
-      if (navigate) {
-        navigate("/login", { replace: true });
-      } else {
-        window.location.href = "/login";
-      }
-    } catch (error2) {
-      console.error("[OrganisationProvider] Error during logout:", error2);
-      if (navigate) {
-        navigate("/login", { replace: true });
-      } else {
-        window.location.href = "/login";
-      }
-    }
-  }, [signOut, navigate]);
-  const ensureOrganisationContext = useCallback6(() => {
-    if (!selectedOrganisation) {
-      throw new Error("Organisation context is required but not available");
-    }
-    return selectedOrganisation;
-  }, [selectedOrganisation]);
-  const getUserRole = useCallback6((orgId) => {
-    const targetOrgId = orgId || selectedOrganisation?.id;
-    if (!targetOrgId) return "no_access";
-    return roleMapState.get(targetOrgId) || "no_access";
-  }, [roleMapState, selectedOrganisation]);
-  const validateOrganisationAccess = useCallback6((orgId) => {
-    return userMemberships.some(
-      (m) => m.organisation_id === orgId && m.status === "active" && m.revoked_at === null
-    );
-  }, [userMemberships]);
-  const switchOrganisation = useCallback6(async (orgId) => {
-    DebugLogger.log("OrganisationProvider", "Switching to organisation:", orgId);
-    if (!validateOrganisationAccess(orgId)) {
-      throw new Error(`User does not have access to organisation ${orgId}`);
-    }
-    const targetOrg = organisations.find((org) => org.id === orgId);
-    if (!targetOrg) {
-      throw new Error(`Organisation ${orgId} not found in user's organisations`);
-    }
-    setSelectedOrganisation(targetOrg);
-    localStorage.setItem(STORAGE_KEYS2.SELECTED_ORGANISATION, JSON.stringify(targetOrg));
-    await setDatabaseOrganisationContext(targetOrg);
-    DebugLogger.log("OrganisationProvider", "Switched to organisation:", targetOrg.display_name);
-  }, [organisations, validateOrganisationAccess, setDatabaseOrganisationContext]);
-  const refreshOrganisations = useCallback6(async () => {
-    if (!user || !session || !supabase) return;
-    setIsLoading(true);
-  }, [user, session, supabase]);
-  const getPrimaryOrganisation = useCallback6(() => {
-    const rolePriority = ["org_admin", "leader", "member"];
-    for (const role of rolePriority) {
-      const membership = userMemberships.find((m) => m.role === role);
-      if (membership) {
-        return organisations.find((org) => org.id === membership.organisation_id) || null;
-      }
-    }
-    return null;
-  }, [userMemberships, organisations]);
-  const isOrganisationSecure = useCallback6(() => {
-    return !!(selectedOrganisation && user);
-  }, [selectedOrganisation, user]);
-  const buildOrganisationHierarchy = useCallback6((orgs) => {
-    const orgMap = /* @__PURE__ */ new Map();
-    orgs.forEach((org) => orgMap.set(org.id, org));
-    const roots = [];
-    orgs.forEach((org) => {
-      if (!org.parent_id) {
-        roots.push({
-          organisation: org,
-          children: [],
-          depth: 0
-        });
-      }
-    });
-    return roots;
-  }, []);
-  const hasValidOrganisationContext = useMemo5(() => {
-    return !!(selectedOrganisation && !isLoading && !error && isContextReady);
-  }, [selectedOrganisation, isLoading, error, isContextReady]);
-  const contextValue = useMemo5(() => {
-    if (!selectedOrganisation) {
-      const placeholderOrg = {
-        id: "",
-        name: "",
-        display_name: "",
-        subscription_tier: "standard",
-        settings: {},
-        is_active: false,
-        created_at: "",
-        updated_at: ""
-      };
-      return {
-        selectedOrganisation: placeholderOrg,
-        organisations: [],
-        userMemberships: [],
-        isLoading,
-        error,
-        hasValidOrganisationContext: false,
-        setSelectedOrganisation: () => {
-        },
-        switchOrganisation: async () => {
-        },
-        getUserRole: () => "no_access",
-        validateOrganisationAccess: () => false,
-        refreshOrganisations: async () => {
-        },
-        ensureOrganisationContext: () => {
-          throw new Error("No organisation context");
-        },
-        isOrganisationSecure: () => false,
-        getPrimaryOrganisation: () => null
