@jmruthers/pace-core 0.5.115 → 0.5.116

package/src/rbac/hooks/useRoleManagement.ts

@@ -0,0 +1,255 @@
+/**
+ * @file RBAC Role Management Hook
+ * @package @jmruthers/pace-core
+ * @module RBAC/Hooks
+ * @since 2.1.0
+ *
+ * React hook for managing RBAC roles safely using RPC functions.
+ * This hook provides a secure, type-safe interface for granting and revoking roles
+ * that ensures proper audit trails and security checks.
+ *
+ * @example
+ * ```tsx
+ * import { useRoleManagement } from '@jmruthers/pace-core/rbac';
+ *
+ * function UserRolesComponent() {
+ *   const { revokeEventAppRole, grantEventAppRole, isLoading, error } = useRoleManagement();
+ *
+ *   const handleRevokeRole = async (roleId: string, roleData: EventAppRoleData) => {
+ *     const result = await revokeEventAppRole({
+ *       userId: roleData.user_id,
+ *       organisationId: roleData.organisation_id,
+ *       eventId: roleData.event_id,
+ *       appId: roleData.app_id,
+ *       role: roleData.role
+ *     });
+ *
+ *     if (result.success) {
+ *       toast({ title: 'Role revoked successfully' });
+ *     } else {
+ *       toast({ title: 'Failed to revoke role', variant: 'destructive' });
+ *     }
+ *   };
+ *
+ *   return <button onClick={() => handleRevokeRole(roleId, roleData)}>Revoke Role</button>;
+ * }
+ * ```
+ */
+
+import { useState, useCallback } from 'react';
+import { useUnifiedAuth } from '../../providers/services/UnifiedAuthProvider';
+import type { UUID } from '../types';
+
+export interface EventAppRoleData {
+  user_id: UUID;
+  organisation_id: UUID;
+  event_id: string;
+  app_id: UUID;
+  role: 'viewer' | 'participant' | 'planner' | 'event_admin';
+}
+
+export interface RevokeEventAppRoleParams extends EventAppRoleData {
+  revoked_by?: UUID;
+}
+
+export interface GrantEventAppRoleParams extends EventAppRoleData {
+  granted_by?: UUID;
+  valid_from?: string;
+  valid_to?: string | null;
+}
+
+export interface RoleManagementResult {
+  success: boolean;
+  message?: string;
+  error?: string;
+  roleId?: UUID;
+}
+
+export function useRoleManagement() {
+  const { user, supabase } = useUnifiedAuth();
+  const [isLoading, setIsLoading] = useState(false);
+  const [error, setError] = useState<Error | null>(null);
+
+  if (!supabase) {
+    throw new Error('useRoleManagement requires a Supabase client. Ensure UnifiedAuthProvider is configured.');
+  }
+
+  /**
+   * Revoke an event app role using the secure RPC function
+   * 
+   * This function uses the `revoke_event_app_role` RPC which:
+   * - Runs with SECURITY DEFINER privileges
+   * - Includes proper permission checks
+   * - Automatically populates audit fields (revoked_by, timestamps)
+   * - Complies with Row-Level Security policies
+   * 
+   * @param params - Role revocation parameters
+   * @returns Promise resolving to operation result
+   */
+  const revokeEventAppRole = useCallback(async (
+    params: RevokeEventAppRoleParams
+  ): Promise<RoleManagementResult> => {
+    setIsLoading(true);
+    setError(null);
+
+    try {
+      const { data, error: rpcError } = await supabase.rpc('revoke_event_app_role', {
+        p_user_id: params.user_id,
+        p_organisation_id: params.organisation_id,
+        p_event_id: params.event_id,
+        p_app_id: params.app_id,
+        p_role: params.role,
+        p_revoked_by: params.revoked_by || user?.id || undefined
+      });
+
+      if (rpcError) {
+        throw new Error(rpcError.message || 'Failed to revoke role');
+      }
+
+      return {
+        success: data === true,
+        message: data === true ? 'Role revoked successfully' : 'No role found to revoke',
+        error: data === false ? 'No matching role found' : undefined
+      };
+    } catch (err) {
+      const errorMessage = err instanceof Error ? err.message : 'Unknown error occurred';
+      setError(err instanceof Error ? err : new Error(errorMessage));
+      return {
+        success: false,
+        error: errorMessage
+      };
+    } finally {
+      setIsLoading(false);
+    }
+  }, [user?.id]);
+
+  /**
+   * Grant an event app role using the secure RPC function
+   * 
