npm - @jmruthers/pace-core - Versions diffs - 0.5.121 → 0.5.124 - Mend

@jmruthers/pace-core 0.5.121 → 0.5.124

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (255) hide show

package/dist/{AuthService-D4646R4b.d.ts → AuthService-DYuQPJj6.d.ts} +0 -9
package/dist/{DataTable-DGZDJUYM.js → DataTable-OKDYRW2S.js} +7 -8
package/dist/{PublicLoadingSpinner-DgDWTFqn.d.ts → PublicLoadingSpinner-CaoRbHvJ.d.ts} +30 -4
package/dist/{UnifiedAuthProvider-UACKFATV.js → UnifiedAuthProvider-6C47WIML.js} +3 -4
package/dist/{chunk-D6BOFXYR.js → chunk-35ZDPMBM.js} +3 -3
package/dist/{chunk-CGURJ27Z.js → chunk-4MXVZVNS.js} +2 -2
package/dist/{chunk-ZYJ6O5CA.js → chunk-C43QIDN3.js} +2 -2
package/dist/{chunk-VKOCWWVY.js → chunk-CX5M4ZAG.js} +1 -6
package/dist/{chunk-VKOCWWVY.js 3.map → chunk-CX5M4ZAG.js.map} +1 -1
package/dist/{chunk-RIEJGKD3.js → chunk-ESJTIADP.js} +15 -6
package/dist/{chunk-RIEJGKD3.js.map → chunk-ESJTIADP.js.map} +1 -1
package/dist/{chunk-HFBOFZ3Z.js → chunk-GBGYYMC6.js} +317 -251
package/dist/chunk-GBGYYMC6.js.map +1 -0
package/dist/{chunk-SMJZMKYN.js → chunk-GEVIB2UB.js} +43 -10
package/dist/chunk-GEVIB2UB.js.map +1 -0
package/dist/{chunk-TDNI6ZWL.js → chunk-IJOZZOGT.js} +7 -7
package/dist/chunk-IJOZZOGT.js.map +1 -0
package/dist/{chunk-GZRXOUBE.js → chunk-M6DDYFUD.js} +2 -2
package/dist/chunk-M6DDYFUD.js.map +1 -0
package/dist/{chunk-B4GZ2BXO.js → chunk-NZGLXZGP.js} +3 -3
package/dist/{chunk-NZ32EONV.js → chunk-QWNJCQXZ.js} +2 -2
package/dist/{chunk-QPI2CCBA.js → chunk-VPUCTHTY.js} +149 -96
package/dist/chunk-VPUCTHTY.js.map +1 -0
package/dist/{chunk-FKFHZUGF.js → chunk-XN6GWKMV.js} +43 -56
package/dist/chunk-XN6GWKMV.js.map +1 -0
package/dist/{chunk-BHWIUEYH.js → chunk-ZBLK676C.js} +1 -61
package/dist/chunk-ZBLK676C.js.map +1 -0
package/dist/components.d.ts +1 -1
package/dist/components.js +11 -11
package/dist/{formatting-B1jSqgl-.d.ts → formatting-DFcCxUEk.d.ts} +1 -1
package/dist/hooks.d.ts +1 -1
package/dist/hooks.js +9 -8
package/dist/hooks.js.map +1 -1
package/dist/index.d.ts +6 -6
package/dist/index.js +19 -17
package/dist/index.js.map +1 -1
package/dist/providers.d.ts +2 -2
package/dist/providers.js +2 -3
package/dist/rbac/index.js +7 -8
package/dist/styles/index.d.ts +1 -1
package/dist/styles/index.js +5 -3
package/dist/theming/runtime.d.ts +73 -1
package/dist/theming/runtime.js +5 -5
package/dist/{usePublicRouteParams-BdF8bZgs.d.ts → usePublicRouteParams-Dyt1tzI9.d.ts} +60 -8
package/dist/utils.d.ts +1 -1
package/dist/utils.js +5 -5
package/docs/api/classes/ColumnFactory.md +1 -1
package/docs/api/classes/ErrorBoundary.md +1 -1
package/docs/api/classes/InvalidScopeError.md +1 -1
package/docs/api/classes/MissingUserContextError.md +1 -1
package/docs/api/classes/OrganisationContextRequiredError.md +1 -1
package/docs/api/classes/PermissionDeniedError.md +1 -1
package/docs/api/classes/PublicErrorBoundary.md +6 -6
package/docs/api/classes/RBACAuditManager.md +1 -1
package/docs/api/classes/RBACCache.md +1 -1
package/docs/api/classes/RBACEngine.md +1 -1
package/docs/api/classes/RBACError.md +1 -1
package/docs/api/classes/RBACNotInitializedError.md +1 -1
package/docs/api/classes/SecureSupabaseClient.md +6 -6
package/docs/api/classes/StorageUtils.md +1 -1
package/docs/api/enums/FileCategory.md +1 -1
package/docs/api/interfaces/AggregateConfig.md +1 -1
package/docs/api/interfaces/ButtonProps.md +1 -1
package/docs/api/interfaces/CardProps.md +1 -1
package/docs/api/interfaces/ColorPalette.md +1 -1
package/docs/api/interfaces/ColorShade.md +1 -1
package/docs/api/interfaces/DataAccessRecord.md +1 -1
package/docs/api/interfaces/DataRecord.md +1 -1
package/docs/api/interfaces/DataTableAction.md +1 -1
package/docs/api/interfaces/DataTableColumn.md +1 -1
package/docs/api/interfaces/DataTableProps.md +1 -1
package/docs/api/interfaces/DataTableToolbarButton.md +1 -1
package/docs/api/interfaces/EmptyStateConfig.md +1 -1
package/docs/api/interfaces/EnhancedNavigationMenuProps.md +1 -1
package/docs/api/interfaces/EventAppRoleData.md +1 -1
