@jmruthers/pace-core 0.5.113 → 0.5.115

package/docs/api/interfaces/PublicLoadingSpinnerProps.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / PublicLoadingSpinnerProps
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / PublicLoadingSpinnerProps
 
 # Interface: PublicLoadingSpinnerProps
 

package/docs/api/interfaces/PublicPageFooterProps.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / PublicPageFooterProps
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / PublicPageFooterProps
 
 # Interface: PublicPageFooterProps
 

package/docs/api/interfaces/PublicPageHeaderProps.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / PublicPageHeaderProps
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / PublicPageHeaderProps
 
 # Interface: PublicPageHeaderProps
 

package/docs/api/interfaces/PublicPageLayoutProps.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / PublicPageLayoutProps
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / PublicPageLayoutProps
 
 # Interface: PublicPageLayoutProps
 

package/docs/api/interfaces/RBACConfig.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / RBACConfig
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / RBACConfig
 
 # Interface: RBACConfig
 

package/docs/api/interfaces/RBACLogger.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / RBACLogger
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / RBACLogger
 
 # Interface: RBACLogger
 

package/docs/api/interfaces/RoleBasedRouterContextType.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / RoleBasedRouterContextType
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / RoleBasedRouterContextType
 
 # Interface: RoleBasedRouterContextType
 

package/docs/api/interfaces/RoleBasedRouterProps.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / RoleBasedRouterProps
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / RoleBasedRouterProps
 
 # Interface: RoleBasedRouterProps
 

package/docs/api/interfaces/RouteAccessRecord.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / RouteAccessRecord
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / RouteAccessRecord
 
 # Interface: RouteAccessRecord
 

package/docs/api/interfaces/RouteConfig.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / RouteConfig
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / RouteConfig
 
 # Interface: RouteConfig
 

package/docs/api/interfaces/SecureDataContextType.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / SecureDataContextType
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / SecureDataContextType
 
 # Interface: SecureDataContextType
 

package/docs/api/interfaces/SecureDataProviderProps.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / SecureDataProviderProps
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / SecureDataProviderProps
 
 # Interface: SecureDataProviderProps
 

package/docs/api/interfaces/StorageConfig.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / StorageConfig
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / StorageConfig
 
 # Interface: StorageConfig
 

package/docs/api/interfaces/StorageFileInfo.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / StorageFileInfo
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / StorageFileInfo
 
 # Interface: StorageFileInfo
 

package/docs/api/interfaces/StorageFileMetadata.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / StorageFileMetadata
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / StorageFileMetadata
 
 # Interface: StorageFileMetadata
 

package/docs/api/interfaces/StorageListOptions.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / StorageListOptions
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / StorageListOptions
 
 # Interface: StorageListOptions
 

package/docs/api/interfaces/StorageListResult.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / StorageListResult
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / StorageListResult
 
 # Interface: StorageListResult
 

package/docs/api/interfaces/StorageUploadOptions.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / StorageUploadOptions
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / StorageUploadOptions
 
 # Interface: StorageUploadOptions
 

package/docs/api/interfaces/StorageUploadResult.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / StorageUploadResult
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / StorageUploadResult
 
 # Interface: StorageUploadResult
 

package/docs/api/interfaces/StorageUrlOptions.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / StorageUrlOptions
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / StorageUrlOptions
 
 # Interface: StorageUrlOptions
 

package/docs/api/interfaces/StyleImport.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / StyleImport
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / StyleImport
 
 # Interface: StyleImport
 

package/docs/api/interfaces/SwitchProps.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / SwitchProps
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / SwitchProps
 
 # Interface: SwitchProps
 

package/docs/api/interfaces/ToastActionElement.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / ToastActionElement
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / ToastActionElement
 
 # Interface: ToastActionElement
 

package/docs/api/interfaces/ToastProps.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / ToastProps
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / ToastProps
 
