@jmruthers/pace-core 0.4.1 → 0.5.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (660) hide show
  1. package/CHANGELOG.md +26 -1
  2. package/README.md +231 -229
  3. package/dist/{DataTable-2LB6HI6V.js → DataTable-ZQDRE46Q.js} +15 -17
  4. package/dist/{DataTable-BDBqkU-i.d.ts → DataTable-ltTFXHS3.d.ts} +25 -51
  5. package/dist/{Table-CIm9IWqk.d.ts → PublicLoadingSpinner-Bq_-BeK-.d.ts} +635 -122
  6. package/dist/{UnifiedAuthProvider-V7y63NjT.d.ts → RBACProvider-BO4ilsQB.d.ts} +11 -36
  7. package/dist/UnifiedAuthProvider-DGQsy-vY.d.ts +103 -0
  8. package/dist/{api-AIJ3IJX3.js → api-H5A3H4IR.js} +6 -4
  9. package/dist/{appConfig-fB1pP_v3.d.ts → appConfig-BVGyuvI7.d.ts} +1 -1
  10. package/dist/appNameResolver-7GHF5ED2.js +22 -0
  11. package/dist/{audit-PD5L5ZSC.js → audit-BUW3LMJB.js} +3 -3
  12. package/dist/chunk-5H3C2SWM.js +3293 -0
  13. package/dist/chunk-5H3C2SWM.js.map +1 -0
  14. package/dist/chunk-5SIXIV7R.js +1925 -0
  15. package/dist/chunk-5SIXIV7R.js.map +1 -0
  16. package/dist/{chunk-YNU5QJ4S.js → chunk-7BNPOCLL.js} +22 -5
  17. package/dist/chunk-7BNPOCLL.js.map +1 -0
  18. package/dist/{chunk-4ZTIEYU2.js → chunk-CDQ3PX7L.js} +1 -1
  19. package/dist/chunk-CDQ3PX7L.js.map +1 -0
  20. package/dist/chunk-GNTALZV3.js +17 -0
  21. package/dist/chunk-GNTALZV3.js.map +1 -0
  22. package/dist/chunk-GWSBHC4J.js +1349 -0
  23. package/dist/chunk-GWSBHC4J.js.map +1 -0
  24. package/dist/{chunk-JUUNUW3O.js → chunk-HD7PYDUV.js} +14 -5
  25. package/dist/chunk-HD7PYDUV.js.map +1 -0
  26. package/dist/{chunk-H4PZ4B3Y.js → chunk-HXX35Q2M.js} +113 -27
  27. package/dist/chunk-HXX35Q2M.js.map +1 -0
  28. package/dist/chunk-K6B7BLSE.js +388 -0
  29. package/dist/chunk-K6B7BLSE.js.map +1 -0
  30. package/dist/chunk-M4RW7PIP.js +5441 -0
  31. package/dist/chunk-M4RW7PIP.js.map +1 -0
  32. package/dist/chunk-MZBUOP4P.js +119 -0
  33. package/dist/chunk-MZBUOP4P.js.map +1 -0
  34. package/dist/chunk-N2EUGZRW.js +98 -0
  35. package/dist/chunk-N2EUGZRW.js.map +1 -0
  36. package/dist/chunk-NQ4TOOO6.js +20 -0
  37. package/dist/chunk-NQ4TOOO6.js.map +1 -0
  38. package/dist/{chunk-DC5AMYBS.js → chunk-PLDDJCW6.js} +15 -5
  39. package/dist/chunk-PLDDJCW6.js.map +1 -0
  40. package/dist/{chunk-IOX76PSM.js → chunk-PVMYVQSM.js} +270 -28
  41. package/dist/chunk-PVMYVQSM.js.map +1 -0
  42. package/dist/{chunk-4MCJAK7J.js → chunk-QKHFMQ5R.js} +2155 -4853
  43. package/dist/chunk-QKHFMQ5R.js.map +1 -0
  44. package/dist/chunk-QVYBYGT2.js +428 -0
  45. package/dist/chunk-QVYBYGT2.js.map +1 -0
  46. package/dist/{chunk-WHLSWC6W.js → chunk-SS3E6QLB.js} +16 -61
  47. package/dist/chunk-SS3E6QLB.js.map +1 -0
  48. package/dist/chunk-WJARTBCT.js +128 -0
  49. package/dist/chunk-WJARTBCT.js.map +1 -0
  50. package/dist/chunk-YDJW5XTN.js +84 -0
  51. package/dist/chunk-YDJW5XTN.js.map +1 -0
  52. package/dist/components.d.ts +907 -10
  53. package/dist/components.js +3237 -204
  54. package/dist/components.js.map +1 -1
  55. package/dist/{database-CAMsquLm.d.ts → database-C3Szpi5J.d.ts} +28 -11
  56. package/dist/hooks.d.ts +7 -6
  57. package/dist/hooks.js +33 -11
  58. package/dist/hooks.js.map +1 -1
  59. package/dist/index.d.ts +247 -111
  60. package/dist/index.js +330 -185
  61. package/dist/index.js.map +1 -1
  62. package/dist/{organisation-DLNNQhPB.d.ts → organisation-CO3Sh3_D.d.ts} +1 -1
  63. package/dist/providers.d.ts +5 -4
  64. package/dist/providers.js +14 -5
  65. package/dist/rbac/index.d.ts +964 -839
  66. package/dist/rbac/index.js +58 -1970
  67. package/dist/rbac/index.js.map +1 -1
  68. package/dist/styles/core.css +364 -0
  69. package/dist/styles/fonts/georama-italic.woff2 +0 -0
  70. package/dist/styles/fonts/georama.woff2 +0 -0
  71. package/dist/styles/fonts/open-sans-italic.woff2 +0 -0
  72. package/dist/styles/fonts/open-sans.woff2 +0 -0
  73. package/dist/styles/fonts/reddit-mono.woff2 +0 -0
  74. package/dist/styles/index.d.ts +36 -0
  75. package/dist/styles/index.js +24 -0
  76. package/dist/styles/index.js.map +1 -0
  77. package/dist/theming/runtime.d.ts +73 -0
  78. package/dist/theming/runtime.js +16 -0
  79. package/dist/theming/runtime.js.map +1 -0
  80. package/dist/{types-Bavn44NW.d.ts → types-BRDU7N6w.d.ts} +79 -33
  81. package/dist/types.d.ts +5 -5
  82. package/dist/types.js +7 -2
  83. package/dist/types.js.map +1 -1
  84. package/dist/{unified-BtRpPbmp.d.ts → unified-CMPjE_fv.d.ts} +0 -1
  85. package/dist/usePublicRouteParams-B2OcAsur.d.ts +477 -0
  86. package/dist/utils.d.ts +83 -60
  87. package/dist/utils.js +293 -55651
  88. package/dist/utils.js.map +1 -1
  89. package/dist/validation.d.ts +1 -1
  90. package/dist/validation.js +1 -1
  91. package/docs/INDEX.md +192 -0
  92. package/docs/README.md +46 -32
  93. package/docs/api/README.md +231 -229
  94. package/docs/api/classes/ErrorBoundary.md +1 -1
  95. package/docs/api/classes/InvalidScopeError.md +73 -0
  96. package/docs/api/classes/MissingUserContextError.md +66 -0
  97. package/docs/api/classes/OrganisationContextRequiredError.md +66 -0
  98. package/docs/api/classes/PermissionDeniedError.md +73 -0
  99. package/docs/api/classes/PublicErrorBoundary.md +132 -0
  100. package/docs/api/classes/RBACAuditManager.md +270 -0
  101. package/docs/api/classes/RBACCache.md +284 -0
  102. package/docs/api/classes/RBACEngine.md +141 -0
  103. package/docs/api/classes/RBACError.md +76 -0
  104. package/docs/api/classes/RBACNotInitializedError.md +66 -0
  105. package/docs/api/classes/SecureSupabaseClient.md +135 -0
  106. package/docs/api/interfaces/AggregateConfig.md +4 -4
  107. package/docs/api/interfaces/ButtonProps.md +2 -2
  108. package/docs/api/interfaces/CardProps.md +2 -2
  109. package/docs/api/interfaces/ColorPalette.md +1 -1
  110. package/docs/api/interfaces/ColorShade.md +1 -1
  111. package/docs/api/interfaces/DataAccessRecord.md +96 -0
  112. package/docs/api/interfaces/DataTableAction.md +98 -7
  113. package/docs/api/interfaces/DataTableColumn.md +131 -12
  114. package/docs/api/interfaces/DataTableProps.md +77 -274
  115. package/docs/api/interfaces/DataTableToolbarButton.md +7 -7
  116. package/docs/api/interfaces/EmptyStateConfig.md +5 -5
  117. package/docs/api/interfaces/EnhancedNavigationMenuProps.md +235 -0
  118. package/docs/api/interfaces/EventContextType.md +7 -7
  119. package/docs/api/interfaces/EventLogoProps.md +152 -0
  120. package/docs/api/interfaces/EventProviderProps.md +2 -2
  121. package/docs/api/interfaces/FileSizeLimits.md +7 -0
  122. package/docs/api/interfaces/FileUploadProps.md +154 -0
  123. package/docs/api/interfaces/FooterProps.md +1 -1
  124. package/docs/api/interfaces/InactivityWarningModalProps.md +115 -0
  125. package/docs/api/interfaces/InputProps.md +2 -2
  126. package/docs/api/interfaces/LabelProps.md +1 -1
  127. package/docs/api/interfaces/LoginFormProps.md +1 -1
  128. package/docs/api/interfaces/NavigationAccessRecord.md +107 -0
  129. package/docs/api/interfaces/NavigationContextType.md +164 -0
  130. package/docs/api/interfaces/NavigationGuardProps.md +139 -0
  131. package/docs/api/interfaces/NavigationItem.md +1 -1
  132. package/docs/api/interfaces/NavigationMenuProps.md +1 -1
  133. package/docs/api/interfaces/NavigationProviderProps.md +117 -0
  134. package/docs/api/interfaces/Organisation.md +1 -1
  135. package/docs/api/interfaces/OrganisationContextType.md +1 -1
  136. package/docs/api/interfaces/OrganisationMembership.md +1 -1
  137. package/docs/api/interfaces/OrganisationProviderProps.md +1 -1
  138. package/docs/api/interfaces/OrganisationSecurityError.md +1 -1
  139. package/docs/api/interfaces/PaceAppLayoutProps.md +26 -26
  140. package/docs/api/interfaces/PaceLoginPageProps.md +1 -1
  141. package/docs/api/interfaces/PageAccessRecord.md +85 -0
  142. package/docs/api/interfaces/PagePermissionContextType.md +140 -0
  143. package/docs/api/interfaces/PagePermissionGuardProps.md +153 -0