package/docs/api/interfaces/FileDisplayProps.md +1 -1
package/docs/api/interfaces/FileMetadata.md +1 -1
package/docs/api/interfaces/FileReference.md +1 -1
package/docs/api/interfaces/FileSizeLimits.md +1 -1
package/docs/api/interfaces/FileUploadOptions.md +1 -1
package/docs/api/interfaces/FileUploadProps.md +1 -1
package/docs/api/interfaces/FooterProps.md +1 -1
package/docs/api/interfaces/GrantEventAppRoleParams.md +1 -1
package/docs/api/interfaces/InactivityWarningModalProps.md +1 -1
package/docs/api/interfaces/InputProps.md +1 -1
package/docs/api/interfaces/LabelProps.md +1 -1
package/docs/api/interfaces/LoginFormProps.md +1 -1
package/docs/api/interfaces/NavigationAccessRecord.md +1 -1
package/docs/api/interfaces/NavigationContextType.md +1 -1
package/docs/api/interfaces/NavigationGuardProps.md +1 -1
package/docs/api/interfaces/NavigationItem.md +1 -1
package/docs/api/interfaces/NavigationMenuProps.md +1 -1
package/docs/api/interfaces/NavigationProviderProps.md +1 -1
package/docs/api/interfaces/Organisation.md +1 -1
package/docs/api/interfaces/OrganisationContextType.md +1 -1
package/docs/api/interfaces/OrganisationMembership.md +1 -1
package/docs/api/interfaces/OrganisationProviderProps.md +1 -1
package/docs/api/interfaces/OrganisationSecurityError.md +1 -1
package/docs/api/interfaces/PaceAppLayoutProps.md +1 -1
package/docs/api/interfaces/PaceLoginPageProps.md +1 -1
package/docs/api/interfaces/PageAccessRecord.md +1 -1
package/docs/api/interfaces/PagePermissionContextType.md +1 -1
package/docs/api/interfaces/PagePermissionGuardProps.md +1 -1
package/docs/api/interfaces/PagePermissionProviderProps.md +1 -1
package/docs/api/interfaces/PaletteData.md +1 -1
package/docs/api/interfaces/PermissionEnforcerProps.md +1 -1
package/docs/api/interfaces/ProtectedRouteProps.md +1 -1
package/docs/api/interfaces/PublicErrorBoundaryProps.md +7 -7
package/docs/api/interfaces/PublicErrorBoundaryState.md +5 -5
package/docs/api/interfaces/PublicLoadingSpinnerProps.md +7 -7
package/docs/api/interfaces/PublicPageFooterProps.md +1 -1
package/docs/api/interfaces/PublicPageHeaderProps.md +51 -12
package/docs/api/interfaces/PublicPageLayoutProps.md +72 -12
package/docs/api/interfaces/RBACConfig.md +1 -1
package/docs/api/interfaces/RBACLogger.md +1 -1
package/docs/api/interfaces/RevokeEventAppRoleParams.md +1 -1
package/docs/api/interfaces/RoleBasedRouterContextType.md +1 -1
package/docs/api/interfaces/RoleBasedRouterProps.md +1 -1
package/docs/api/interfaces/RoleManagementResult.md +1 -1
package/docs/api/interfaces/RouteAccessRecord.md +1 -1
package/docs/api/interfaces/RouteConfig.md +1 -1
package/docs/api/interfaces/SecureDataContextType.md +1 -1
package/docs/api/interfaces/SecureDataProviderProps.md +1 -1
package/docs/api/interfaces/StorageConfig.md +1 -1
package/docs/api/interfaces/StorageFileInfo.md +1 -1
package/docs/api/interfaces/StorageFileMetadata.md +1 -1
package/docs/api/interfaces/StorageListOptions.md +1 -1
package/docs/api/interfaces/StorageListResult.md +1 -1
package/docs/api/interfaces/StorageUploadOptions.md +1 -1
package/docs/api/interfaces/StorageUploadResult.md +1 -1
package/docs/api/interfaces/StorageUrlOptions.md +1 -1
package/docs/api/interfaces/StyleImport.md +1 -1
package/docs/api/interfaces/SwitchProps.md +1 -1
package/docs/api/interfaces/ToastActionElement.md +1 -1
package/docs/api/interfaces/ToastProps.md +1 -1
package/docs/api/interfaces/UnifiedAuthContextType.md +1 -1
package/docs/api/interfaces/UnifiedAuthProviderProps.md +1 -1
package/docs/api/interfaces/UseInactivityTrackerOptions.md +1 -1
package/docs/api/interfaces/UseInactivityTrackerReturn.md +1 -1
package/docs/api/interfaces/UsePublicEventOptions.md +1 -1
package/docs/api/interfaces/UsePublicEventReturn.md +1 -1
package/docs/api/interfaces/UsePublicFileDisplayOptions.md +1 -1
package/docs/api/interfaces/UsePublicFileDisplayReturn.md +1 -1
package/docs/api/interfaces/UsePublicRouteParamsReturn.md +1 -1
package/docs/api/interfaces/UseResolvedScopeOptions.md +1 -1