 # Interface: ToastProps
 

package/docs/api/interfaces/UnifiedAuthContextType.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / UnifiedAuthContextType
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / UnifiedAuthContextType
 
 # Interface: UnifiedAuthContextType
 

package/docs/api/interfaces/UnifiedAuthProviderProps.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / UnifiedAuthProviderProps
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / UnifiedAuthProviderProps
 
 # Interface: UnifiedAuthProviderProps
 

package/docs/api/interfaces/UseInactivityTrackerOptions.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / UseInactivityTrackerOptions
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / UseInactivityTrackerOptions
 
 # Interface: UseInactivityTrackerOptions
 

package/docs/api/interfaces/UseInactivityTrackerReturn.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / UseInactivityTrackerReturn
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / UseInactivityTrackerReturn
 
 # Interface: UseInactivityTrackerReturn
 

package/docs/api/interfaces/UsePublicEventOptions.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / UsePublicEventOptions
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / UsePublicEventOptions
 
 # Interface: UsePublicEventOptions
 

package/docs/api/interfaces/UsePublicEventReturn.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / UsePublicEventReturn
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / UsePublicEventReturn
 
 # Interface: UsePublicEventReturn
 

package/docs/api/interfaces/UsePublicFileDisplayOptions.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / UsePublicFileDisplayOptions
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / UsePublicFileDisplayOptions
 
 # Interface: UsePublicFileDisplayOptions
 

package/docs/api/interfaces/UsePublicFileDisplayReturn.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / UsePublicFileDisplayReturn
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / UsePublicFileDisplayReturn
 
 # Interface: UsePublicFileDisplayReturn
 

package/docs/api/interfaces/UsePublicRouteParamsReturn.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / UsePublicRouteParamsReturn
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / UsePublicRouteParamsReturn
 
 # Interface: UsePublicRouteParamsReturn
 

package/docs/api/interfaces/UseResolvedScopeOptions.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / UseResolvedScopeOptions
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / UseResolvedScopeOptions
 
 # Interface: UseResolvedScopeOptions
 

package/docs/api/interfaces/UseResolvedScopeReturn.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / UseResolvedScopeReturn
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / UseResolvedScopeReturn
 
 # Interface: UseResolvedScopeReturn
 

package/docs/api/interfaces/UserEventAccess.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / UserEventAccess
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / UserEventAccess
 
 # Interface: UserEventAccess
 

package/docs/api/interfaces/UserMenuProps.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / UserMenuProps
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / UserMenuProps
 
 # Interface: UserMenuProps
 

package/docs/api/interfaces/UserProfile.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.113](../README.md) / [Exports](../modules.md) / UserProfile
+[@jmruthers/pace-core - v0.5.115](../README.md) / [Exports](../modules.md) / UserProfile
 
 # Interface: UserProfile
 

package/docs/api/modules.md

@@ -1,6 +1,6 @@
-[@jmruthers/pace-core - v0.5.113](README.md) / Exports
+[@jmruthers/pace-core - v0.5.115](README.md) / Exports
 
-# @jmruthers/pace-core - v0.5.113
+# @jmruthers/pace-core - v0.5.115
 
 **`File`**
 
@@ -1572,7 +1572,7 @@ ___
 
 #### Defined in
 
-[packages/core/src/components/Dialog/Dialog.tsx:706](https://github.com/jmruthers/pace-core/blob/main/packages/core/src/components/Dialog/Dialog.tsx#L706)
+[packages/core/src/components/Dialog/Dialog.tsx:707](https://github.com/jmruthers/pace-core/blob/main/packages/core/src/components/Dialog/Dialog.tsx#L707)
 