  144. package/docs/api/interfaces/PagePermissionProviderProps.md +119 -0
  145. package/docs/api/interfaces/PaletteData.md +1 -1
  146. package/docs/api/interfaces/PermissionEnforcerProps.md +153 -0
  147. package/docs/api/interfaces/PublicErrorBoundaryProps.md +94 -0
  148. package/docs/api/interfaces/PublicErrorBoundaryState.md +68 -0
  149. package/docs/api/interfaces/PublicLoadingSpinnerProps.md +86 -0
  150. package/docs/api/interfaces/PublicPageFooterProps.md +112 -0
  151. package/docs/api/interfaces/PublicPageHeaderProps.md +138 -0
  152. package/docs/api/interfaces/PublicPageLayoutProps.md +138 -0
  153. package/docs/api/interfaces/RBACConfig.md +99 -0
  154. package/docs/api/interfaces/RBACContextType.md +474 -0
  155. package/docs/api/interfaces/RBACLogger.md +112 -0
  156. package/docs/api/interfaces/RBACProviderProps.md +107 -0
  157. package/docs/api/interfaces/RoleBasedRouterContextType.md +151 -0
  158. package/docs/api/interfaces/RoleBasedRouterProps.md +156 -0
  159. package/docs/api/interfaces/RouteAccessRecord.md +107 -0
  160. package/docs/api/interfaces/RouteConfig.md +121 -0
  161. package/docs/api/interfaces/SecureDataContextType.md +168 -0
  162. package/docs/api/interfaces/SecureDataProviderProps.md +132 -0
  163. package/docs/api/interfaces/StorageConfig.md +41 -0
  164. package/docs/api/interfaces/StorageFileInfo.md +74 -0
  165. package/docs/api/interfaces/StorageFileMetadata.md +140 -0
  166. package/docs/api/interfaces/StorageListOptions.md +86 -0
  167. package/docs/api/interfaces/StorageListResult.md +41 -0
  168. package/docs/api/interfaces/StorageUploadOptions.md +88 -0
  169. package/docs/api/interfaces/StorageUploadResult.md +63 -0
  170. package/docs/api/interfaces/StorageUrlOptions.md +47 -0
  171. package/docs/api/interfaces/StyleImport.md +2 -2
  172. package/docs/api/interfaces/ToastActionElement.md +1 -1
  173. package/docs/api/interfaces/ToastProps.md +1 -1
  174. package/docs/api/interfaces/UnifiedAuthContextType.md +465 -64
  175. package/docs/api/interfaces/UnifiedAuthProviderProps.md +95 -9
  176. package/docs/api/interfaces/UseInactivityTrackerOptions.md +136 -0
  177. package/docs/api/interfaces/UseInactivityTrackerReturn.md +123 -0
  178. package/docs/api/interfaces/UsePublicEventLogoOptions.md +87 -0
  179. package/docs/api/interfaces/UsePublicEventLogoReturn.md +81 -0
  180. package/docs/api/interfaces/UsePublicEventOptions.md +34 -0
  181. package/docs/api/interfaces/UsePublicEventReturn.md +68 -0
  182. package/docs/api/interfaces/UsePublicRouteParamsReturn.md +94 -0
  183. package/docs/api/interfaces/UserEventAccess.md +14 -14
  184. package/docs/api/interfaces/UserMenuProps.md +6 -6
  185. package/docs/api/interfaces/UserProfile.md +1 -1
  186. package/docs/api/modules.md +4233 -1134
  187. package/docs/api-reference/components.md +761 -43
  188. package/docs/api-reference/hooks.md +126 -0
  189. package/docs/api-reference/providers.md +141 -65
  190. package/docs/api-reference/types.md +66 -36
  191. package/docs/api-reference/utilities.md +1 -1
  192. package/docs/architecture/README.md +1 -2
  193. package/docs/best-practices/README.md +400 -0
  194. package/docs/consuming-app-example.md +42 -96
  195. package/docs/consuming-app-vite-config.md +233 -0
  196. package/docs/core-concepts/events.md +3 -3
  197. package/docs/core-concepts/organisations.md +0 -1
  198. package/docs/core-concepts/rbac-system.md +23 -10
  199. package/docs/documentation-style-checklist.md +8 -2
  200. package/docs/examples/navigation-menu-auth-fix.md +344 -0
  201. package/docs/getting-started/examples/README.md +15 -1
  202. package/docs/getting-started/examples/basic-auth-app.md +444 -119
  203. package/docs/getting-started/examples/full-featured-app.md +6 -6
  204. package/docs/getting-started/installation.md +231 -52
  205. package/docs/getting-started/quick-start.md +121 -24
  206. package/docs/implementation-guides/app-layout.md +133 -108
  207. package/docs/implementation-guides/data-tables.md +1011 -29
  208. package/docs/implementation-guides/forms.md +3 -3
  209. package/docs/implementation-guides/hierarchical-datatable.md +850 -0
  210. package/docs/implementation-guides/large-datasets.md +2 -2
  211. package/docs/implementation-guides/navigation.md +1 -1
  212. package/docs/implementation-guides/permission-enforcement.md +4 -4
  213. package/docs/implementation-guides/public-pages.md +752 -0
  214. package/docs/migration/README.md +18 -8
  215. package/docs/migration/quick-migration-guide.md +320 -0
  216. package/docs/migration/rbac-migration.md +50 -0
  217. package/docs/migration/v0.4.15-tailwind-scanning.md +272 -0
  218. package/docs/migration/v0.4.16-css-first-approach.md +306 -0
  219. package/docs/migration/v0.4.17-source-path-fix.md +229 -0
  220. package/docs/migration-guide.md +77 -105
  221. package/docs/performance/README.md +1 -4
  222. package/docs/print-components/README.md +258 -0
  223. package/docs/print-components/api-reference.md +636 -0
  224. package/docs/print-components/examples/README.md +204 -0
  225. package/docs/print-components/examples/basic-report.tsx +92 -0
  226. package/docs/print-components/examples/card-catalog.tsx +149 -0
  227. package/docs/print-components/examples/cover-page-report.tsx +163 -0
  228. package/docs/print-components/quick-start.md +363 -0
  229. package/docs/quick-reference.md +53 -36
  230. package/docs/rbac/README.md +136 -69
  231. package/docs/rbac/api-reference.md +39 -8
  232. package/docs/rbac/examples.md +237 -66
  233. package/docs/rbac/getting-started.md +131 -16
  234. package/docs/rbac/quick-start.md +499 -323
  235. package/docs/rbac/troubleshooting.md +240 -262
  236. package/docs/security/README.md +50 -1
  237. package/docs/styles/README.md +226 -111
  238. package/docs/testing/README.md +6 -10
  239. package/docs/troubleshooting/README.md +497 -0
  240. package/docs/troubleshooting/common-issues.md +604 -14
  241. package/docs/troubleshooting/styling-issues.md +219 -0
  242. package/docs/troubleshooting/tailwind-content-scanning.md +213 -0
  243. package/docs/usage.md +54 -91
  244. package/docs/visual-testing.md +0 -7
  245. package/package.json +47 -25
  246. package/src/__mocks__/lucide-react.ts +181 -0
  247. package/src/__tests__/REBUILD_PLAN.md +223 -0
  248. package/src/__tests__/TESTING_GUIDELINES.md +341 -0
  249. package/src/__tests__/fixtures/mocks.ts +93 -0
  250. package/src/__tests__/helpers/component-test-utils.tsx +145 -0
  251. package/src/__tests__/helpers/test-utils.tsx +117 -0
  252. package/src/__tests__/integration/UserProfile.test.tsx +128 -0
  253. package/src/__tests__/setup.ts +71 -0
  254. package/src/__tests__/templates/accessibility.test.template.tsx +279 -0
  255. package/src/__tests__/templates/component.test.template.tsx +144 -0
  256. package/src/__tests__/templates/hook.test.template.ts +173 -0
  257. package/src/__tests__/templates/integration.test.template.tsx +199 -0
  258. package/src/__tests__/types/test.types.ts +106 -0
  259. package/src/components/Alert/Alert.test.tsx +496 -0
  260. package/src/components/Alert/Alert.tsx +134 -0
  261. package/src/components/Alert/index.ts +2 -0
  262. package/src/components/Avatar/Avatar.test.tsx +484 -0
  263. package/src/components/Avatar/Avatar.tsx +84 -0
  264. package/src/components/Avatar/index.ts +2 -0
  265. package/src/components/Button/Button.test.tsx +662 -0
  266. package/src/components/Button/Button.tsx +270 -0
  267. package/src/components/Button/index.ts +2 -0
  268. package/src/components/Card/Card.test.tsx +593 -0
  269. package/src/components/Card/Card.tsx +271 -0
  270. package/src/components/Card/index.ts +1 -0
  271. package/src/components/Checkbox/Checkbox.test.tsx +461 -0
  272. package/src/components/Checkbox/Checkbox.tsx +75 -0
  273. package/src/components/Checkbox/__mocks__/Checkbox.tsx +2 -0
  274. package/src/components/Checkbox/index.ts +2 -0
