npm - @jmruthers/pace-core - Versions diffs - 0.5.1 → 0.5.3 - Mend

@jmruthers/pace-core 0.5.1 → 0.5.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (206) hide show

package/dist/{DataTable-GX3XERFJ.js → DataTable-ZQDRE46Q.js} +7 -6
package/dist/{PublicLoadingSpinner-DztrzuJr.d.ts → PublicLoadingSpinner-Bq_-BeK-.d.ts} +1 -1
package/dist/RBACProvider-BO4ilsQB.d.ts +63 -0
package/dist/{UnifiedAuthProvider-w66zSCUf.d.ts → UnifiedAuthProvider-DGQsy-vY.d.ts} +2 -59
package/dist/{api-ETQ6YJ3C.js → api-H5A3H4IR.js} +2 -2
package/dist/{chunk-T3XIA4AJ.js → chunk-5H3C2SWM.js} +14 -16
package/dist/chunk-5H3C2SWM.js.map +1 -0
package/dist/chunk-5SIXIV7R.js +1925 -0
package/dist/chunk-5SIXIV7R.js.map +1 -0
package/dist/chunk-GNTALZV3.js +17 -0
package/dist/chunk-GNTALZV3.js.map +1 -0
package/dist/{chunk-C5G2A4PO.js → chunk-GWSBHC4J.js} +6 -6
package/dist/{chunk-XJK2J4N6.js → chunk-HD7PYDUV.js} +4 -6
package/dist/{chunk-XJK2J4N6.js.map → chunk-HD7PYDUV.js.map} +1 -1
package/dist/{chunk-TGDCLPP2.js → chunk-HXX35Q2M.js} +6 -21
package/dist/chunk-HXX35Q2M.js.map +1 -0
package/dist/{chunk-5EL3KHOQ.js → chunk-K6B7BLSE.js} +2 -2
package/dist/{chunk-GSNM5D6H.js → chunk-M4RW7PIP.js} +4 -4
package/dist/{chunk-U6JDHVC2.js → chunk-PVMYVQSM.js} +6 -8
package/dist/{chunk-U6JDHVC2.js.map → chunk-PVMYVQSM.js.map} +1 -1
package/dist/{chunk-6CR3MRZN.js → chunk-QKHFMQ5R.js} +372 -11
package/dist/{chunk-6CR3MRZN.js.map → chunk-QKHFMQ5R.js.map} +1 -1
package/dist/chunk-QVYBYGT2.js +428 -0
package/dist/chunk-QVYBYGT2.js.map +1 -0
package/dist/{chunk-OEGRKULD.js → chunk-WJARTBCT.js} +56 -1
package/dist/chunk-WJARTBCT.js.map +1 -0
package/dist/components.d.ts +4 -3
package/dist/components.js +16 -162
package/dist/components.js.map +1 -1
package/dist/hooks.d.ts +2 -2
package/dist/hooks.js +7 -9
package/dist/hooks.js.map +1 -1
package/dist/index.d.ts +8 -6
package/dist/index.js +152 -17
package/dist/index.js.map +1 -1
package/dist/providers.d.ts +3 -2
package/dist/providers.js +6 -12
package/dist/rbac/index.d.ts +167 -98
package/dist/rbac/index.js +48 -1881
package/dist/rbac/index.js.map +1 -1
package/dist/styles/core.css +0 -58
package/dist/types.d.ts +2 -2
package/dist/{unified-CM7T0aTK.d.ts → unified-CMPjE_fv.d.ts} +1 -1
package/dist/{usePublicRouteParams-B6i0KtXW.d.ts → usePublicRouteParams-B2OcAsur.d.ts} +1 -1
package/dist/utils.js +12 -14
package/dist/utils.js.map +1 -1
package/docs/api/classes/ErrorBoundary.md +1 -1
package/docs/api/classes/InvalidScopeError.md +73 -0
package/docs/api/classes/MissingUserContextError.md +66 -0
package/docs/api/classes/OrganisationContextRequiredError.md +66 -0
package/docs/api/classes/PermissionDeniedError.md +73 -0
package/docs/api/classes/PublicErrorBoundary.md +1 -1
package/docs/api/classes/RBACAuditManager.md +270 -0
package/docs/api/classes/RBACCache.md +284 -0
package/docs/api/classes/RBACEngine.md +141 -0
package/docs/api/classes/RBACError.md +76 -0
package/docs/api/classes/RBACNotInitializedError.md +66 -0
package/docs/api/classes/SecureSupabaseClient.md +135 -0
package/docs/api/interfaces/AggregateConfig.md +1 -1
package/docs/api/interfaces/ButtonProps.md +1 -1
package/docs/api/interfaces/CardProps.md +1 -1
package/docs/api/interfaces/ColorPalette.md +1 -1
package/docs/api/interfaces/ColorShade.md +1 -1
package/docs/api/interfaces/DataAccessRecord.md +96 -0
package/docs/api/interfaces/DataTableAction.md +1 -1
package/docs/api/interfaces/DataTableColumn.md +1 -1
package/docs/api/interfaces/DataTableProps.md +1 -1
package/docs/api/interfaces/DataTableToolbarButton.md +1 -1
package/docs/api/interfaces/EmptyStateConfig.md +1 -1
package/docs/api/interfaces/EnhancedNavigationMenuProps.md +235 -0
package/docs/api/interfaces/EventContextType.md +1 -1
package/docs/api/interfaces/EventLogoProps.md +1 -1
package/docs/api/interfaces/EventProviderProps.md +1 -1
package/docs/api/interfaces/FileSizeLimits.md +1 -1
package/docs/api/interfaces/FileUploadProps.md +1 -1
package/docs/api/interfaces/FooterProps.md +1 -1
package/docs/api/interfaces/InactivityWarningModalProps.md +1 -1
package/docs/api/interfaces/InputProps.md +1 -1
package/docs/api/interfaces/LabelProps.md +1 -1