 ___
 
@@ -1592,7 +1592,7 @@ ___
 
 #### Defined in
 
-[packages/core/src/components/Dialog/Dialog.tsx:741](https://github.com/jmruthers/pace-core/blob/main/packages/core/src/components/Dialog/Dialog.tsx#L741)
+[packages/core/src/components/Dialog/Dialog.tsx:742](https://github.com/jmruthers/pace-core/blob/main/packages/core/src/components/Dialog/Dialog.tsx#L742)
 
 ___
 
@@ -4386,12 +4386,12 @@ Object with toast state and control methods
 | Name | Type | Description |
 | :------ | :------ | :------ |
 | `toasts` | `ToasterToast`[] | Array of active toasts |
-| `toast` | (`props`: `Toast`) => \{ `id`: `string` = id; `dismiss`: () => `void` ; `update`: (`props`: `Partial`\<`Omit`\<`ToasterToast`, ``"id"``\>\>) => `void`  } | Creates a new toast notification |
+| `toast` | (`props`: `Toast`) => \{ `id`: `string` = id; `dismiss`: () => `void` ; `update`: (`props`: `Partial`\<`Omit`\<`ToasterToast`, ``"id"`` \| ``"duration"``\>\>) => `void`  } | Creates a new toast notification |
 | `dismiss` | (`toastId?`: `string`) => `void` | - |
 
 #### Defined in
 
-[packages/core/src/hooks/useToast.ts:230](https://github.com/jmruthers/pace-core/blob/main/packages/core/src/hooks/useToast.ts#L230)
+[packages/core/src/hooks/useToast.ts:229](https://github.com/jmruthers/pace-core/blob/main/packages/core/src/hooks/useToast.ts#L229)
 
 ___
 

package/docs/architecture/rpc-function-standards.md

@@ -120,13 +120,16 @@ BEGIN
     
     -- 4. Dynamic RBAC permission check (replaces manual organisation/event checks)
     -- Use rbac_check_permission_simplified() for consistency with RLS policies
+    -- ⚠️ CRITICAL: Permission format must match what rbac_permissions_get returns
+    -- Format: 'operation:page.{pageName}' (e.g., 'read:page.dishes', 'create:page.meals')
+    -- The permission string is passed to rbac_permissions_get and must match exactly
     IF NOT rbac_check_permission_simplified(
         COALESCE(p_user_id, auth.uid()),
-        'read:resource',  -- Format: operation:resource (e.g., 'read:meals', 'create:events')
+        'read:page.dishes',  -- Format: operation:page.{pageName} - MUST match rbac_permissions_get output
         p_organisation_id,
-        NULL,  -- p_event_id if event-scoped, NULL if org-scoped
+        p_event_id,  -- p_event_id if event-scoped, NULL if org-scoped
         (SELECT id FROM rbac_apps WHERE name = 'CAKE' LIMIT 1),  -- p_app_id
-        'resource'  -- p_page_id (page name from rbac_app_pages)
+        'dishes'  -- p_page_id (page name from rbac_app_pages)
     ) THEN
         RETURN; -- No permission
     END IF;
@@ -258,13 +261,15 @@ BEGIN
     END IF;
     