  275. package/src/components/DataTable/DataTable.tsx +446 -0
  276. package/src/components/DataTable/__tests__/README.md +145 -0
  277. package/src/components/DataTable/__tests__/mocks/MockRBACProvider.tsx +66 -0
  278. package/src/components/DataTable/__tests__/test-utils/dataFactories.ts +103 -0
  279. package/src/components/DataTable/__tests__/test-utils/sharedTestUtils.tsx +381 -0
  280. package/src/components/DataTable/__tests__/test-utils.ts +94 -0
  281. package/src/components/DataTable/components/AccessDeniedPage.tsx +168 -0
  282. package/src/components/DataTable/components/ActionButtons.tsx +194 -0
  283. package/src/components/DataTable/components/BulkOperationsDropdown.tsx +160 -0
  284. package/src/components/DataTable/components/ColumnFilter.tsx +114 -0
  285. package/src/components/DataTable/components/ColumnVisibilityDropdown.tsx +100 -0
  286. package/src/components/DataTable/components/DataTableBody.tsx +461 -0
  287. package/src/components/DataTable/components/DataTableCore.tsx +1027 -0
  288. package/src/components/DataTable/components/DataTableErrorBoundary.tsx +214 -0
  289. package/src/components/DataTable/components/DataTableModals.tsx +87 -0
  290. package/src/components/DataTable/components/DataTableToolbar.tsx +262 -0
  291. package/src/components/DataTable/components/DraggableColumnHeader.tsx +144 -0
  292. package/src/components/DataTable/components/EditableRow.tsx +159 -0
  293. package/src/components/DataTable/components/EmptyState.tsx +64 -0
  294. package/src/components/DataTable/components/ExpandButton.tsx +113 -0
  295. package/src/components/DataTable/components/FilterRow.tsx +100 -0
  296. package/src/components/DataTable/components/GroupHeader.tsx +42 -0
  297. package/src/components/DataTable/components/GroupingDropdown.tsx +96 -0
  298. package/src/components/DataTable/components/ImportModal.tsx +345 -0
  299. package/src/components/DataTable/components/LoadingState.tsx +12 -0
  300. package/src/components/DataTable/components/PaginationControls.tsx +332 -0
  301. package/src/components/DataTable/components/UnifiedTableBody.tsx +742 -0
  302. package/src/components/DataTable/components/ViewRowModal.tsx +68 -0
  303. package/src/components/DataTable/components/VirtualizedDataTable.tsx +513 -0
  304. package/src/components/DataTable/components/index.ts +16 -0
  305. package/src/components/DataTable/context/DataTableContext.tsx +97 -0
  306. package/src/components/DataTable/core/ActionManager.ts +235 -0
  307. package/src/components/DataTable/core/ColumnFactory.ts +268 -0
  308. package/src/components/DataTable/core/ColumnManager.ts +205 -0
  309. package/src/components/DataTable/core/DataManager.ts +188 -0
  310. package/src/components/DataTable/core/DataTableContext.tsx +181 -0
  311. package/src/components/DataTable/core/LocalDataAdapter.ts +264 -0
  312. package/src/components/DataTable/core/PluginRegistry.ts +229 -0
  313. package/src/components/DataTable/core/StateManager.ts +311 -0
  314. package/src/components/DataTable/core/index.ts +8 -0
  315. package/src/components/DataTable/core/interfaces.ts +338 -0
  316. package/src/components/DataTable/examples/HierarchicalActionsExample.tsx +419 -0
  317. package/src/components/DataTable/examples/HierarchicalExample.tsx +475 -0
  318. package/src/components/DataTable/examples/InitialPageSizeExample.tsx +176 -0
  319. package/src/components/DataTable/examples/PerformanceExample.tsx +505 -0
  320. package/src/components/DataTable/hooks/useColumnOrderPersistence.ts +95 -0
  321. package/src/components/DataTable/hooks/useColumnReordering.ts +110 -0
  322. package/src/components/DataTable/hooks/useDataTableState.ts +325 -0
  323. package/src/components/DataTable/hooks/useHierarchicalState.ts +174 -0
  324. package/src/components/DataTable/index.ts +68 -0
  325. package/src/components/DataTable/styles.ts +171 -0
  326. package/src/components/DataTable/types.ts +511 -0
  327. package/src/components/DataTable/utils/debugTools.ts +583 -0
  328. package/src/components/DataTable/utils/errorHandling.ts +494 -0
  329. package/src/components/DataTable/utils/exportUtils.ts +126 -0
  330. package/src/components/DataTable/utils/flexibleImport.ts +510 -0
  331. package/src/components/DataTable/utils/hierarchicalSorting.ts +151 -0
  332. package/src/components/DataTable/utils/hierarchicalUtils.ts +218 -0
  333. package/src/components/DataTable/utils/index.ts +1 -0
  334. package/src/components/DataTable/utils/performanceUtils.ts +351 -0
  335. package/src/components/Dialog/Dialog.test.tsx +1139 -0
  336. package/src/components/Dialog/Dialog.tsx +782 -0
  337. package/src/components/Dialog/README.md +804 -0
  338. package/src/components/Dialog/examples/BasicHtmlTest.tsx +55 -0
  339. package/src/components/Dialog/examples/DebugHtmlExample.tsx +68 -0
  340. package/src/components/Dialog/examples/HtmlDialogExample.tsx +202 -0
  341. package/src/components/Dialog/examples/SimpleHtmlTest.tsx +61 -0
  342. package/src/components/Dialog/examples/SmartDialogExample.tsx +322 -0
  343. package/src/components/Dialog/index.ts +12 -0
  344. package/src/components/Dialog/utils/safeHtml.ts +185 -0
  345. package/src/components/ErrorBoundary/ErrorBoundary.test.tsx +752 -0
  346. package/src/components/ErrorBoundary/ErrorBoundary.tsx +312 -0
  347. package/src/components/ErrorBoundary/index.ts +8 -0
  348. package/src/components/EventSelector/EventSelector.tsx +360 -0
  349. package/src/components/EventSelector/index.ts +3 -0
  350. package/src/components/EventSelector/types.ts +79 -0
  351. package/src/components/FileUpload/FileUpload.example.tsx +218 -0
  352. package/src/components/FileUpload/FileUpload.test.tsx +665 -0
  353. package/src/components/FileUpload/FileUpload.tsx +237 -0
  354. package/src/components/FileUpload/index.ts +6 -0
  355. package/src/components/Footer/Footer.test.tsx +482 -0
  356. package/src/components/Footer/Footer.tsx +197 -0
  357. package/src/components/Footer/index.ts +17 -0
  358. package/src/components/Form/Form.test.tsx +1158 -0
  359. package/src/components/Form/Form.tsx +166 -0
  360. package/src/components/Form/FormErrorSummary.tsx +113 -0
  361. package/src/components/Form/FormField.tsx +249 -0
  362. package/src/components/Form/FormFieldset.tsx +127 -0
  363. package/src/components/Form/FormLiveRegion.tsx +198 -0
  364. package/src/components/Form/index.ts +26 -0
  365. package/src/components/Header/Header.test.tsx +582 -0
  366. package/src/components/Header/Header.tsx +301 -0
  367. package/src/components/Header/index.ts +4 -0
  368. package/src/components/InactivityWarningModal/InactivityWarningModal.test.tsx +489 -0
  369. package/src/components/InactivityWarningModal/InactivityWarningModal.tsx +164 -0
  370. package/src/components/InactivityWarningModal/index.ts +9 -0
  371. package/src/components/Input/Input.test.tsx +466 -0
  372. package/src/components/Input/Input.tsx +201 -0
  373. package/src/components/Input/__mocks__/Input.tsx +2 -0
  374. package/src/components/Input/index.ts +9 -0
  375. package/src/components/Label/Label.tsx +186 -0
  376. package/src/components/Label/index.ts +2 -0
  377. package/src/components/LoadingSpinner/LoadingSpinner.test.tsx +450 -0
  378. package/src/components/LoadingSpinner/LoadingSpinner.tsx +98 -0
  379. package/src/components/LoadingSpinner/index.ts +3 -0
  380. package/src/components/LoginForm/LoginForm.test.tsx +816 -0
  381. package/src/components/LoginForm/LoginForm.tsx +273 -0
  382. package/src/components/LoginForm/index.ts +3 -0
  383. package/src/components/NavigationMenu/NavigationMenu.test.tsx +883 -0
  384. package/src/components/NavigationMenu/NavigationMenu.tsx +698 -0
  385. package/src/components/NavigationMenu/index.ts +10 -0
  386. package/src/components/NavigationMenu/types.ts +85 -0
  387. package/src/components/OrganisationSelector/OrganisationSelector.test.tsx +748 -0