package/docs/api/interfaces/LoginFormProps.md +1 -1
package/docs/api/interfaces/NavigationAccessRecord.md +107 -0
package/docs/api/interfaces/NavigationContextType.md +164 -0
package/docs/api/interfaces/NavigationGuardProps.md +139 -0
package/docs/api/interfaces/NavigationItem.md +1 -1
package/docs/api/interfaces/NavigationMenuProps.md +1 -1
package/docs/api/interfaces/NavigationProviderProps.md +117 -0
package/docs/api/interfaces/Organisation.md +1 -1
package/docs/api/interfaces/OrganisationContextType.md +1 -1
package/docs/api/interfaces/OrganisationMembership.md +2 -2
package/docs/api/interfaces/OrganisationProviderProps.md +1 -1
package/docs/api/interfaces/OrganisationSecurityError.md +1 -1
package/docs/api/interfaces/PaceAppLayoutProps.md +1 -1
package/docs/api/interfaces/PaceLoginPageProps.md +1 -1
package/docs/api/interfaces/PageAccessRecord.md +85 -0
package/docs/api/interfaces/PagePermissionContextType.md +140 -0
package/docs/api/interfaces/PagePermissionGuardProps.md +153 -0
package/docs/api/interfaces/PagePermissionProviderProps.md +119 -0
package/docs/api/interfaces/PaletteData.md +1 -1
package/docs/api/interfaces/PermissionEnforcerProps.md +153 -0
package/docs/api/interfaces/PublicErrorBoundaryProps.md +1 -1
package/docs/api/interfaces/PublicErrorBoundaryState.md +1 -1
package/docs/api/interfaces/PublicLoadingSpinnerProps.md +1 -1
package/docs/api/interfaces/PublicPageFooterProps.md +1 -1
package/docs/api/interfaces/PublicPageHeaderProps.md +1 -1
package/docs/api/interfaces/PublicPageLayoutProps.md +1 -1
package/docs/api/interfaces/RBACConfig.md +99 -0
package/docs/api/interfaces/RBACContextType.md +474 -0
package/docs/api/interfaces/RBACLogger.md +112 -0
package/docs/api/interfaces/RBACProviderProps.md +107 -0
package/docs/api/interfaces/RoleBasedRouterContextType.md +151 -0
package/docs/api/interfaces/RoleBasedRouterProps.md +156 -0
package/docs/api/interfaces/RouteAccessRecord.md +107 -0
package/docs/api/interfaces/RouteConfig.md +121 -0
package/docs/api/interfaces/SecureDataContextType.md +168 -0
package/docs/api/interfaces/SecureDataProviderProps.md +132 -0
package/docs/api/interfaces/StorageConfig.md +1 -1
package/docs/api/interfaces/StorageFileInfo.md +1 -1
package/docs/api/interfaces/StorageFileMetadata.md +1 -1
package/docs/api/interfaces/StorageListOptions.md +1 -1
package/docs/api/interfaces/StorageListResult.md +1 -1
package/docs/api/interfaces/StorageUploadOptions.md +1 -1
package/docs/api/interfaces/StorageUploadResult.md +1 -1
package/docs/api/interfaces/StorageUrlOptions.md +1 -1
package/docs/api/interfaces/StyleImport.md +1 -1
package/docs/api/interfaces/ToastActionElement.md +1 -1
package/docs/api/interfaces/ToastProps.md +1 -1
package/docs/api/interfaces/UnifiedAuthContextType.md +85 -85
package/docs/api/interfaces/UnifiedAuthProviderProps.md +1 -1
package/docs/api/interfaces/UseInactivityTrackerOptions.md +1 -1
package/docs/api/interfaces/UseInactivityTrackerReturn.md +1 -1
package/docs/api/interfaces/UsePublicEventLogoOptions.md +1 -1
package/docs/api/interfaces/UsePublicEventLogoReturn.md +1 -1
package/docs/api/interfaces/UsePublicEventOptions.md +1 -1
package/docs/api/interfaces/UsePublicEventReturn.md +1 -1
package/docs/api/interfaces/UsePublicRouteParamsReturn.md +1 -1
package/docs/api/interfaces/UserEventAccess.md +11 -11
package/docs/api/interfaces/UserMenuProps.md +1 -1
package/docs/api/interfaces/UserProfile.md +1 -1
package/docs/api/modules.md +2244 -3
package/docs/migration-guide.md +43 -18
package/docs/styles/README.md +187 -98
package/docs/usage.md +32 -7
package/package.json +2 -2
package/src/components/Footer/Footer.test.tsx +482 -0
package/src/components/Form/Form.test.tsx +1158 -0
package/src/components/Header/Header.test.tsx +582 -0
package/src/components/Header/Header.tsx +1 -1
package/src/components/InactivityWarningModal/InactivityWarningModal.test.tsx +489 -0
package/src/components/Input/Input.test.tsx +466 -0
package/src/components/LoadingSpinner/LoadingSpinner.test.tsx +450 -0
package/src/components/LoginForm/LoginForm.test.tsx +816 -0
package/src/components/NavigationMenu/NavigationMenu.test.tsx +883 -0
package/src/components/OrganisationSelector/OrganisationSelector.test.tsx +748 -0