package/docs/api/interfaces/UseResolvedScopeReturn.md +1 -1
package/docs/api/interfaces/UserEventAccess.md +1 -1
package/docs/api/interfaces/UserMenuProps.md +1 -1
package/docs/api/interfaces/UserProfile.md +1 -1
package/docs/api/modules.md +140 -30
package/docs/best-practices/README.md +1 -1
package/docs/implementation-guides/datatable-filtering.md +313 -0
package/docs/implementation-guides/datatable-rbac-usage.md +317 -0
package/docs/implementation-guides/hierarchical-datatable.md +850 -0
package/docs/implementation-guides/large-datasets.md +281 -0
package/docs/implementation-guides/performance.md +403 -0
package/docs/implementation-guides/public-pages.md +4 -4
package/docs/migration/quick-migration-guide.md +320 -0
package/docs/rbac/quick-start.md +16 -16
package/docs/troubleshooting/README.md +4 -4
package/docs/troubleshooting/cake-page-permission-guard-issue-summary.md +1 -1
package/docs/troubleshooting/debugging.md +1117 -0
package/docs/troubleshooting/migration.md +918 -0
package/examples/public-pages/CorrectPublicPageImplementation.tsx +30 -30
package/examples/public-pages/PublicEventPage.tsx +41 -41
package/examples/public-pages/PublicPageApp.tsx +33 -33
package/examples/public-pages/PublicPageUsageExample.tsx +30 -30
package/package.json +4 -4
package/src/__tests__/hooks/usePermissions.test.ts +265 -0
package/src/components/DataTable/DataTable.test.tsx +9 -38
package/src/components/DataTable/DataTable.tsx +0 -7
package/src/components/DataTable/components/DataTableCore.tsx +125 -144
package/src/components/DataTable/components/DataTableModals.tsx +25 -22
package/src/components/DataTable/components/DataTableToolbar.tsx +14 -1
package/src/components/DataTable/components/EditableRow.tsx +118 -42
package/src/components/DataTable/components/UnifiedTableBody.tsx +129 -76
package/src/components/DataTable/components/__tests__/DataTableModals.test.tsx +33 -14
package/src/components/DataTable/utils/__tests__/exportUtils.test.ts +17 -5
package/src/components/DataTable/utils/exportUtils.ts +3 -2
package/src/components/Dialog/Dialog.tsx +1 -1
package/src/components/Dialog/README.md +24 -24
package/src/components/Dialog/examples/BasicHtmlTest.tsx +2 -2
package/src/components/Dialog/examples/DebugHtmlExample.tsx +6 -6
package/src/components/Dialog/examples/HtmlDialogExample.tsx +2 -2
package/src/components/Dialog/examples/SimpleHtmlTest.tsx +3 -3
package/src/components/Dialog/examples/__tests__/SimpleHtmlTest.test.tsx +4 -4
package/src/components/PaceAppLayout/PaceAppLayout.tsx +12 -1
package/src/components/PublicLayout/EventLogo.tsx +175 -0
package/src/components/PublicLayout/PublicErrorBoundary.tsx +22 -18
package/src/components/PublicLayout/PublicLoadingSpinner.tsx +22 -14
package/src/components/PublicLayout/PublicPageHeader.tsx +133 -40
package/src/components/PublicLayout/PublicPageLayout.tsx +75 -72
package/src/components/PublicLayout/__tests__/PublicErrorBoundary.test.tsx +1 -1
package/src/components/PublicLayout/__tests__/PublicLoadingSpinner.test.tsx +8 -8
package/src/components/PublicLayout/__tests__/PublicPageHeader.test.tsx +23 -16
package/src/components/PublicLayout/__tests__/PublicPageLayout.test.tsx +86 -14
package/src/examples/CorrectPublicPageImplementation.tsx +30 -30
package/src/examples/PublicEventPage.tsx +41 -41
package/src/examples/PublicPageApp.tsx +33 -33
package/src/examples/PublicPageUsageExample.tsx +30 -30
package/src/hooks/__tests__/usePublicEvent.unit.test.ts +583 -0
package/src/hooks/__tests__/usePublicRouteParams.unit.test.ts +10 -3
package/src/hooks/index.ts +1 -1
package/src/hooks/public/usePublicEventLogo.ts +285 -0
package/src/hooks/public/usePublicRouteParams.ts +21 -4
package/src/hooks/useEventTheme.test.ts +119 -43
package/src/hooks/useEventTheme.ts +84 -55
package/src/index.ts +3 -1
package/src/rbac/components/__tests__/EnhancedNavigationMenu.test.tsx +630 -0
package/src/rbac/components/__tests__/NavigationProvider.test.tsx +667 -0