  388. package/src/components/OrganisationSelector/OrganisationSelector.tsx +304 -0
  389. package/src/components/OrganisationSelector/index.ts +9 -0
  390. package/src/components/PaceAppLayout/PaceAppLayout.test.tsx +891 -0
  391. package/src/components/PaceAppLayout/PaceAppLayout.tsx +699 -0
  392. package/src/components/PaceAppLayout/README.md +278 -0
  393. package/src/components/PaceAppLayout/index.ts +1 -0
  394. package/src/components/PaceLoginPage/PaceLoginPage.test.tsx +475 -0
  395. package/src/components/PaceLoginPage/PaceLoginPage.tsx +221 -0
  396. package/src/components/PaceLoginPage/index.ts +1 -0
  397. package/src/components/PasswordReset/PasswordChangeForm.test.tsx +621 -0
  398. package/src/components/PasswordReset/PasswordChangeForm.tsx +186 -0
  399. package/src/components/PasswordReset/PasswordResetForm.test.tsx +605 -0
  400. package/src/components/PasswordReset/PasswordResetForm.tsx +201 -0
  401. package/src/components/PasswordReset/index.ts +4 -0
  402. package/src/components/PrintButton/PrintButton.tsx +321 -0
  403. package/src/components/PrintButton/PrintButtonGroup.tsx +84 -0
  404. package/src/components/PrintButton/PrintToolbar.tsx +94 -0
  405. package/src/components/PrintButton/examples/PrintButtonShowcase.tsx +438 -0
  406. package/src/components/PrintButton/index.ts +33 -0
  407. package/src/components/PrintButton/types.ts +173 -0
  408. package/src/components/PrintCard/PrintCard.tsx +154 -0
  409. package/src/components/PrintCard/PrintCardContent.tsx +57 -0
  410. package/src/components/PrintCard/PrintCardFooter.tsx +60 -0
  411. package/src/components/PrintCard/PrintCardGrid.tsx +91 -0
  412. package/src/components/PrintCard/PrintCardHeader.tsx +78 -0
  413. package/src/components/PrintCard/PrintCardImage.tsx +81 -0
  414. package/src/components/PrintCard/examples/PrintCardShowcase.tsx +239 -0
  415. package/src/components/PrintCard/index.ts +34 -0
  416. package/src/components/PrintCard/types.ts +171 -0
  417. package/src/components/PrintDataTable/PrintDataTable.tsx +215 -0
  418. package/src/components/PrintDataTable/PrintTableGroup.tsx +90 -0
  419. package/src/components/PrintDataTable/PrintTableRow.tsx +76 -0
  420. package/src/components/PrintDataTable/index.ts +25 -0
  421. package/src/components/PrintDataTable/types.ts +67 -0
  422. package/src/components/PrintFooter/PrintFooter.tsx +183 -0
  423. package/src/components/PrintFooter/PrintFooterContent.tsx +71 -0
  424. package/src/components/PrintFooter/PrintFooterInfo.tsx +86 -0
  425. package/src/components/PrintFooter/PrintPageNumber.tsx +90 -0
  426. package/src/components/PrintFooter/examples/PrintFooterShowcase.tsx +390 -0
  427. package/src/components/PrintFooter/index.ts +30 -0
  428. package/src/components/PrintFooter/types.ts +149 -0
  429. package/src/components/PrintGrid/PrintGrid.tsx +180 -0
  430. package/src/components/PrintGrid/PrintGridBreakpoint.tsx +109 -0
  431. package/src/components/PrintGrid/PrintGridContainer.tsx +128 -0
  432. package/src/components/PrintGrid/PrintGridItem.tsx +220 -0
  433. package/src/components/PrintGrid/examples/PrintGridShowcase.tsx +359 -0
  434. package/src/components/PrintGrid/index.ts +31 -0
  435. package/src/components/PrintGrid/types.ts +159 -0
  436. package/src/components/PrintHeader/PrintCoverHeader.tsx +230 -0
  437. package/src/components/PrintHeader/PrintHeader.tsx +150 -0
  438. package/src/components/PrintHeader/index.ts +17 -0
  439. package/src/components/PrintHeader/types.ts +42 -0
  440. package/src/components/PrintLayout/PrintLayout.tsx +122 -0
  441. package/src/components/PrintLayout/PrintLayoutContext.tsx +66 -0
  442. package/src/components/PrintLayout/PrintPageBreak.tsx +52 -0
  443. package/src/components/PrintLayout/examples/PrintShowcase.tsx +230 -0
  444. package/src/components/PrintLayout/index.ts +19 -0
  445. package/src/components/PrintLayout/types.ts +37 -0
  446. package/src/components/PrintPageBreak/PrintPageBreak.tsx +120 -0
  447. package/src/components/PrintPageBreak/PrintPageBreakGroup.tsx +90 -0
  448. package/src/components/PrintPageBreak/PrintPageBreakIndicator.tsx +112 -0
  449. package/src/components/PrintPageBreak/examples/PrintPageBreakShowcase.tsx +279 -0
  450. package/src/components/PrintPageBreak/index.ts +23 -0
  451. package/src/components/PrintPageBreak/types.ts +94 -0
  452. package/src/components/PrintSection/PrintColumn.tsx +104 -0
  453. package/src/components/PrintSection/PrintDivider.tsx +101 -0
  454. package/src/components/PrintSection/PrintSection.tsx +129 -0
  455. package/src/components/PrintSection/PrintSectionContent.tsx +75 -0
  456. package/src/components/PrintSection/PrintSectionHeader.tsx +97 -0
  457. package/src/components/PrintSection/examples/PrintSectionShowcase.tsx +258 -0
  458. package/src/components/PrintSection/index.ts +33 -0
  459. package/src/components/PrintSection/types.ts +155 -0
  460. package/src/components/PrintText/PrintText.tsx +116 -0
  461. package/src/components/PrintText/index.ts +16 -0
  462. package/src/components/PrintText/types.ts +24 -0
  463. package/src/components/Progress/Progress.tsx +116 -0
  464. package/src/components/Progress/index.ts +3 -0
  465. package/src/components/PublicLayout/EventLogo.tsx +287 -0
  466. package/src/components/PublicLayout/PublicErrorBoundary.tsx +279 -0
  467. package/src/components/PublicLayout/PublicLoadingSpinner.tsx +208 -0
  468. package/src/components/PublicLayout/PublicPageContextChecker.tsx +130 -0
  469. package/src/components/PublicLayout/PublicPageDebugger.tsx +104 -0
  470. package/src/components/PublicLayout/PublicPageDiagnostic.tsx +162 -0
  471. package/src/components/PublicLayout/PublicPageFooter.tsx +124 -0
  472. package/src/components/PublicLayout/PublicPageHeader.tsx +178 -0
  473. package/src/components/PublicLayout/PublicPageLayout.tsx +232 -0
  474. package/src/components/PublicLayout/PublicPageProvider.tsx +137 -0
  475. package/src/components/PublicLayout/index.ts +51 -0
  476. package/src/components/Select/Select.test.tsx +948 -0
  477. package/src/components/Select/Select.tsx +660 -0
  478. package/src/components/Select/index.ts +1 -0
  479. package/src/components/SuperAdminGuard.tsx +116 -0
  480. package/src/components/Table/Table.tsx +222 -0
  481. package/src/components/Table/index.ts +11 -0
  482. package/src/components/Toast/Toast.test.tsx +586 -0
  483. package/src/components/Toast/Toast.tsx +339 -0
  484. package/src/components/Toast/index.ts +14 -0
  485. package/src/components/Tooltip/Tooltip.test.tsx +852 -0
  486. package/src/components/Tooltip/Tooltip.tsx +167 -0
  487. package/src/components/Tooltip/index.ts +7 -0
  488. package/src/components/UserMenu/UserMenu.test.tsx +702 -0
  489. package/src/components/UserMenu/UserMenu.tsx +243 -0
  490. package/src/components/UserMenu/index.ts +3 -0
  491. package/src/components/examples/PermissionExample.tsx +150 -0
  492. package/src/components/index.ts +434 -0
  493. package/src/components.ts +19 -0
  494. package/src/constants/performance.ts +14 -0
  495. package/src/examples/CorrectPublicPageImplementation.tsx +301 -0
  496. package/src/examples/PublicEventPage.tsx +274 -0
  497. package/src/examples/PublicPageApp.tsx +308 -0
  498. package/src/examples/PublicPageUsageExample.tsx +216 -0
  499. package/src/hooks/index.ts +56 -0
  500. package/src/hooks/public/index.ts +34 -0
  501. package/src/hooks/public/usePublicEvent.ts +261 -0
  502. package/src/hooks/public/usePublicEventLogo.ts +285 -0
  503. package/src/hooks/public/usePublicRouteParams.ts +259 -0
  504. package/src/hooks/useAppConfig.ts +94 -0
  505. package/src/hooks/useComponentPerformance.ts +39 -0
  506. package/src/hooks/useCounter.test.ts +135 -0
  507. package/src/hooks/useDataTablePerformance.ts +387 -0
  508. package/src/hooks/useDataTableState.ts +110 -0
  509. package/src/hooks/useDebounce.test.ts +375 -0
  510. package/src/hooks/useDebounce.ts +18 -0