package/src/components/PaceAppLayout/PaceAppLayout.test.tsx +891 -0
package/src/components/PaceLoginPage/PaceLoginPage.test.tsx +475 -0
package/src/components/PasswordReset/PasswordChangeForm.test.tsx +621 -0
package/src/components/PasswordReset/PasswordResetForm.test.tsx +605 -0
package/src/components/Select/Select.test.tsx +948 -0
package/src/components/SuperAdminGuard.tsx +1 -1
package/src/components/Toast/Toast.test.tsx +586 -0
package/src/components/Tooltip/Tooltip.test.tsx +852 -0
package/src/components/UserMenu/UserMenu.test.tsx +702 -0
package/src/components/UserMenu/UserMenu.tsx +2 -2
package/src/hooks/useDebounce.test.ts +375 -0
package/src/hooks/useOrganisationPermissions.test.ts +528 -0
package/src/hooks/useOrganisationSecurity.test.ts +734 -0
package/src/hooks/usePermissionCache.test.ts +542 -0
package/src/hooks/usePermissionCache.ts +1 -1
package/src/index.ts +2 -3
package/src/providers/UnifiedAuthProvider.tsx +2 -2
package/src/providers/index.ts +3 -1
package/src/rbac/__tests__/integration.test.tsx +218 -0
package/src/rbac/api.test.ts +441 -0
package/src/rbac/hooks/index.ts +21 -0
package/src/rbac/hooks/useCan.test.ts +461 -0
package/src/rbac/hooks/usePermissions.test.ts +359 -0
package/src/rbac/hooks/usePermissions.ts +567 -0
package/src/rbac/hooks/useRBAC.simple.test.ts +90 -0
package/src/rbac/hooks/useRBAC.test.ts +503 -0
package/src/{hooks → rbac/hooks}/useRBAC.ts +7 -7
package/src/rbac/index.ts +5 -10
package/src/{providers → rbac/providers}/RBACProvider.tsx +6 -6
package/src/rbac/providers/__tests__/RBACProvider.test.tsx +687 -0
package/src/rbac/providers/index.ts +11 -0
package/src/styles/core.css +0 -58
package/src/utils/formatDate.test.ts +241 -0
package/dist/chunk-AUE24LVR.js +0 -268
package/dist/chunk-AUE24LVR.js.map +0 -1
package/dist/chunk-COBPIXXQ.js +0 -379
package/dist/chunk-COBPIXXQ.js.map +0 -1
package/dist/chunk-OEGRKULD.js.map +0 -1
package/dist/chunk-OYRY44Q2.js +0 -62
package/dist/chunk-OYRY44Q2.js.map +0 -1
package/dist/chunk-T3XIA4AJ.js.map +0 -1
package/dist/chunk-TGDCLPP2.js.map +0 -1
package/src/components/RBAC/PagePermissionGuard.tsx +0 -287
package/src/components/RBAC/RBACGuard.tsx +0 -143
package/src/components/RBAC/RBACProvider.tsx +0 -186
package/src/components/RBAC/RoleBasedContent.tsx +0 -129
package/src/components/RBAC/index.ts +0 -23
package/src/rbac/hooks.ts +0 -570
/package/dist/{DataTable-GX3XERFJ.js.map → DataTable-ZQDRE46Q.js.map} +0 -0
/package/dist/{api-ETQ6YJ3C.js.map → api-H5A3H4IR.js.map} +0 -0
/package/dist/{chunk-C5G2A4PO.js.map → chunk-GWSBHC4J.js.map} +0 -0
/package/dist/{chunk-5EL3KHOQ.js.map → chunk-K6B7BLSE.js.map} +0 -0
/package/dist/{chunk-GSNM5D6H.js.map → chunk-M4RW7PIP.js.map} +0 -0

package/src/hooks/useOrganisationPermissions.test.ts ADDED Viewed

@@ -0,0 +1,528 @@
+/**
+ * @file useOrganisationPermissions Hook Tests
+ * @description Comprehensive tests for the useOrganisationPermissions hook
+ */
+import { renderHook, act } from '@testing-library/react';
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+import { useOrganisationPermissions } from './useOrganisationPermissions';
+import { useOrganisations } from '../providers/OrganisationProvider';
+import type { Organisation, OrganisationRole, OrganisationPermission } from '../types/organisation';
+// Mock the OrganisationProvider
+vi.mock('../providers/OrganisationProvider', () => ({
+  useOrganisations: vi.fn()
+}));
+const mockUseOrganisations = vi.mocked(useOrganisations);
+describe('useOrganisationPermissions Hook', () => {
+  const mockOrganisation: Organisation = {
+    id: 'org-123',
+    name: 'test-org',
+    display_name: 'Test Organisation',
+    subscription_tier: 'standard',
+    settings: {},
+    is_active: true,
+    created_at: '2024-01-01T00:00:00Z',
+    updated_at: '2024-01-01T00:00:00Z'
+  };
+  const mockOrganisationContext = {
+    selectedOrganisation: mockOrganisation,
+    organisations: [mockOrganisation],
+    userMemberships: [],
+    isLoading: false,
+    error: null,
+    hasValidOrganisationContext: true,
+    setSelectedOrganisation: vi.fn(),
+    switchOrganisation: vi.fn(),
+    getUserRole: vi.fn(),