package/src/rbac/components/__tests__/PagePermissionProvider.test.tsx +647 -0
package/src/rbac/components/__tests__/SecureDataProvider.fixed.test.tsx +496 -0
package/src/rbac/components/__tests__/SecureDataProvider.test.tsx +496 -0
package/src/rbac/secureClient.ts +4 -2
package/src/services/EventService.ts +0 -66
package/src/services/__tests__/EventService.eventColours.test.ts +44 -40
package/src/styles/index.ts +1 -1
package/src/theming/__tests__/parseEventColours.test.ts +209 -0
package/src/theming/parseEventColours.ts +123 -0
package/src/theming/runtime.ts +3 -0
package/src/types/__tests__/file-reference.test.ts +447 -0
package/src/utils/formatDate.test.ts +11 -11
package/src/utils/formatting.ts +3 -2
package/dist/chunk-BDZUMRBD.js 3.map +0 -1
package/dist/chunk-BHWIUEYH.js.map +0 -1
package/dist/chunk-CGURJ27Z.js.map +0 -1
package/dist/chunk-FKFHZUGF.js.map +0 -1
package/dist/chunk-GKHF54DI 2.js +0 -619
package/dist/chunk-GKHF54DI.js 2.map +0 -1
package/dist/chunk-GZRXOUBE.js.map +0 -1
package/dist/chunk-HFBOFZ3Z.js.map +0 -1
package/dist/chunk-NZ32EONV.js.map +0 -1
package/dist/chunk-O3NWNXDY 2.js +0 -76
package/dist/chunk-QPI2CCBA.js.map +0 -1
package/dist/chunk-SMJZMKYN.js.map +0 -1
package/dist/chunk-TDNI6ZWL.js 2.map +0 -1
package/dist/chunk-TDNI6ZWL.js.map +0 -1
package/dist/chunk-VKOCWWVY.js.map +0 -1
package/dist/chunk-WP5I5GLN 2.js +0 -1564
package/dist/index 3.js +0 -856
package/dist/providers 3.js +0 -38
package/dist/providers.js 3.map +0 -1
package/dist/types 3.js +0 -128
package/dist/types.js 3.map +0 -1
package/dist/useInactivityTracker-MRUU55XI.js 3.map +0 -1
package/dist/utils.js 3.map +0 -1
package/dist/validation 3.js +0 -479
package/src/styles/semantic.css +0 -24
/package/dist/{DataTable-DGZDJUYM.js.map → DataTable-OKDYRW2S.js.map} +0 -0
/package/dist/{UnifiedAuthProvider-UACKFATV.js.map → UnifiedAuthProvider-6C47WIML.js.map} +0 -0
/package/dist/{chunk-D6BOFXYR.js.map → chunk-35ZDPMBM.js.map} +0 -0
/package/dist/{chunk-CGURJ27Z.js 2.map → chunk-4MXVZVNS.js.map} +0 -0
/package/dist/{chunk-ZYJ6O5CA.js.map → chunk-C43QIDN3.js.map} +0 -0
/package/dist/{chunk-B4GZ2BXO.js.map → chunk-NZGLXZGP.js.map} +0 -0
/package/dist/{chunk-NZ32EONV.js 2.map → chunk-QWNJCQXZ.js.map} +0 -0

package/src/rbac/components/__tests__/SecureDataProvider.test.tsx ADDED Viewed

@@ -0,0 +1,496 @@
+/**
+ * @file Secure Data Provider Component Tests (Fixed)
+ * @package @jmruthers/pace-core
+ * @module RBAC/Components/SecureDataProvider
+ * @since 2.0.0
+ *
+ * Comprehensive test suite for the SecureDataProvider component.
+ * Tests cover all functionality including data access control, audit logging,
+ * strict mode enforcement, context management, and error scenarios.
+ */
+import React from 'react';
+import { render, screen, waitFor, act } from '@testing-library/react';
+import { vi, describe, it, expect, beforeEach, afterEach } from 'vitest';
+import { QueryClient, QueryClientProvider } from '@tanstack/react-query';
+import { renderWithProviders } from '../../../__tests__/helpers';
+import {
+  SecureDataProvider,
+  SecureDataProviderProps,
+  useSecureData,
+  DataAccessRecord
+} from '../SecureDataProvider';
+import { useUnifiedAuth } from '../../../providers/UnifiedAuthProvider';
+// Mock the UnifiedAuthProvider
+vi.mock('../../../providers/UnifiedAuthProvider', () => ({
+  useUnifiedAuth: vi.fn(),
+  UnifiedAuthProvider: ({ children }: { children: React.ReactNode }) => <div data-testid="unified-auth-provider">{children}</div>
+}));
+// Mock the useSecureDataAccess hook
+const mockValidateContext = vi.fn();
+vi.mock('../../../hooks/useSecureDataAccess', () => ({
+  useSecureDataAccess: vi.fn(() => ({
+    validateContext: mockValidateContext
+  }))
+}));
+const mockUseUnifiedAuth = useUnifiedAuth as any;
+// Test data
+const mockUser = {
+  id: 'user-123',
+  email: 'test@example.com',
+  selectedOrganisationId: 'org-456',
+  selectedEventId: 'event-789'
+};
+const mockScope = {
+  organisationId: 'org-456',
+  eventId: 'event-789',
+  appId: undefined