+   * This function uses the `grant_event_app_role` RPC which:
+   * - Runs with SECURITY DEFINER privileges
+   * - Includes proper permission checks
+   * - Automatically populates audit fields (granted_by, timestamps)
+   * - Complies with Row-Level Security policies
+   * 
+   * @param params - Role grant parameters
+   * @returns Promise resolving to operation result with role ID
+   */
+  const grantEventAppRole = useCallback(async (
+    params: GrantEventAppRoleParams
+  ): Promise<RoleManagementResult> => {
+    setIsLoading(true);
+    setError(null);
+
+    try {
+      const { data, error: rpcError } = await supabase.rpc('grant_event_app_role', {
+        p_user_id: params.user_id,
+        p_organisation_id: params.organisation_id,
+        p_event_id: params.event_id,
+        p_app_id: params.app_id,
+        p_role: params.role,
+        p_granted_by: params.granted_by || user?.id || undefined,
+        p_valid_from: params.valid_from,
+        p_valid_to: params.valid_to
+      });
+
+      if (rpcError) {
+        throw new Error(rpcError.message || 'Failed to grant role');
+      }
+
+      if (!data) {
+        return {
+          success: false,
+          error: 'Failed to grant role - no role ID returned'
+        };
+      }
+
+      return {
+        success: true,
+        message: 'Role granted successfully',
+        roleId: data as UUID
+      };
+    } catch (err) {
+      const errorMessage = err instanceof Error ? err.message : 'Unknown error occurred';
+      setError(err instanceof Error ? err : new Error(errorMessage));
+      return {
+        success: false,
+        error: errorMessage
+      };
+    } finally {
+      setIsLoading(false);
+    }
+  }, [user?.id]);
+
+  /**
+   * Revoke an event app role by role ID (alternative method)
+   * 
+   * This fetches the role by ID first to get the required context (role name, event_id, app_id),
+   * then uses the unified `rbac_role_revoke` function to revoke it.
+   * 
+   * @param roleId - The role ID to revoke
+   * @returns Promise resolving to operation result
+   */
+  const revokeRoleById = useCallback(async (
+    roleId: UUID
+  ): Promise<RoleManagementResult> => {
+    setIsLoading(true);
+    setError(null);
+
+    try {
+      // First, fetch the role by ID to get the required context
+      const { data: roleData, error: fetchError } = await supabase
+        .from('rbac_event_app_roles')
+        .select('user_id, role, event_id, app_id')
+        .eq('id', roleId)
+        .single();
+
+      if (fetchError || !roleData) {
+        throw new Error(fetchError?.message || 'Role not found');
+      }
+
+      // Construct context_id in the format required by rbac_role_revoke: "event_id:app_id"
+      const contextId = `${roleData.event_id}:${roleData.app_id}`;
+
+      // Now call rbac_role_revoke with the required parameters
+      const { data, error: rpcError } = await supabase.rpc('rbac_role_revoke', {
+        p_user_id: roleData.user_id,
+        p_role_type: 'event_app',
+        p_role_name: roleData.role,
+        p_context_id: contextId,
+        p_revoked_by: user?.id || undefined
+      });
+
+      if (rpcError) {
+        throw new Error(rpcError.message || 'Failed to revoke role');
+      }
+
+      // rbac_role_revoke returns a table with success, message, revoked_count, error_code
+      const result = Array.isArray(data) && data.length > 0 ? data[0] : null;
+
+      return {
+        success: result?.success === true,
+        message: result?.message || undefined,
+        error: result?.success === false ? (result?.message || result?.error_code || 'Unknown error') : undefined
+      };
+    } catch (err) {
+      const errorMessage = err instanceof Error ? err.message : 'Unknown error occurred';
+      setError(err instanceof Error ? err : new Error(errorMessage));
+      return {
+        success: false,
+        error: errorMessage
+      };
+    } finally {
+      setIsLoading(false);
+    }
+  }, [user?.id, supabase]);
+
+  return {
+    revokeEventAppRole,
+    grantEventAppRole,
+    revokeRoleById,
+    isLoading,
+    error
+  };
+}
+