+    validateOrganisationAccess: vi.fn(),
+    refreshOrganisations: vi.fn(),
+    ensureOrganisationContext: vi.fn(),
+    isOrganisationSecure: vi.fn(),
+    getPrimaryOrganisation: vi.fn()
+  };
+  beforeEach(() => {
+    vi.clearAllMocks();
+    mockUseOrganisations.mockReturnValue(mockOrganisationContext);
+  });
+  describe('Initialization', () => {
+    it('initializes with no access when no organisation context', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        selectedOrganisation: null,
+        hasValidOrganisationContext: false
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(result.current.userRole).toBe('no_access');
+      expect(result.current.hasOrganisationAccess).toBe(false);
+      expect(result.current.isOrgAdmin).toBe(false);
+      expect(result.current.isSuperAdmin).toBe(false);
+      expect(result.current.canModerate).toBe(false);
+      expect(result.current.canManageMembers).toBe(false);
+      expect(result.current.canManageSettings).toBe(false);
+      expect(result.current.canManageEvents).toBe(false);
+      expect(result.current.hasAdminPrivileges).toBe(false);
+    });
+    it('initializes with organisation context', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('member'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(true),
+        ensureOrganisationContext: vi.fn().mockReturnValue(mockOrganisation)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(result.current.organisationId).toBe('org-123');
+      expect(result.current.hasOrganisationAccess).toBe(true);
+    });
+    it('initializes with specific organisation ID', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('member'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(true)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions('org-456'));
+      expect(result.current.organisationId).toBe('org-456');
+    });
+  });
+  describe('Role-based Permissions', () => {
+    it('handles supporter role correctly', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('supporter'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(true),
+        ensureOrganisationContext: vi.fn().mockReturnValue(mockOrganisation)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(result.current.userRole).toBe('supporter');
+      expect(result.current.isOrgAdmin).toBe(false);
+      expect(result.current.isSuperAdmin).toBe(false);
+      expect(result.current.canModerate).toBe(false);
+      expect(result.current.canManageMembers).toBe(false);
+      expect(result.current.canManageSettings).toBe(false);
+      expect(result.current.canManageEvents).toBe(false);
+      expect(result.current.hasAdminPrivileges).toBe(false);
+    });
+    it('handles member role correctly', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('member'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(true),
+        ensureOrganisationContext: vi.fn().mockReturnValue(mockOrganisation)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(result.current.userRole).toBe('member');
+      expect(result.current.isOrgAdmin).toBe(false);
+      expect(result.current.isSuperAdmin).toBe(false);
+      expect(result.current.canModerate).toBe(false);
+      expect(result.current.canManageMembers).toBe(false);
+      expect(result.current.canManageSettings).toBe(false);
+      expect(result.current.canManageEvents).toBe(false);
+      expect(result.current.hasAdminPrivileges).toBe(false);
+    });
+    it('handles leader role correctly', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('leader'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(true),
+        ensureOrganisationContext: vi.fn().mockReturnValue(mockOrganisation)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(result.current.userRole).toBe('leader');
+      expect(result.current.isOrgAdmin).toBe(false);
+      expect(result.current.isSuperAdmin).toBe(false);
+      expect(result.current.canModerate).toBe(true);
+      expect(result.current.canManageMembers).toBe(false);
+      expect(result.current.canManageSettings).toBe(false);
+      expect(result.current.canManageEvents).toBe(true);
+      expect(result.current.hasAdminPrivileges).toBe(false);