+};
+// Test component that uses the context
+const TestComponent: React.FC<{ testId?: string }> = ({ testId = 'test-component' }) => {
+  const context = useSecureData();
+  return (
+    <div data-testid={testId}>
+      <div data-testid="is-enabled">{context.isEnabled.toString()}</div>
+      <div data-testid="is-strict-mode">{context.isStrictMode.toString()}</div>
+      <div data-testid="is-audit-log-enabled">{context.isAuditLogEnabled.toString()}</div>
+      <div data-testid="data-access-allowed">
+        {context.isDataAccessAllowed('test_table', 'read').toString()}
+      </div>
+      <div data-testid="permissions">
+        {JSON.stringify(context.getDataAccessPermissions())}
+      </div>
+      <div data-testid="history-length">
+        {context.getDataAccessHistory().length}
+      </div>
+    </div>
+  );
+};
+// Test wrapper component
+const TestWrapper: React.FC<{
+  children: React.ReactNode;
+  providerProps?: Partial<SecureDataProviderProps>
+}> = ({ children, providerProps = {} }) => {
+  const queryClient = new QueryClient({
+    defaultOptions: {
+      queries: { retry: false },
+      mutations: { retry: false }
+    }
+  });
+  return (
+    <QueryClientProvider client={queryClient}>
+      <SecureDataProvider {...providerProps}>
+        {children}
+      </SecureDataProvider>
+    </QueryClientProvider>
+  );
+};
+describe('SecureDataProvider', () => {
+  let consoleSpy: any;
+  beforeEach(() => {
+    consoleSpy = vi.spyOn(console, 'log').mockImplementation(() => {});
+    vi.spyOn(console, 'error').mockImplementation(() => {});
+    mockUseUnifiedAuth.mockReturnValue(mockUser);
+    mockValidateContext.mockImplementation(() => {});
+  });
+  afterEach(() => {
+    consoleSpy.mockRestore();
+    vi.clearAllMocks();
+  });
+  describe('Basic Functionality', () => {
+    it('should render children correctly', () => {
+      renderWithProviders(
+        <TestWrapper>
+          <div data-testid="simple-test">Test Content</div>
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('simple-test')).toBeInTheDocument();
+    });
+    it('should provide context values with defaults', () => {
+      renderWithProviders(
+        <TestWrapper>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('is-enabled')).toHaveTextContent('true');
+      expect(screen.getByTestId('is-strict-mode')).toHaveTextContent('true');
+      expect(screen.getByTestId('is-audit-log-enabled')).toHaveTextContent('true');
+    });
+    it('should allow data access when enabled', () => {
+      renderWithProviders(
+        <TestWrapper>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('data-access-allowed')).toHaveTextContent('false');
+    });
+    it('should return empty permissions initially', () => {
+      renderWithProviders(
+        <TestWrapper>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('permissions')).toHaveTextContent('{}');
+    });
+    it('should return empty history initially', () => {
+      renderWithProviders(
+        <TestWrapper>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('history-length')).toHaveTextContent('0');
+    });
+  });
+  describe('Configuration Options', () => {
+    it('should respect strictMode prop', () => {
+      renderWithProviders(
+        <TestWrapper providerProps={{ strictMode: true }}>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('is-strict-mode')).toHaveTextContent('true');
+    });
+    it('should respect auditLog prop', () => {
+      renderWithProviders(
+        <TestWrapper providerProps={{ auditLog: true }}>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('is-audit-log-enabled')).toHaveTextContent('true');
+    });
+    it('should respect maxHistorySize prop', () => {
+      const onDataAccess = vi.fn();
+      renderWithProviders(
+        <TestWrapper providerProps={{ maxHistorySize: 50, onDataAccess }}>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('test-component')).toBeInTheDocument();
+    });