  511. package/src/hooks/useFocusManagement.ts +161 -0
  512. package/src/hooks/useFocusTrap.ts +155 -0
  513. package/src/hooks/useInactivityTracker.ts +372 -0
  514. package/src/hooks/useIsMobile.ts +42 -0
  515. package/src/hooks/useKeyboardShortcuts.ts +237 -0
  516. package/src/hooks/useOrganisationPermissions.test.ts +528 -0
  517. package/src/hooks/useOrganisationPermissions.ts +208 -0
  518. package/src/hooks/useOrganisationSecurity.test.ts +734 -0
  519. package/src/hooks/useOrganisationSecurity.ts +262 -0
  520. package/src/hooks/usePerformanceMonitor.ts +128 -0
  521. package/src/hooks/usePermissionCache.test.ts +542 -0
  522. package/src/hooks/usePermissionCache.ts +455 -0
  523. package/src/hooks/useSecureDataAccess.ts +586 -0
  524. package/src/hooks/useStorage.ts +274 -0
  525. package/src/hooks/useToast.ts +242 -0
  526. package/src/hooks/useZodForm.ts +28 -0
  527. package/src/index.ts +199 -0
  528. package/src/providers/AuthProvider.tsx +369 -0
  529. package/src/providers/EventProvider.tsx +324 -0
  530. package/src/providers/InactivityProvider.tsx +238 -0
  531. package/src/providers/OrganisationProvider.tsx +588 -0
  532. package/src/providers/UnifiedAuthProvider.tsx +327 -0
  533. package/src/providers/index.ts +17 -0
  534. package/src/rbac/README.md +885 -0
  535. package/src/rbac/__tests__/integration.test.tsx +218 -0
  536. package/src/rbac/adapters.tsx +726 -0
  537. package/src/rbac/api.test.ts +441 -0
  538. package/src/rbac/api.ts +339 -0
  539. package/src/rbac/audit-enhanced.ts +339 -0
  540. package/src/rbac/audit.ts +338 -0
  541. package/src/rbac/cache.ts +215 -0
  542. package/src/rbac/components/EnhancedNavigationMenu.tsx +294 -0
  543. package/src/rbac/components/NavigationGuard.tsx +294 -0
  544. package/src/rbac/components/NavigationProvider.tsx +314 -0
  545. package/src/rbac/components/PagePermissionGuard.tsx +430 -0
  546. package/src/rbac/components/PagePermissionProvider.tsx +274 -0
  547. package/src/rbac/components/PermissionEnforcer.tsx +307 -0
  548. package/src/rbac/components/RoleBasedRouter.tsx +425 -0
  549. package/src/rbac/components/SecureDataProvider.tsx +319 -0
  550. package/src/rbac/components/index.ts +64 -0
  551. package/src/rbac/config.ts +133 -0
  552. package/src/rbac/docs/event-based-apps.md +285 -0
  553. package/src/rbac/engine.ts +1026 -0
  554. package/src/rbac/eslint-rules.js +285 -0
  555. package/src/rbac/examples/CompleteRBACExample.tsx +323 -0
  556. package/src/rbac/examples/EventBasedApp.tsx +238 -0
  557. package/src/rbac/hooks/index.ts +21 -0
  558. package/src/rbac/hooks/useCan.test.ts +461 -0
  559. package/src/rbac/hooks/usePermissions.test.ts +359 -0
  560. package/src/rbac/hooks/usePermissions.ts +567 -0
  561. package/src/rbac/hooks/useRBAC.simple.test.ts +90 -0
  562. package/src/rbac/hooks/useRBAC.test.ts +503 -0
  563. package/src/rbac/hooks/useRBAC.ts +262 -0
  564. package/src/rbac/index.ts +109 -0
  565. package/src/rbac/permissions.ts +293 -0
  566. package/src/rbac/providers/RBACProvider.tsx +634 -0
  567. package/src/rbac/providers/__tests__/RBACProvider.test.tsx +687 -0
  568. package/src/rbac/providers/index.ts +11 -0
  569. package/src/rbac/secureClient.ts +244 -0
  570. package/src/rbac/security.ts +346 -0
  571. package/src/rbac/testing/index.tsx +340 -0
  572. package/src/rbac/types.ts +343 -0
  573. package/src/rbac/utils/eventContext.ts +83 -0
  574. package/src/styles/core.css +364 -0
  575. package/src/styles/index.ts +51 -0
  576. package/src/theming/runtime.ts +187 -0
  577. package/src/types/database.ts +472 -0
  578. package/src/types/guards.ts +30 -0
  579. package/src/types/index.ts +25 -0
  580. package/src/types/organisation.ts +184 -0
  581. package/src/types/security.ts +70 -0
  582. package/src/types/supabase.ts +166 -0
  583. package/src/types/theme.ts +6 -0
  584. package/src/types/unified.ts +262 -0
  585. package/src/types/validation.ts +164 -0
  586. package/src/types/vitest-globals.d.ts +43 -0
  587. package/src/utils/__mocks__/supabaseMock.ts +75 -0
  588. package/src/utils/__mocks__/supabaseMock.tsx +198 -0
  589. package/src/utils/appConfig.ts +47 -0
  590. package/src/utils/appIdResolver.ts +130 -0
  591. package/src/utils/appNameResolver.ts +190 -0
  592. package/src/utils/audit.ts +127 -0
  593. package/src/utils/auth-utils.ts +96 -0
  594. package/src/utils/bundleAnalysis.ts +129 -0
  595. package/src/utils/cn.ts +7 -0
  596. package/src/utils/debugLogger.ts +46 -0
  597. package/src/utils/deviceFingerprint.ts +215 -0
  598. package/src/utils/dynamicUtils.ts +105 -0
  599. package/src/utils/formatDate.test.ts +241 -0
  600. package/src/utils/formatting.ts +77 -0
  601. package/src/utils/index.ts +145 -0
  602. package/src/utils/lazyLoad.tsx +44 -0
  603. package/src/utils/organisationContext.ts +135 -0
  604. package/src/utils/performanceBenchmark.ts +64 -0
  605. package/src/utils/performanceBudgets.ts +111 -0
  606. package/src/utils/permissionTypes.ts +37 -0
  607. package/src/utils/permissionUtils.ts +31 -0
  608. package/src/utils/print/PrintDataProcessor.ts +390 -0
  609. package/src/utils/print/examples/PrintUtilitiesShowcase.tsx +397 -0
  610. package/src/utils/print/index.ts +29 -0
  611. package/src/utils/print/types.ts +196 -0
  612. package/src/utils/print/usePrintOptimization.ts +272 -0
  613. package/src/utils/sanitization.ts +264 -0
  614. package/src/utils/schemaUtils.ts +37 -0
  615. package/src/utils/secureDataAccess.ts +361 -0
  616. package/src/utils/secureErrors.ts +79 -0
  617. package/src/utils/secureStorage.ts +244 -0
  618. package/src/utils/security.ts +156 -0
  619. package/src/utils/securityMonitor.ts +45 -0
  620. package/src/utils/sessionTracking.ts +170 -0
  621. package/src/utils/storage/README.md +348 -0
  622. package/src/utils/storage/config.ts +100 -0
  623. package/src/utils/storage/helpers.ts +359 -0
  624. package/src/utils/storage/index.ts +36 -0
  625. package/src/utils/storage/types.ts +90 -0
  626. package/src/utils/validation.ts +111 -0
  627. package/src/utils/validationUtils.ts +120 -0
  628. package/src/validation/common.ts +53 -0
  629. package/src/validation/csrf.ts +214 -0
  630. package/src/validation/index.ts +43 -0
  631. package/src/validation/passwordSchema.ts +125 -0
  632. package/src/validation/sanitization.ts +96 -0
  633. package/src/validation/schemaUtils.ts +42 -0
  634. package/src/validation/sqlInjectionProtection.ts +242 -0
  635. package/src/validation/user.ts +34 -0
  636. package/dist/chunk-4MCJAK7J.js.map +0 -1
  637. package/dist/chunk-4ZTIEYU2.js.map +0 -1
  638. package/dist/chunk-H4PZ4B3Y.js.map +0 -1
  639. package/dist/chunk-IOX76PSM.js.map +0 -1
  640. package/dist/chunk-JUUNUW3O.js.map +0 -1
  641. package/dist/chunk-KK6WIDK6.js +0 -63
  642. package/dist/chunk-KK6WIDK6.js.map +0 -1
  643. package/dist/chunk-U7DY5T33.js +0 -11
  644. package/dist/chunk-U7DY5T33.js.map +0 -1
  645. package/dist/chunk-WHLSWC6W.js.map +0 -1
  646. package/dist/chunk-XI7QFSSC.js +0 -790
  647. package/dist/chunk-XI7QFSSC.js.map +0 -1
  648. package/dist/chunk-XIJMMBDD.js +0 -73
  649. package/dist/chunk-XIJMMBDD.js.map +0 -1
  650. package/dist/chunk-YNU5QJ4S.js.map +0 -1
  651. package/dist/chunk-YWYCNGWH.js +0 -2070
  652. package/dist/chunk-YWYCNGWH.js.map +0 -1
  653. package/dist/chunk-ZJ3UKPIW.js +0 -952
  654. package/dist/chunk-ZJ3UKPIW.js.map +0 -1
  655. package/dist/useAppConfig-CZNJJsT_.d.ts +0 -148
  656. package/dist/{DataTable-2LB6HI6V.js.map → DataTable-ZQDRE46Q.js.map} +0 -0
  657. package/dist/{api-AIJ3IJX3.js.map → api-H5A3H4IR.js.map} +0 -0
  658. package/dist/{audit-PD5L5ZSC.js.map → appNameResolver-7GHF5ED2.js.map} +0 -0
  659. package/dist/{chunk-DC5AMYBS.js.map → audit-BUW3LMJB.js.map} +0 -0
  660. package/dist/{validation-D2-NNCCE.d.ts → validation-PM_iOaTI.d.ts} +6 -6
package/docs/rbac/README.md CHANGED
@@ -1,48 +1,91 @@
1
1
  # RBAC System
2
2
 