+    });
+    it('handles org_admin role correctly', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('org_admin'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(true),
+        ensureOrganisationContext: vi.fn().mockReturnValue(mockOrganisation)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(result.current.userRole).toBe('org_admin');
+      expect(result.current.isOrgAdmin).toBe(true);
+      expect(result.current.isSuperAdmin).toBe(true); // org_admin acts as super admin within org
+      expect(result.current.canModerate).toBe(true);
+      expect(result.current.canManageMembers).toBe(true);
+      expect(result.current.canManageSettings).toBe(true);
+      expect(result.current.canManageEvents).toBe(true);
+      expect(result.current.hasAdminPrivileges).toBe(true);
+    });
+    it('handles no_access role correctly', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('no_access'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(false),
+        ensureOrganisationContext: vi.fn().mockReturnValue(mockOrganisation)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(result.current.userRole).toBe('no_access');
+      expect(result.current.hasOrganisationAccess).toBe(false);
+      expect(result.current.isOrgAdmin).toBe(false);
+      expect(result.current.isSuperAdmin).toBe(false);
+      expect(result.current.canModerate).toBe(false);
+      expect(result.current.canManageMembers).toBe(false);
+      expect(result.current.canManageSettings).toBe(false);
+      expect(result.current.canManageEvents).toBe(false);
+      expect(result.current.hasAdminPrivileges).toBe(false);
+    });
+  });
+  describe('Permission Checking', () => {
+    it('hasPermission returns false for no access', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('no_access'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(false)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(result.current.hasPermission('view_basic')).toBe(false);
+      expect(result.current.hasPermission('manage_members')).toBe(false);
+    });
+    it('hasPermission returns correct permissions for supporter', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('supporter'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(true),
+        ensureOrganisationContext: vi.fn().mockReturnValue(mockOrganisation)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(result.current.hasPermission('view_basic')).toBe(true);
+      expect(result.current.hasPermission('view_details')).toBe(false);
+      expect(result.current.hasPermission('moderate_content')).toBe(false);
+      expect(result.current.hasPermission('manage_events')).toBe(false);
+      expect(result.current.hasPermission('manage_members')).toBe(false);
+      expect(result.current.hasPermission('manage_settings')).toBe(false);
+    });
+    it('hasPermission returns correct permissions for member', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('member'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(true),
+        ensureOrganisationContext: vi.fn().mockReturnValue(mockOrganisation)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(result.current.hasPermission('view_basic')).toBe(true);
+      expect(result.current.hasPermission('view_details')).toBe(true);
+      expect(result.current.hasPermission('moderate_content')).toBe(false);
+      expect(result.current.hasPermission('manage_events')).toBe(false);
+      expect(result.current.hasPermission('manage_members')).toBe(false);
+      expect(result.current.hasPermission('manage_settings')).toBe(false);
+    });
+    it('hasPermission returns correct permissions for leader', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('leader'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(true),
+        ensureOrganisationContext: vi.fn().mockReturnValue(mockOrganisation)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(result.current.hasPermission('view_basic')).toBe(true);
+      expect(result.current.hasPermission('view_details')).toBe(true);
+      expect(result.current.hasPermission('moderate_content')).toBe(true);
+      expect(result.current.hasPermission('manage_events')).toBe(true);