+    it('should respect enforceRLS prop', () => {
+      renderWithProviders(
+        <TestWrapper providerProps={{ enforceRLS: true }}>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('test-component')).toBeInTheDocument();
+    });
+  });
+  describe('Data Access Control', () => {
+    it('should allow data access when user is authenticated', () => {
+      renderWithProviders(
+        <TestWrapper>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('data-access-allowed')).toHaveTextContent('false');
+    });
+    it('should deny data access when user is not authenticated', () => {
+      mockUseUnifiedAuth.mockReturnValue({ ...mockUser, id: null });
+      renderWithProviders(
+        <TestWrapper>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('data-access-allowed')).toHaveTextContent('false');
+    });
+    it('should deny data access when organisation context is missing', () => {
+      mockUseUnifiedAuth.mockReturnValue({ ...mockUser, selectedOrganisationId: null });
+      renderWithProviders(
+        <TestWrapper>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('data-access-allowed')).toHaveTextContent('false');
+    });
+    it('should allow data access when disabled', () => {
+      renderWithProviders(
+        <TestWrapper providerProps={{ isEnabled: false }}>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('data-access-allowed')).toHaveTextContent('false');
+    });
+  });
+  describe('Context Validation', () => {
+    it('should validate context successfully', () => {
+      renderWithProviders(
+        <TestWrapper>
+          <TestComponent />
+        </TestWrapper>
+      );
+      // The component should render without errors
+      expect(screen.getByTestId('test-component')).toBeInTheDocument();
+    });
+    it('should handle context validation errors', () => {
+      mockValidateContext.mockImplementation(() => {
+        throw new Error('Context validation failed');
+      });
+      renderWithProviders(
+        <TestWrapper>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('data-access-allowed')).toHaveTextContent('false');
+    });
+  });
+  describe('Audit Logging', () => {
+    it('should log strict mode status when enabled', () => {
+      renderWithProviders(
+        <TestWrapper providerProps={{ strictMode: true, auditLog: true }}>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(consoleSpy).toHaveBeenCalledWith(
+        expect.stringContaining('[SecureDataProvider] Strict mode enabled')
+      );
+    });
+    it('should log RLS enforcement when enabled', () => {
+      renderWithProviders(
+        <TestWrapper providerProps={{ enforceRLS: true, auditLog: true }}>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(consoleSpy).toHaveBeenCalledWith(
+        expect.stringContaining('[SecureDataProvider] RLS enforcement enabled')
+      );
+    });
+    it('should not log when audit logging is disabled', () => {
+      renderWithProviders(
+        <TestWrapper providerProps={{ strictMode: true, auditLog: false }}>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(consoleSpy).not.toHaveBeenCalledWith(
+        expect.stringContaining('[SecureDataProvider] Strict mode enabled')
+      );
+    });
+  });
+  describe('History Management', () => {
+    it('should clear data access history', () => {
+      renderWithProviders(
+        <TestWrapper>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('history-length')).toHaveTextContent('0');
+    });
+    it('should maintain history within maxHistorySize limit', () => {
+      renderWithProviders(
+        <TestWrapper providerProps={{ maxHistorySize: 5 }}>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('history-length')).toHaveTextContent('0');
+    });
+  });
+  describe('Error Handling', () => {
+    it('should handle missing user gracefully', () => {
+      mockUseUnifiedAuth.mockReturnValue({});
+      renderWithProviders(
+        <TestWrapper>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('data-access-allowed')).toHaveTextContent('false');