package/src/services/AuthService.ts

@@ -416,6 +416,16 @@ export class AuthService extends BaseService implements IAuthService {
                 this.session = session;
                 this.user = session.user ?? null;
                 this.authError = null;
+                
+                // Reset restoration state if valid session arrives after earlier failure
+                // This clears stale errors when session eventually succeeds
+                const hasTimeoutError = this.sessionRestorationState.restorationError?.name === 'SessionRestorationTimeoutError';
+                if (this.sessionRestorationState.isRestoring || 
+                    this.sessionRestorationState.restorationError ||
+                    (hasTimeoutError && session)) {
+                  this.finishSessionRestoration();
+                  return;
+                }
               }
 
               if (this.sessionRestorationState.isRestoring) {

package/src/services/EventService.ts

@@ -15,6 +15,7 @@ import { Event } from '../types/unified';
 import { Organisation } from '../types/organisation';
 import { DebugLogger } from '../utils/debugLogger';
 import { applyPalette, clearPalette } from '../theming/runtime';
+import { secureStorage } from '../utils/secureStorage';
 
 export class EventService extends BaseService implements IEventService {
   private events: Event[] = [];
@@ -53,17 +54,40 @@ export class EventService extends BaseService implements IEventService {
     this.setSelectedEventId = setSelectedEventId;
   }
 
+  // Helper method to get user-scoped storage key
+  private getStorageKey(userId: string | null): string {
+    if (!userId) {
+      // Return a temporary key that won't match any user
+      return 'pace-core-selected-event-no-user';
+    }
+    return `pace-core-selected-event-${userId}`;
+  }
+
   // Update dependencies
-  updateDependencies(
+  async updateDependencies(
     supabaseClient: SupabaseClient,
     user: User | null,
     session: Session | null,
     appName: string,
     selectedOrganisation: Organisation | null,
     setSelectedEventId: (eventId: string | null) => void
-  ): void {
+  ): Promise<void> {
     const previousOrgId = this.selectedOrganisation?.id;
     const newOrgId = selectedOrganisation?.id;
+    const previousUserId = this.user?.id || null;
+    const newUserId = user?.id || null;
+    
+    // If user changed, clear previous user's event selection from storage
+    if (previousUserId !== newUserId) {
+      if (previousUserId !== null) {
+        await this.clearEventSelectionForUser(previousUserId);
+      }
+      // If user is now null (logout), clear current selection state
+      if (newUserId === null) {
+        this.selectedEvent = null;
+        this.setSelectedEventId?.(null);
+      }
+    }
     
     this.supabaseClient = supabaseClient;
     this.user = user;
@@ -133,23 +157,27 @@ export class EventService extends BaseService implements IEventService {
 