3
- > **📚 New to RBAC?** Start with the [Quick Start Guide](./quick-start.md) to get up and running in 5 minutes.
3
+ > **📚 New to RBAC?** Start with the [Quick Start Guide](./quick-start.md) to get up and running in 10 minutes.
4
4
 
5
5
  The PACE Core RBAC (Role-Based Access Control) system provides comprehensive permission management with organisation context enforcement, caching, and audit logging.
6
6
 
7
+ ## 🚨 Critical Rules (Follow These or It Won't Work)
8
+
9
+ 1. **Never make direct database queries** to `rbac_apps`, `rbac_global_roles`, or other RBAC tables
10
+ 2. **Always use `PagePermissionGuard`** for page-level permissions (not manual permission checks)
11
+ 3. **Always set up providers correctly** in the exact order shown
12
+ 4. **Use the exact app name** from your environment variable (must match database exactly)
13
+
7
14
  ## 🚀 Quick Start
8
15
 
9
16
  ```tsx
10
- import { useCan, PermissionGuard } from '@jmruthers/pace-core/rbac';
17
+ import { PagePermissionGuard } from '@jmruthers/pace-core/rbac';
11
18
 
12
19
  function MyComponent() {
13
- const { hasPermission, isLoading } = useCan();
14
-
15
- if (isLoading) return <div>Loading...</div>;
16
-
17
20
  return (
18
- <PermissionGuard
19
- userId="user-123"
20
- scope={{ organisationId: "org-456" }}
21
- permission="read:users"
21
+ <PagePermissionGuard
22
+ pageName="users"
23
+ operation="read"
24
+ fallback={<div>Access Denied</div>}
22
25
  >
23
26
  <UserList />
24
- </PermissionGuard>
27
+ </PagePermissionGuard>
25
28
  );
26
29
  }
27
30
  ```
28
31
 