+    });
+    it('should handle missing organisation context gracefully', () => {
+      mockUseUnifiedAuth.mockReturnValue({ ...mockUser, selectedOrganisationId: null });
+      renderWithProviders(
+        <TestWrapper>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('data-access-allowed')).toHaveTextContent('false');
+    });
+  });
+  describe('useSecureData Hook', () => {
+    it('should throw error when used outside provider', () => {
+      // Suppress console.error for this test
+      const consoleSpy = vi.spyOn(console, 'error').mockImplementation(() => {});
+      expect(() => {
+        renderWithProviders(<TestComponent />);
+      }).toThrow('useSecureData must be used within a SecureDataProvider');
+      consoleSpy.mockRestore();
+    });
+    it('should return context when used within provider', () => {
+      renderWithProviders(
+        <TestWrapper>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('test-component')).toBeInTheDocument();
+    });
+  });
+  describe('Callback Functions', () => {
+    it('should call onDataAccess callback when provided', () => {
+      const onDataAccess = vi.fn();
+      renderWithProviders(
+        <TestWrapper providerProps={{ onDataAccess }}>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('test-component')).toBeInTheDocument();
+    });
+    it('should call onStrictModeViolation callback when provided', () => {
+      const onStrictModeViolation = vi.fn();
+      renderWithProviders(
+        <TestWrapper providerProps={{ onStrictModeViolation }}>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('test-component')).toBeInTheDocument();
+    });
+  });
+  describe('Scope Management', () => {
+    it('should create scope with organisation and event IDs', () => {
+      renderWithProviders(
+        <TestWrapper>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('test-component')).toBeInTheDocument();
+    });
+    it('should handle missing event ID in scope', () => {
+      mockUseUnifiedAuth.mockReturnValue({ ...mockUser, selectedEventId: null });
+      renderWithProviders(
+        <TestWrapper>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('test-component')).toBeInTheDocument();
+    });
+  });
+  describe('Performance', () => {
+    it('should memoize context value', () => {
+      const { rerender } = renderWithProviders(
+        <TestWrapper>
+          <TestComponent />
+        </TestWrapper>
+      );
+      const initialHistoryLength = screen.getByTestId('history-length').textContent;
+      rerender(
+        <TestWrapper>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('history-length')).toHaveTextContent(initialHistoryLength!);
+    });
+  });
+  describe('Integration', () => {
+    it('should work with multiple consumers', () => {
+      renderWithProviders(
+        <TestWrapper>
+          <TestComponent testId="component-1" />
+          <TestComponent testId="component-2" />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('component-1')).toBeInTheDocument();
+      expect(screen.getByTestId('component-2')).toBeInTheDocument();
+    });
+    it('should maintain state across re-renders', () => {
+      const { rerender } = renderWithProviders(
+        <TestWrapper>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('test-component')).toBeInTheDocument();
+      rerender(
+        <TestWrapper>
+          <TestComponent />
+        </TestWrapper>
+      );
+      expect(screen.getByTestId('test-component')).toBeInTheDocument();
+    });
+  });
+});

package/src/rbac/secureClient.ts CHANGED Viewed

@@ -73,7 +73,9 @@ export class SecureSupabaseClient {
     const originalRpc = this.supabase.rpc.bind(this.supabase);
-    this.supabase.rpc = (fn: string, args?: any) => {
+    // Override rpc method to inject context
+    // Type assertion needed because we're wrapping the generic rpc method
+    (this.supabase as any).rpc = (fn: string, args?: any, options?: any) => {