       this.selectedEvent = event;
       this.setSelectedEventId?.(event.event_id);
-      this.persistEventSelection(event.event_id);
+      // Persist asynchronously (don't await to avoid blocking)
+      this.persistEventSelection(event.event_id).catch(error => {
+        console.warn('[EventService] Failed to persist event selection:', error);
+      });
       // Reset the user cleared flag when selecting an event
       this.userClearedEventRef = false;
-      // Apply theme for the newly selected event
-      this.updateThemeForSelectedEvent();
+      // Theme application is now handled by useEventTheme() hook
+      // No need to call updateThemeForSelectedEvent() here
     } else {
       this.selectedEvent = null;
       this.setSelectedEventId?.(null);
-      // Clear both sessionStorage and localStorage
-      sessionStorage.removeItem('pace-core-selected-event');
-      localStorage.removeItem('pace-core-selected-event');
+      // Clear from secure storage (don't await to avoid blocking)
+      this.clearEventSelection().catch(error => {
+        console.warn('[EventService] Failed to clear event selection:', error);
+      });
       // Reset the auto-selection flag when clearing the event
       this.hasAutoSelectedRef = false;
       // Mark that user explicitly cleared the event to prevent auto-selection
       this.userClearedEventRef = true;
-      // Clear theme when event is cleared
-      this.updateThemeForSelectedEvent();
+      // Theme clearing is now handled by useEventTheme() hook
+      // No need to call updateThemeForSelectedEvent() here
     }
     this.notify();
   }
@@ -163,31 +191,31 @@ export class EventService extends BaseService implements IEventService {
 
   async loadPersistedEvent(events: Event[]): Promise<boolean> {
     try {
-      // Try sessionStorage first (tab-specific)
-      let persistedEventId = sessionStorage.getItem('pace-core-selected-event');
+      const userId = this.user?.id || null;
       
-      // Fallback to localStorage if no sessionStorage value (for new tabs)
-      if (!persistedEventId) {
-        persistedEventId = localStorage.getItem('pace-core-selected-event');
-        // If we found a value in localStorage, also store it in sessionStorage for this tab
-        if (persistedEventId) {
-          sessionStorage.setItem('pace-core-selected-event', persistedEventId);
-        }
+      // Don't load persisted event if no user is authenticated
+      if (!userId) {
+        return false;
       }
       
+      const storageKey = this.getStorageKey(userId);
+      
+      // Retrieve from secure storage (will automatically decrypt)
+      const persistedEventId = await secureStorage.getItem(storageKey);
+      
       if (persistedEventId && events.length > 0) {
+        // Validate that event exists in user's accessible events
         const persistedEvent = events.find(event => event.event_id === persistedEventId);
-      if (persistedEvent) {
-        this.selectedEvent = persistedEvent;
-        this.setSelectedEventId?.(persistedEventId);
-        // Skip theme application during session restoration/login
-        // Theme will be applied by useEventTheme hook once user navigates away from login
-        this.updateThemeForSelectedEvent(true);
-        return true;
-      } else {
-        // Clear invalid persisted event
-          sessionStorage.removeItem('pace-core-selected-event');
-          localStorage.removeItem('pace-core-selected-event');
+        
+        if (persistedEvent) {
+          // Use setSelectedEvent() to go through same path as EventSelector
+          // This ensures consistent behavior and proper notification
+          // Theme will be applied by useEventTheme hook once user navigates away from login
+          this.setSelectedEvent(persistedEvent);
+          return true;
+        } else {
+          // Event no longer accessible to user, clear invalid persisted event
+          await secureStorage.removeItem(storageKey);
         }
       }
     } catch (error) {
@@ -210,22 +238,26 @@ export class EventService extends BaseService implements IEventService {
     return await this.loadPersistedEvent(this.events);
   }
 
-  persistEventSelection(eventId: string): void {
+  async persistEventSelection(eventId: string): Promise<void> {
     try {
-      // Store in sessionStorage for tab-specific persistence
-      sessionStorage.setItem('pace-core-selected-event', eventId);
-      // Also store in localStorage as fallback for new tabs
-      localStorage.setItem('pace-core-selected-event', eventId);
+      const userId = this.user?.id || null;
+      const storageKey = this.getStorageKey(userId);
+      
+      // Store with encryption using secureStorage
+      await secureStorage.setItem(storageKey, eventId, { encrypt: true });
     } catch (error) {
       console.warn('[EventService] Failed to persist event selection:', error);
     }
   }
 