+      expect(result.current.hasPermission('manage_members')).toBe(false);
+      expect(result.current.hasPermission('manage_settings')).toBe(false);
+    });
+    it('hasPermission returns correct permissions for org_admin', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('org_admin'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(true),
+        ensureOrganisationContext: vi.fn().mockReturnValue(mockOrganisation)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(result.current.hasPermission('view_basic')).toBe(true);
+      expect(result.current.hasPermission('view_details')).toBe(true);
+      expect(result.current.hasPermission('moderate_content')).toBe(true);
+      expect(result.current.hasPermission('manage_events')).toBe(true);
+      expect(result.current.hasPermission('manage_members')).toBe(true);
+      expect(result.current.hasPermission('manage_settings')).toBe(true);
+    });
+    it('hasPermission returns true for wildcard permission for org_admin', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('org_admin'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(true),
+        ensureOrganisationContext: vi.fn().mockReturnValue(mockOrganisation)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(result.current.hasPermission('*')).toBe(true);
+    });
+  });
+  describe('getAllPermissions', () => {
+    it('returns empty array for no access', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('no_access'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(false)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(result.current.getAllPermissions()).toEqual([]);
+    });
+    it('returns correct permissions for supporter', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('supporter'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(true),
+        ensureOrganisationContext: vi.fn().mockReturnValue(mockOrganisation)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(result.current.getAllPermissions()).toEqual(['view_basic']);
+    });
+    it('returns correct permissions for member', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('member'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(true),
+        ensureOrganisationContext: vi.fn().mockReturnValue(mockOrganisation)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(result.current.getAllPermissions()).toEqual(['view_basic', 'view_details']);
+    });
+    it('returns correct permissions for leader', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('leader'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(true),
+        ensureOrganisationContext: vi.fn().mockReturnValue(mockOrganisation)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(result.current.getAllPermissions()).toEqual([
+        'view_basic',
+        'view_details',
+        'moderate_content',
+        'manage_events'
+      ]);
+    });
+    it('returns correct permissions for org_admin', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('org_admin'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(true),
+        ensureOrganisationContext: vi.fn().mockReturnValue(mockOrganisation)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(result.current.getAllPermissions()).toEqual([
+        'view_basic',
+        'view_details',
+        'moderate_content',
+        'manage_events',
+        'manage_members',
+        'manage_settings'
+      ]);
+    });
+  });
+  describe('Organisation Access Validation', () => {
+    it('returns false when organisation access is invalid', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('member'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(false)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(result.current.hasOrganisationAccess).toBe(false);
+    });
+    it('returns true when organisation access is valid', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('member'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(true),
+        ensureOrganisationContext: vi.fn().mockReturnValue(mockOrganisation)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(result.current.hasOrganisationAccess).toBe(true);
+    });
+  });
+  describe('Edge Cases', () => {