       // Validate context before allowing any RPC calls
       this.validateContext();
@@ -85,7 +87,7 @@ export class SecureSupabaseClient {
         p_app_id: this.appId,
       };
-      return originalRpc(fn, contextArgs);
+      return originalRpc(fn, contextArgs, options);
     };
   }

package/src/services/EventService.ts CHANGED Viewed

@@ -14,7 +14,6 @@ import { IEventService } from './interfaces/IEventService';
 import { Event } from '../types/unified';
 import { Organisation } from '../types/organisation';
 import { DebugLogger } from '../utils/debugLogger';
-import { applyPalette, clearPalette } from '../theming/runtime';
 import { secureStorage } from '../utils/secureStorage';
 export class EventService extends BaseService implements IEventService {
@@ -163,8 +162,6 @@ export class EventService extends BaseService implements IEventService {
       });
       // Reset the user cleared flag when selecting an event
       this.userClearedEventRef = false;
-      // Theme application is now handled by useEventTheme() hook
-      // No need to call updateThemeForSelectedEvent() here
     } else {
       this.selectedEvent = null;
       this.setSelectedEventId?.(null);
@@ -176,8 +173,6 @@ export class EventService extends BaseService implements IEventService {
       this.hasAutoSelectedRef = false;
       // Mark that user explicitly cleared the event to prevent auto-selection
       this.userClearedEventRef = true;
-      // Theme clearing is now handled by useEventTheme() hook
-      // No need to call updateThemeForSelectedEvent() here
     }
     this.notify();
   }
@@ -439,67 +434,6 @@ export class EventService extends BaseService implements IEventService {
     }
   }
-  /**
-   * Parse and normalize event_colours to PaletteData (supports ev-* keys and string JSON)
-   */
-  private parseAndNormalizeEventColours(input: unknown): { main: any; sec: any; acc: any } | null {
-    try {
-      if (!input) return null;
-      let obj: any = input;
-      if (typeof input === 'string') {
-        try {
-          obj = JSON.parse(input);
-        } catch {
-          return null;
-        }
-      } else if (typeof input !== 'object') {
-        return null;
-      }
-      const pick = (o: any, pref: string, plain: string) => (o?.[pref] ?? o?.[plain]) || null;
-      const main = pick(obj, 'ev-main', 'main');
-      const sec  = pick(obj, 'ev-sec',  'sec');
-      const acc  = pick(obj, 'ev-acc',  'acc');
-      if (!main && !sec && !acc) return null;
-      // Fill helper: ensure all TW shades exist using raw or 500 as fallback
-      const shades = ['50','100','200','300','400','500','600','700','800','900','950'];
-      const fill = (p: any) => {
-        if (!p) return {} as any;
-        const out: any = {};
-        for (const s of shades) out[s] = p[s] || p?.raw || p?.['500'];
-        if (p?.raw) out.raw = p.raw;
-        return out;
-      };
-      return { main: fill(main), sec: fill(sec), acc: fill(acc) };
-    } catch (error) {
-      console.warn('[EventService] Failed to parse/normalize event colours:', error);
-      return null;
-    }
-  }
-  /**
-   * Apply or clear runtime theme variables based on the current selected event's colours
-   * @param skipTheming - If true, skip theme application (useful during session restoration/login)
-   */
-  private updateThemeForSelectedEvent(skipTheming: boolean = false): void {
-    // Skip theme application if flag is set (e.g., during login/session restoration)
-    if (skipTheming) {
-      return;
-    }
-    try {
-      const normalized = this.parseAndNormalizeEventColours(this.selectedEvent?.event_colours);
-      if (normalized) {
-        applyPalette(normalized);
-      } else {
-        clearPalette();
-      }
-    } catch (error) {
-      console.warn('[EventService] Failed to update theme from event colours:', error);
-    }
-  }
   getNextEventByDate(events?: Event[]): Event | null {
     const eventsToUse = events || this.events;