     -- Use rbac_check_permission_simplified for dynamic RBAC checking
+    -- ⚠️ CRITICAL: Permission format must be 'operation:page.{pageName}'
+    -- This matches the format returned by rbac_permissions_get()
     IF NOT rbac_check_permission_simplified(
         p_user_id,
-        'read:meals',
+        'read:page.meals',  -- Format: operation:page.{pageName}
         p_organisation_id,
         p_event_id,
         (SELECT id FROM rbac_apps WHERE name = 'CAKE' LIMIT 1),
-        'meals'
+        'meals'  -- Page name (resolved to page ID internally)
     ) THEN
         RETURN; -- No permission
     END IF;
@@ -376,11 +381,11 @@ CREATE POLICY "rbac_cake_meal_select" ON cake_meal
       is_user_super_admin()
       OR rbac_check_permission_simplified(
         auth.uid(),
-        'read:meals',
+        'read:page.meals',  -- Format: operation:page.{pageName}
         organisation_id,
         meal_event_id,
         (SELECT id FROM rbac_apps WHERE name = 'CAKE' LIMIT 1),
-        'meals'
+        'meals'  -- Page name
       )
     )
   );
@@ -396,11 +401,11 @@ BEGIN
         v_is_super_admin OR
         rbac_check_permission_simplified(
             p_user_id,
-            'read:meals',
+            'read:page.meals',  -- Format: operation:page.{pageName}
             p_organisation_id,
             p_event_id,
             (SELECT id FROM rbac_apps WHERE name = 'CAKE' LIMIT 1),
-            'meals'
+            'meals'  -- Page name
         )
     ) THEN
         RETURN;
@@ -598,11 +603,91 @@ SELECT * FROM data_user_events_get(NULL, 'user-id', 'org-123');
 -- Should return empty gracefully
 ```
 
+## Permission Format
+
+### ⚠️ CRITICAL: Correct Permission Format
+
+**The permission string format is critical and must match exactly what `rbac_permissions_get()` returns.**
+
+#### Correct Format
+
+```sql
+-- ✅ CORRECT: Format is 'operation:page.{pageName}'
+rbac_check_permission_simplified(
+    p_user_id,
+    'create:page.dishes',      -- Format: operation:page.{pageName}
+    p_organisation_id,
+    p_event_id,
+    v_app_id,
+    'dishes'                   -- Page name (resolved to page ID internally)
+)
+```
+
+#### Common Mistakes
+
+```sql
+-- ❌ WRONG: Missing 'page.' prefix
+'create:dishes'
+
+-- ❌ WRONG: Wrong separator
+'create:page/dishes'
+
+-- ❌ WRONG: Wrong format entirely
+'dishes:create'
+```
+
+#### How to Determine the Correct Format
+
+1. **Check existing migrations** - Look at recent migrations that work
+2. **Check RLS policies** - Use the same format as RLS policies for the same resource
+3. **Verify with rbac_permissions_get** - The permission string must match what this function returns in the `permission_type` column
+
+#### Examples by Operation Type
+
+```sql
+-- Page-based permissions (most common)
+'read:page.dishes'      -- Read dishes page
+'create:page.dishes'    -- Create dishes
+'update:page.dishes'     -- Update dishes
+'delete:page.dishes'     -- Delete dishes
+
+'read:page.meals'        -- Read meals page
+'read:page.distribution' -- Read distribution page
+'read:page.deliveries'   -- Read deliveries page
+
+-- File-based permissions (special case)
+'read:files'             -- Read files
+'create:files'           -- Create files
+'delete:files'           -- Delete files
+```
+
+#### Parameter Guidelines
+
+```sql
+rbac_check_permission_simplified(
+    p_user_id,                    -- User ID (required)
+    'create:page.dishes',         -- Permission string (format: operation:page.{pageName})
+    p_organisation_id,            -- Organisation ID (required for non-super-admin)
+    p_event_id,                   -- Event ID (optional, for event-scoped permissions)
+    v_app_id,                     -- App ID (required, usually CAKE app)
+    'dishes'                      -- Page name (required, matches the page name in rbac_app_pages)
+)
+```
+
 ## Migration Guidelines
 
 ### Creating New Functions
 
-1. **Create migration file**: `YYYYMMDDHHMMSS_descriptive_name.sql`
+1. **Create migration file with correct timestamp**:
+   ```bash
+   # Generate timestamp: YYYYMMDDHHMMSS
+   date +%Y%m%d%H%M%S
+   # Example output: 20251104113510
+   
+   # Create file: supabase/migrations/20251104113510_descriptive_name.sql
+   ```
+   ⚠️ **CRITICAL**: Always generate a NEW timestamp for each migration. Never reuse timestamps from previous migrations, even if they haven't been pushed yet.
+
 2. **Add function**: Use standard template above
 3. **Add comments**: Document purpose, parameters, returns
 4. **Add grants**: `GRANT EXECUTE ON FUNCTION ... TO authenticated;`
@@ -610,6 +695,28 @@ SELECT * FROM data_user_events_get(NULL, 'user-id', 'org-123');
 6. **Regenerate types**: Run `npm run generate-types` to automatically generate TypeScript types from the database schema
 7. **Verify types**: Check that `Database['public']['Functions']['function_name']` exists in `packages/core/src/types/database.generated.ts`
 
+### ⚠️ Common Migration Mistakes
+
+1. **Reusing old migration timestamps**: 
+   - ❌ **WRONG**: Reusing `20251104113047` if it's already been pushed
+   - ✅ **CORRECT**: Generate new timestamp: `date +%Y%m%d%H%M%S` → `20251104113510`
+   - Always create a NEW file with a NEW timestamp for each migration
+
+2. **Wrong permission format**: 
+   - ❌ **WRONG**: `'create:dishes'` or `'read:meals'`
+   - ✅ **CORRECT**: `'create:page.dishes'` or `'read:page.meals'`
+   - Always use `'operation:page.{pageName}'` format, not `'operation:resource'`
+   - The format must match exactly what `rbac_permissions_get()` returns
+
+3. **Missing page_id parameter**: Always provide the page name as the last parameter (e.g., `'dishes'`, `'meals'`, `'distribution'`)
+
+4. **Ambiguous column references**: 
+   - ❌ **WRONG**: `SELECT mealtype_name FROM cake_mealtype`
+   - ✅ **CORRECT**: `SELECT cake_mealtype.mealtype_name FROM cake_mealtype`
+   - Always fully qualify table names when there might be ambiguity
+
+5. **Not checking existing migrations**: Before creating a new migration, check if a similar one already exists to avoid duplicates
+
 ### Updating Existing Functions
 
 1. **Use `CREATE OR REPLACE FUNCTION`** - Ensures idempotency
@@ -735,6 +842,7 @@ $$;
 
 When creating or reviewing an RPC function, ensure:
 
+### Function Structure
 - ✅ Follows naming convention: `<family>_<domain>_<verb>`
 - ✅ Uses `SECURITY DEFINER`
 - ✅ Sets `search_path TO 'public'`
@@ -742,7 +850,7 @@ When creating or reviewing an RPC function, ensure:
 - ✅ Checks super_admin status (if applicable)
 - ✅ Validates organisation membership (if applicable)
 - ✅ Validates event access (if event-scoped)
-- ✅ Uses proper error handling
+- ✅ Uses proper error handling with `EXCEPTION WHEN OTHERS`
 - ✅ Returns empty on error (fail-secure)
 - ✅ Has documentation comments
 - ✅ Uses descriptive parameter names (`p_` prefix)
@@ -751,6 +859,18 @@ When creating or reviewing an RPC function, ensure:
 - ✅ Includes `GRANT EXECUTE` statement
 - ✅ Tested with various scenarios
 
+### ⚠️ Critical Permission Format
+- ✅ **Permission format is correct**: `'operation:page.{pageName}'` (e.g., `'create:page.dishes'`, `'read:page.meals'`)
+- ✅ **NOT using wrong format**: `'operation:resource'` (e.g., `'create:dishes'`, `'read:meals'`)
+- ✅ **Page name parameter provided**: Last parameter is the page name (e.g., `'dishes'`, `'meals'`)
+- ✅ **Permission format matches rbac_permissions_get output**: Verify by checking existing working migrations
+
+### ⚠️ Migration File Requirements
+- ✅ **New timestamp generated**: Run `date +%Y%m%d%H%M%S` to get current timestamp
+- ✅ **New file created**: Never reuse timestamps from previous migrations
+- ✅ **File naming**: `YYYYMMDDHHMMSS_descriptive_name.sql`
+- ✅ **No ambiguous column references**: Fully qualify table names (e.g., `cake_mealtype.mealtype_name`)
+
 ## References
 
 - [RBAC System Documentation](../core-concepts/rbac-system.md)

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@jmruthers/pace-core",
-  "version": "0.5.113",
+  "version": "0.5.115",