-      };
-    }
-    return {
-      selectedOrganisation,
-      organisations,
-      userMemberships,
-      isLoading,
-      error,
-      hasValidOrganisationContext,
-      setSelectedOrganisation,
-      switchOrganisation,
-      getUserRole,
-      validateOrganisationAccess,
-      refreshOrganisations,
-      ensureOrganisationContext,
-      isOrganisationSecure,
-      getPrimaryOrganisation
-    };
-  }, [
-    selectedOrganisation,
-    organisations,
-    userMemberships,
-    isLoading,
-    error,
-    hasValidOrganisationContext,
-    switchOrganisation,
-    getUserRole,
-    validateOrganisationAccess,
-    refreshOrganisations,
-    ensureOrganisationContext,
-    isOrganisationSecure,
-    getPrimaryOrganisation
-  ]);
-  if (isLoading || selectedOrganisation && !isContextReady) {
-    return /* @__PURE__ */ jsx6("div", { className: "organisation-loading", role: "status", "aria-label": "Loading organisation context", children: /* @__PURE__ */ jsx6("div", { className: "flex items-center justify-center min-h-screen", children: /* @__PURE__ */ jsxs3("div", { className: "text-center", children: [
-      /* @__PURE__ */ jsx6("div", { className: "animate-spin rounded-full h-8 w-8 border-b-2 border-primary mx-auto mb-4" }),
-      /* @__PURE__ */ jsx6("p", { className: "text-muted-foreground", children: isLoading ? "Loading organisation context..." : "Setting up organisation context..." })
-    ] }) }) });
-  }
-  if (error || user && !selectedOrganisation) {
-    return /* @__PURE__ */ jsx6("div", { className: "organisation-error", role: "alert", children: /* @__PURE__ */ jsx6("div", { className: "flex items-center justify-center min-h-screen", children: /* @__PURE__ */ jsxs3("div", { className: "text-center max-w-md mx-auto p-6", children: [
-      /* @__PURE__ */ jsx6("div", { className: "text-destructive mb-4", children: /* @__PURE__ */ jsx6("svg", { className: "h-12 w-12 mx-auto", fill: "none", viewBox: "0 0 24 24", stroke: "currentColor", children: /* @__PURE__ */ jsx6("path", { strokeLinecap: "round", strokeLinejoin: "round", strokeWidth: 2, d: "M12 9v2m0 4h.01m-6.938 4h13.856c1.54 0 2.502-1.667 1.732-2.5L13.732 4c-.77-.833-1.732-.833-2.464 0L4.35 16.5c-.77.833.192 2.5 1.732 2.5z" }) }) }),
-      /* @__PURE__ */ jsx6("h2", { className: "text-xl font-semibold text-foreground mb-2", children: "Organisation Access Required" }),
-      /* @__PURE__ */ jsx6("p", { className: "text-muted-foreground mb-4", children: error?.message || "No valid organisation context available. Please contact your administrator to be added to an organisation." }),
-      /* @__PURE__ */ jsx6(
-        "button",
-        {
-          onClick: handleLogoutAndRedirect,
-          className: "px-4 py-2 bg-primary text-primary-foreground rounded-md hover:bg-primary/90",
-          children: "Sign Out"
-        }
-      )
-    ] }) }) });
-  }
-  return /* @__PURE__ */ jsx6(OrganisationContext.Provider, { value: contextValue, children });
-}
-var OrganisationContext, STORAGE_KEYS2, useOrganisations;
-var init_OrganisationProvider = __esm({
-  "src/providers/OrganisationProvider.tsx"() {
-    "use strict";
-    init_UnifiedAuthProvider();
-    init_organisationContext();
-    init_debugLogger();
-    OrganisationContext = createContext5(void 0);
-    STORAGE_KEYS2 = {
-      SELECTED_ORGANISATION: "pace-core-selected-organisation",
-      ORGANISATION_CONTEXT: "pace-core-organisation-context"
-    };
-    useOrganisations = () => {
-      const context = useContext5(OrganisationContext);
-      if (!context) {
-        throw new Error("useOrganisations must be used within an OrganisationProvider");
-      }
-      return context;
-    };
-  }
-});
-
-export {
-  useAuth,
-  AuthProvider,
-  init_AuthProvider,
-  useRBAC,
-  RBACProvider,
-  init_RBACProvider,
-  useInactivityTracker,
-  init_useInactivityTracker,
-  InactivityWarningModal,
-  init_InactivityWarningModal,
-  useInactivity,
-  InactivityProvider,
-  init_InactivityProvider,
-  useUnifiedAuth,
-  UnifiedAuthProvider,
-  UnifiedAuthProvider_exports,
-  init_UnifiedAuthProvider,
-  OrganisationProvider,
-  useOrganisations,
-  OrganisationProvider_exports,
-  init_OrganisationProvider
-};
-//# sourceMappingURL=chunk-BEZRLNK3.js.map