29
32
  ## 📖 Core Concepts
30
33
 
31
- - **[Quick Start](./quick-start.md)** - Get up and running in 5 minutes
34
+ - **[Quick Start](./quick-start.md)** - Get up and running in 10 minutes (foolproof guide)
32
35
  - **[API Reference](./api-reference.md)** - Complete API documentation
36
+ - **[Troubleshooting](./troubleshooting.md)** - Common issues and solutions
33
37
  - **[Examples](./examples.md)** - Practical usage examples
34
38
  - **[Advanced Patterns](./advanced-patterns.md)** - Complex scenarios and optimizations
35
- - **[Super Admin Guide](./super-admin-guide.md)** - Super admin access implementation
36
- - **[Troubleshooting](./troubleshooting.md)** - Common issues and solutions
39
+
40
+ ## 🏗️ Architecture & Security Model
41
+
42
+ ### **Database-First Design**
43
+
44
+ The RBAC system uses a **database-first architecture** where all permission logic resides in PostgreSQL functions:
45
+
46
+ - ✅ **Primary API**: `get_rbac_permissions()` RPC function (runs with elevated privileges)
47
+ - ✅ **Security**: RLS policies protect direct table access
48
+ - ✅ **Performance**: Single RPC call vs multiple client queries
49
+ - ✅ **Consistency**: All permission logic centralized in database
50
+
51
+ **Why This Design?**
52
+
53
+ 1. **Security**: Client-side queries are protected by RLS policies. The RPC function is the **intended API** for permission checks.
54
+ 2. **Performance**: One RPC call fetches all permissions instead of multiple client queries
55
+ 3. **Correctness**: Database function contains the authoritative permission logic
56
+ 4. **Maintainability**: Permission logic in one place, not scattered across client code
57
+
58
+ **Important**: The RBAC engine uses `get_rbac_permissions()` RPC for page-level permissions because:
59
+ - Client queries to `rbac_page_permissions` are **intentionally blocked by RLS**
60
+ - The RPC function validates access and returns only permissions for the user's roles
61
+ - This is **not bypassing security** - it's using the **correct security API**
37
62
 
38
63
  ## 🎯 Key Features
39
64
 
40
- - **🔐 Secure by Default** - Organisation context enforced, RLS integrated
41
- - **⚡ High Performance** - Intelligent caching with 60s TTL
65
+ - **🔐 Secure by Default** - Organisation context enforced, RLS integrated, database-first API
66
+ - **⚡ High Performance** - Intelligent caching with 60s TTL, optimized RPC calls
42
67
  - **🎨 React Integration** - Hooks and components for easy UI integration
43
68
  - **🔄 Real-time Updates** - Automatic cache invalidation on permission changes
44
69
  - **📊 Audit Logging** - Complete audit trail for all permission checks
45
70
  - **🛡️ Type Safe** - Full TypeScript support with strict typing
71
+ - **🏢 Flexible App Context** - Support for both organisation-based and event-based apps
72
+ - **🔄 Automatic Context Resolution** - Event-based apps automatically resolve organisation context
73
+
74
+ ## 🔧 Recent Updates
75
+
76
+ ### Super Admin Bypass in Event Context (v2.0.0)
77
+ Fixed an issue where super admins were unable to bypass permission checks in event-based apps. Super admins now have full access regardless of context type (organisation-based or event-based apps).
78
+
79
+ ```tsx
80
+ // ✅ Super admin bypass now works in event context
81
+ <PagePermissionGuard
82
+ pageName="admin-panel"
83
+ operation="read"
84
+ scope={{ eventId: 'event-456' }} // Only event context needed
85
+ >
86
+ <AdminPanel />
87
+ </PagePermissionGuard>
88
+ ```
46
89
 
47
90
  ## 🏗️ Architecture
48
91
 
@@ -72,27 +115,58 @@ graph TD
72
115
  - `isPermitted` - Server-side permission checking
73
116
  - `getAccessLevel` - Get user's access level
74
117
  - `getPermissionMap` - Get all permissions for a scope
118
+ - `getAppConfig` - Get app configuration including context requirements
75
119
 
76
120
  ### Advanced Features
77
121
  - `SecureSupabaseClient` - Secure database access with context enforcement
78
122
  - `RBACCache` - Intelligent caching system
79
123
  - `AuditManager` - Complete audit logging
80
124
 
125
+ ## 🏢 App Context Requirements
126
+
127
+ The RBAC system supports two types of applications:
128
+
129
+ ### Organisation-Based Apps (Default)
130
+ - **Context**: Requires `organisationId` in scope
131
+ - **Use case**: User management, organisation settings, general dashboards
132
+ - **Database**: `rbac_apps.requires_event = false`
133
+
134
+ ### Event-Based Apps
135
+ - **Context**: Requires `eventId` in scope, automatically resolves `organisationId` from event
136
+ - **Use case**: Event registration, event management, event-specific reporting
137
+ - **Database**: `rbac_apps.requires_event = true`
138
+
139
+ ```typescript
140
+ // Check app configuration
141
+ import { getAppConfig } from '@jmruthers/pace-core/rbac';
142
+
143
+ const appConfig = await getAppConfig('app-123');
144
+ if (appConfig?.requires_event) {
145
+ // Event-based app - require eventId
146
+ const scope = { eventId: 'event-123', appId: 'app-123' };
147
+ } else {
148
+ // Organisation-based app - require organisationId
149
+ const scope = { organisationId: 'org-123', appId: 'app-123' };
150
+ }
151
+ ```
152
+
81
153
  ## 🔧 Basic Usage
82
154
 