-  clearEventSelection(): void {
+  async clearEventSelection(): Promise<void> {
     try {
-      // Clear from both storage locations
-      sessionStorage.removeItem('pace-core-selected-event');
-      localStorage.removeItem('pace-core-selected-event');
+      const userId = this.user?.id || null;
+      const storageKey = this.getStorageKey(userId);
+      
+      // Clear from secure storage
+      await secureStorage.removeItem(storageKey);
+      
       // Clear the selected event
       this.selectedEvent = null;
       this.setSelectedEventId?.(null);
@@ -234,20 +266,49 @@ export class EventService extends BaseService implements IEventService {
     }
   }
 
+  /**
+   * Clear event selection for a specific user (used when user logs out or changes)
+   */
+  async clearEventSelectionForUser(userId: string | null): Promise<void> {
+    try {
+      if (!userId) return;
+      
+      const storageKey = this.getStorageKey(userId);
+      await secureStorage.removeItem(storageKey);
+    } catch (error) {
+      console.warn('[EventService] Failed to clear event selection for user:', error);
+    }
+  }
+
   autoSelectNextEvent(events: Event[]): void {
     const nextEvent = this.getNextEventByDate(events);
     if (nextEvent) {
-      this.selectedEvent = nextEvent;
-      this.setSelectedEventId?.(nextEvent.event_id);
-      this.persistEventSelection(nextEvent.event_id);
-      // Apply theme for auto-selected event
-      this.updateThemeForSelectedEvent();
+      // Use setSelectedEvent() to ensure consistent behavior
+      // Theme will be applied by useEventTheme() hook
+      this.setSelectedEvent(nextEvent);
     }
   }
 
   // Lifecycle methods
   async initialize(): Promise<void> {
     await super.initialize();
+    
+    // Clean up old global storage keys (backward compatibility)
+    // This ensures old data doesn't leak to new users
+    try {
+      // Remove old plain storage key
+      if (typeof sessionStorage !== 'undefined') {
+        sessionStorage.removeItem('pace-core-selected-event');
+      }
+      if (typeof localStorage !== 'undefined') {
+        localStorage.removeItem('pace-core-selected-event');
+        // Also remove old encrypted format if it exists
+        localStorage.removeItem('_sec_pace-core-selected-event');
+      }
+    } catch (error) {
+      console.warn('[EventService] Failed to clean up old storage keys:', error);
+    }
+    
     // Load persisted event during initialization (don't skip)
     // This ensures the last viewed event is restored before auto-selection happens
     await this.fetchEvents(false);
@@ -342,9 +403,9 @@ export class EventService extends BaseService implements IEventService {
             const nextEvent = this.getNextEventByDate(transformedEvents);
             if (nextEvent) {
               this.hasAutoSelectedRef = true;
-              this.selectedEvent = nextEvent;
-              this.setSelectedEventId?.(nextEvent.event_id);
-              this.persistEventSelection(nextEvent.event_id);
+              // Use setSelectedEvent() to ensure consistent behavior
+              // Theme will be applied by useEventTheme() hook
+              this.setSelectedEvent(nextEvent);
             }
           }
         } else {
@@ -353,9 +414,9 @@ export class EventService extends BaseService implements IEventService {
             const nextEvent = this.getNextEventByDate(transformedEvents);
             if (nextEvent) {
               this.hasAutoSelectedRef = true;
-              this.selectedEvent = nextEvent;
-              this.setSelectedEventId?.(nextEvent.event_id);
-              this.persistEventSelection(nextEvent.event_id);
+              // Use setSelectedEvent() to ensure consistent behavior
+              // Theme will be applied by useEventTheme() hook
+              this.setSelectedEvent(nextEvent);
             }
           }
         }

package/src/services/__tests__/AuthService.test.ts

@@ -689,7 +689,7 @@ describe('AuthService', () => {
           p_session_type: 'login',
           p_event_id: null,
           p_app_id: 'app-id-123', // Should be resolved from appName
-          p_user_agent: expect.any(String), // navigator.userAgent
+          // p_user_agent, p_device_fingerprint, p_ip_address may be undefined in test environment
         }));
       }