   "description": "Clean, modern React component library with Tailwind v4 styling and native utilities",
   "private": false,
   "publishConfig": {

package/src/components/DataTable/components/DataTableCore.tsx

@@ -1053,21 +1053,9 @@ function DataTableInternal<TData extends DataRecord>({
                       accessorFn: hasAccessorFn ? (originalCol as any).accessorFn : undefined,
                     });
                     
-                    // For reference fields (accessorFn + editAccessorKey), also add ID column
-                    // This allows round-trip import/export to work seamlessly
-                    if (hasAccessorFn && editAccessorKey) {
-                      // Use the same string fallback logic as the display column to ensure
-                      // JSX headers are converted to strings (e.g., accessorKey or column ID)
-                      // This prevents "[object Object] (ID)" in the CSV header
-                      const idHeader = `${displayHeader} (ID)`;
-                      visibleColumns.push({
-                        id: editAccessorKey,
-                        accessorKey: editAccessorKey,
-                        header: idHeader,
-                        isIdColumn: true,
-                        editAccessorKey: editAccessorKey,
-                      });
-                    }
+                    // Note: We do NOT export editAccessorKey fields as separate columns
+                    // Only visible columns (with their display values via accessorFn) are exported
+                    // This ensures exports match what users see in the table
                   });
                   
                   // Generate filename with timestamp

package/src/components/DataTable/components/ImportModal.tsx

@@ -125,6 +125,23 @@ export function ImportModal({ isOpen, onClose, onImport, config = {} }: ImportMo
     };
   }, []);
 
+  // Reset state when modal opens/closes to ensure clean initial state
+  useEffect(() => {
+    if (!isOpen) {
+      // Reset all state when modal is closed
+      setFile(null);
+      setPreviewData(null);
+      setTotalCount(0);
+      setError(null);
+      setValidationErrors([]);
+      setIsProcessing(false);
+      // Reset file input
+      if (fileInputRef.current) {
+        fileInputRef.current.value = '';
+      }
+    }
+  }, [isOpen]);
+
   // Extract config with defaults
   const {
     title = 'Import Data',
@@ -321,7 +338,7 @@ export function ImportModal({ isOpen, onClose, onImport, config = {} }: ImportMo
           )}
 
 
-          {previewData && previewData.length > 0 && (
+          {file && previewData && previewData.length > 0 ? (
             <div className="space-y-3">
               <h4 className="text-sec-900">{previewHeaderText}</h4>
               <div className="border rounded-lg overflow-hidden">
@@ -354,7 +371,13 @@ export function ImportModal({ isOpen, onClose, onImport, config = {} }: ImportMo
                 {totalRowsText.replace('{count}', totalCount.toString())}
               </p>
             </div>
-          )}
+          ) : !file ? (
+            <div className="border rounded-lg p-6 text-center bg-sec-50">
+              <p className="text-sec-500">
+                Select a CSV file to preview
+              </p>
+            </div>
+          ) : null}
 
           <div className="flex justify-end gap-2">
             <Button variant="outline" onClick={handleClose}>

package/src/components/Dialog/Dialog.tsx

@@ -694,8 +694,9 @@ const DialogFooter = ({
 }: DialogFooterProps) => (
   <footer
     className={cn(
-      'flex flex-col-reverse sm:flex-row sm:justify-end sm:space-x-2',
-      sticky ? 'sticky bottom-0 z-10 bg-background p-6 pt-4 border-t' : 'p-6 pt-4',
+      // Only apply default layout classes if no custom className is provided
+      !className && 'flex flex-col-reverse sm:flex-row sm:justify-end sm:space-x-2',
+      !className && (sticky ? 'sticky bottom-0 z-10 bg-background p-6 pt-4 border-t' : 'p-6 pt-4'),
       className
     )}
     {...props}