83
155
  ### 1. Setup
84
156
 
85
157
  ```tsx
86
158
  import { UnifiedAuthProvider, OrganisationProvider } from '@jmruthers/pace-core';
87
- import { RBACProvider } from '@jmruthers/pace-core/rbac';
159
+ import { setRBACAppName } from '@jmruthers/pace-core/utils';
160
+
161
+ // CRITICAL: Set app name globally for RBAC resolution
162
+ const APP_NAME = import.meta.env.VITE_APP_NAME;
163
+ setRBACAppName(APP_NAME);
88
164
 
89
165
  function App() {
90
166
  return (
91
- <UnifiedAuthProvider supabaseClient={supabase} appName="my-app">
167
+ <UnifiedAuthProvider supabaseClient={supabase}>
92
168
  <OrganisationProvider>
93
- <RBACProvider>
94
- <YourApp />
95
- </RBACProvider>
169
+ <YourApp />
96
170
  </OrganisationProvider>
97
171
  </UnifiedAuthProvider>
98
172
  );
@@ -102,38 +176,26 @@ function App() {
102
176
  ### 2. Check Permissions
103
177
 
104
178
  ```tsx
105
- import { useCan } from '@jmruthers/pace-core/rbac';
106
-
107
- function UserActions({ userId }) {
108
- const { hasPermission, isLoading } = useCan();
109
-
110
- const [canEdit, setCanEdit] = useState(false);
111
- const [canDelete, setCanDelete] = useState(false);
112
-
113
- useEffect(() => {
114
- const checkPermissions = async () => {
115
- const editPerm = await hasPermission('update:users', {
116
- userId,
117
- scope: { organisationId: 'org-456' }
118
- });
119
- const deletePerm = await hasPermission('delete:users', {
120
- userId,
121
- scope: { organisationId: 'org-456' }
122
- });
123
-
124
- setCanEdit(editPerm);
125
- setCanDelete(deletePerm);
126
- };
127
-
128
- if (!isLoading) {
129
- checkPermissions();
130
- }
131
- }, [hasPermission, isLoading, userId]);
132
-
179
+ import { PagePermissionGuard } from '@jmruthers/pace-core/rbac';
180
+
181
+ function UserActions() {
133
182
  return (
134
183
  <div>
135
- {canEdit && <EditButton />}
136
- {canDelete && <DeleteButton />}
184
+ <PagePermissionGuard
185
+ pageName="users"
186
+ operation="update"
187
+ fallback={null}
188
+ >
189
+ <EditButton />
190
+ </PagePermissionGuard>
191
+
192
+ <PagePermissionGuard
193
+ pageName="users"
194
+ operation="delete"
195
+ fallback={null}
196
+ >
197
+ <DeleteButton />
198
+ </PagePermissionGuard>
137
199
  </div>
138
200
  );
139
201
  }
@@ -142,39 +204,44 @@ function UserActions({ userId }) {
142
204
  ### 3. Protect Components
143
205
 
144
206
  ```tsx
145
- import { PermissionGuard } from '@jmruthers/pace-core/rbac';
207
+ import { PagePermissionGuard } from '@jmruthers/pace-core/rbac';
146
208
 
147
209
  function AdminPanel() {
148
210
  return (
149
- <PermissionGuard
150
- userId="user-123"
151
- scope={{ organisationId: "org-456" }}
152
- permission="manage:users"
211
+ <PagePermissionGuard
212
+ pageName="admin"
213
+ operation="read"
153
214
  fallback={<div>Access denied</div>}
154
215
  >
155
216
  <UserManagement />
156
- </PermissionGuard>
217
+ </PagePermissionGuard>
157
218
  );
158
219
  }
159
220
  ```
160
221
 
161
222
  ## 🎨 Permission Format
162
223
 
163
- Permissions follow the format: `{operation}:{resource}[.{context}]`
224
+ The RBAC system uses **page-level permissions** with the format: `{operation}:page.{pageName}`
164
225
 
165
226
  ### Operations
166
- - `read` - View resources
167
- - `create` - Create new resources
168
- - `update` - Modify existing resources
169
- - `delete` - Remove resources
170
- - `manage` - Full resource management
171
-
172
- ### Examples
173
- - `read:users` - View user information
227
+ - `read` - View page content
228
+ - `create` - Create new content on page
229
+ - `update` - Modify existing content on page
230
+ - `delete` - Remove content from page
231
+ - `manage` - Full page management
232
+
233
+ ### Page-Level Examples
234
+ - `read:page.dashboard` - View dashboard page
235
+ - `create:page.users` - Create users on users page
236
+ - `update:page.settings` - Modify settings page
237
+ - `delete:page.admin` - Remove content from admin page
238
+ - `manage:page.system` - Full system page management
239
+
240
+ ### Event-App Permissions
241
+ - `read:events` - View event information
174
242
  - `create:events` - Create new events
175
- - `update:organisations` - Modify organisation settings
176
- - `delete:data` - Remove data
177
- - `manage:system` - Full system administration
243
+ - `update:events` - Modify existing events
244
+ - `delete:events` - Remove events
178
245
 
179
246
  ## 🔒 Security Features
180
247
 
package/docs/rbac/api-reference.md CHANGED
@@ -6,7 +6,7 @@ Complete API documentation for the PACE Core RBAC system.
6
6
 
7
7
  ### useCan
8
8
 
9
- Check individual permissions with caching and loading states.
9
+ Check individual permissions with caching and loading states. **Note**: For page-level permissions, prefer `PagePermissionGuard` component.
10
10
 
11
11
  ```typescript
12
12
  interface UseCanReturn {
@@ -24,18 +24,18 @@ import { useCan } from '@jmruthers/pace-core/rbac';
24
24
  import { useUnifiedAuth } from '@jmruthers/pace-core/providers';
25
25
 
26
26
  function UserActions() {
27
- const { user, selectedOrganisationId } = useUnifiedAuth();
27
+ const { user, selectedOrganisationId, selectedEventId } = useUnifiedAuth();
28
28
 
29
- // Explicit scope required for useCan
29
+ // For non-page permissions (e.g., event-app permissions)
30
30
  const { can, isLoading, error } = useCan(
31
31
  user?.id || '',
32
32
  {
33
33
  organisationId: selectedOrganisationId || '',
34
- eventId: undefined,
35
- appId: undefined
34
+ eventId: selectedEventId || undefined,
35
+ appId: undefined // Will be resolved automatically
36
36
  },
37
- 'update:users',
38
- 'page-123' // optional pageId
37
+ 'read:events', // Event-app permission
38
+ undefined // No pageId for event-app permissions
39
39
  );
40
40
 
41
41
  if (error) return <div>Error: {error.message}</div>;
@@ -43,7 +43,7 @@ function UserActions() {
43
43
 
44
44
  return (
45
45
  <div>
46
- {can && <EditButton />}
46
+ {can && <EventActions />}
47
47
  </div>
48
48
  );
49
49
  }
@@ -663,6 +663,37 @@ console.log('User permissions:', permissions);
663
663
  // { 'users': ['read', 'create'], 'events': ['read'] }
664
664
  ```
665
665
 
666
+ ### getAppConfig
667
+
668
+ Get app configuration including context requirements.
669
+
670
+ ```typescript
671
+ function getAppConfig(appId: UUID): Promise<{ requires_event: boolean } | null>;
672
+ ```
673
+
674
+ #### Usage
675
+
676
+ ```tsx
677
+ import { getAppConfig } from '@jmruthers/pace-core/rbac';
678
+
679
+ // Check app configuration
680
+ const appConfig = await getAppConfig('app-123');
681
+
682
+ if (appConfig?.requires_event) {
683
+ console.log('This is an event-based app');
684
+ // Require eventId in scope
685
+ } else {
686
+ console.log('This is an organisation-based app');
687
+ // Require organisationId in scope
688
+ }
689
+ ```
690
+
691
+ #### Return Values
692
+
693
+ - `{ requires_event: true }` - Event-based app requiring event context
694
+ - `{ requires_event: false }` - Organisation-based app requiring organisation context
695
+ - `null` - App not found or inactive
696
+
666
697
  ## Secure Client
667
698
 
668
699
  ### SecureSupabaseClient