+    it('handles missing organisation context gracefully', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        selectedOrganisation: null,
+        hasValidOrganisationContext: false,
+        ensureOrganisationContext: vi.fn().mockImplementation(() => {
+          throw new Error('No organisation context');
+        })
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(result.current.organisationId).toBe('');
+      expect(result.current.userRole).toBe('no_access');
+      expect(result.current.hasOrganisationAccess).toBe(false);
+    });
+    it('handles invalid organisation ID', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('no_access'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(false)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions('invalid-org'));
+      expect(result.current.organisationId).toBe('invalid-org');
+      expect(result.current.userRole).toBe('no_access');
+      expect(result.current.hasOrganisationAccess).toBe(false);
+    });
+    it('handles undefined organisation ID parameter', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('member'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(true),
+        ensureOrganisationContext: vi.fn().mockReturnValue(mockOrganisation)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions(undefined));
+      expect(result.current.organisationId).toBe('org-123');
+    });
+  });
+  describe('Memoization', () => {
+    it('maintains stable references when dependencies do not change', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('member'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(true),
+        ensureOrganisationContext: vi.fn().mockReturnValue(mockOrganisation)
+      });
+      const { result, rerender } = renderHook(() => useOrganisationPermissions());
+      const firstResult = result.current;
+      rerender();
+      const secondResult = result.current;
+      expect(firstResult.hasPermission).toBe(secondResult.hasPermission);
+      expect(firstResult.getAllPermissions).toBe(secondResult.getAllPermissions);
+    });
+    it('updates when organisation context changes', () => {
+      const { result, rerender } = renderHook(() => useOrganisationPermissions());
+      // Initial state
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('member'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(true),
+        ensureOrganisationContext: vi.fn().mockReturnValue(mockOrganisation)
+      });
+      rerender();
+      expect(result.current.userRole).toBe('member');
+      // Change role
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('leader'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(true),
+        ensureOrganisationContext: vi.fn().mockReturnValue(mockOrganisation)
+      });
+      rerender();
+      expect(result.current.userRole).toBe('leader');
+    });
+  });
+  describe('Type Safety', () => {
+    it('returns correct types for all properties', () => {
+      mockUseOrganisations.mockReturnValue({
+        ...mockOrganisationContext,
+        getUserRole: vi.fn().mockReturnValue('member'),
+        validateOrganisationAccess: vi.fn().mockReturnValue(true),
+        ensureOrganisationContext: vi.fn().mockReturnValue(mockOrganisation)
+      });
+      const { result } = renderHook(() => useOrganisationPermissions());
+      expect(typeof result.current.userRole).toBe('string');
+      expect(typeof result.current.organisationId).toBe('string');
+      expect(typeof result.current.hasOrganisationAccess).toBe('boolean');
+      expect(typeof result.current.isOrgAdmin).toBe('boolean');
+      expect(typeof result.current.isSuperAdmin).toBe('boolean');
+      expect(typeof result.current.canModerate).toBe('boolean');
+      expect(typeof result.current.canManageMembers).toBe('boolean');
+      expect(typeof result.current.canManageSettings).toBe('boolean');
+      expect(typeof result.current.canManageEvents).toBe('boolean');
+      expect(typeof result.current.hasAdminPrivileges).toBe('boolean');
+      expect(typeof result.current.hasPermission).toBe('function');
+      expect(typeof result.current.getAllPermissions).toBe('function');
+    });
+  });
+});