@jmruthers/pace-core 0.5.179 → 0.5.180
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{chunk-LEBYAJVF.js → chunk-6HLVGAZG.js} +1 -1
- package/dist/chunk-6HLVGAZG.js.map +1 -0
- package/dist/{chunk-CRGFNQ2L.js → chunk-CPTUD43C.js} +2 -2
- package/dist/chunk-CPTUD43C.js.map +1 -0
- package/dist/{chunk-2AKRP5QZ.js → chunk-N5YCCUG5.js} +3 -3
- package/dist/chunk-N5YCCUG5.js.map +1 -0
- package/dist/{chunk-PJEVDATQ.js → chunk-P6UUHOIF.js} +14 -4
- package/dist/chunk-P6UUHOIF.js.map +1 -0
- package/dist/components.js +2 -2
- package/dist/hooks.js +2 -2
- package/dist/index.js +4 -4
- package/dist/rbac/index.d.ts +2 -2
- package/dist/rbac/index.js +1 -1
- package/docs/api/classes/ColumnFactory.md +1 -1
- package/docs/api/classes/ErrorBoundary.md +1 -1
- package/docs/api/classes/InvalidScopeError.md +1 -1
- package/docs/api/classes/MissingUserContextError.md +1 -1
- package/docs/api/classes/OrganisationContextRequiredError.md +1 -1
- package/docs/api/classes/PermissionDeniedError.md +1 -1
- package/docs/api/classes/PublicErrorBoundary.md +1 -1
- package/docs/api/classes/RBACAuditManager.md +1 -1
- package/docs/api/classes/RBACCache.md +1 -1
- package/docs/api/classes/RBACEngine.md +1 -1
- package/docs/api/classes/RBACError.md +1 -1
- package/docs/api/classes/RBACNotInitializedError.md +1 -1
- package/docs/api/classes/SecureSupabaseClient.md +1 -1
- package/docs/api/classes/StorageUtils.md +1 -1
- package/docs/api/enums/FileCategory.md +1 -1
- package/docs/api/interfaces/AggregateConfig.md +1 -1
- package/docs/api/interfaces/BadgeProps.md +1 -1
- package/docs/api/interfaces/ButtonProps.md +1 -1
- package/docs/api/interfaces/CalendarProps.md +1 -1
- package/docs/api/interfaces/CardProps.md +1 -1
- package/docs/api/interfaces/ColorPalette.md +1 -1
- package/docs/api/interfaces/ColorShade.md +1 -1
- package/docs/api/interfaces/DataAccessRecord.md +1 -1
- package/docs/api/interfaces/DataRecord.md +1 -1
- package/docs/api/interfaces/DataTableAction.md +1 -1
- package/docs/api/interfaces/DataTableColumn.md +1 -1
- package/docs/api/interfaces/DataTableProps.md +1 -1
- package/docs/api/interfaces/DataTableToolbarButton.md +1 -1
- package/docs/api/interfaces/EmptyStateConfig.md +1 -1
- package/docs/api/interfaces/EnhancedNavigationMenuProps.md +1 -1
- package/docs/api/interfaces/EventAppRoleData.md +1 -1
- package/docs/api/interfaces/EventLogoProps.md +1 -1
- package/docs/api/interfaces/ExportColumn.md +1 -1
- package/docs/api/interfaces/ExportOptions.md +1 -1
- package/docs/api/interfaces/FileDisplayProps.md +1 -1
- package/docs/api/interfaces/FileMetadata.md +1 -1
- package/docs/api/interfaces/FileReference.md +1 -1
- package/docs/api/interfaces/FileSizeLimits.md +1 -1
- package/docs/api/interfaces/FileUploadOptions.md +1 -1
- package/docs/api/interfaces/FileUploadProps.md +1 -1
- package/docs/api/interfaces/FooterProps.md +1 -1
- package/docs/api/interfaces/GrantEventAppRoleParams.md +1 -1
- package/docs/api/interfaces/InactivityWarningModalProps.md +1 -1
- package/docs/api/interfaces/InputProps.md +1 -1
- package/docs/api/interfaces/LabelProps.md +1 -1
- package/docs/api/interfaces/LoginFormProps.md +1 -1
- package/docs/api/interfaces/NavigationAccessRecord.md +1 -1
- package/docs/api/interfaces/NavigationContextType.md +1 -1
- package/docs/api/interfaces/NavigationGuardProps.md +1 -1
- package/docs/api/interfaces/NavigationItem.md +1 -1
- package/docs/api/interfaces/NavigationMenuProps.md +1 -1
- package/docs/api/interfaces/NavigationProviderProps.md +1 -1
- package/docs/api/interfaces/Organisation.md +1 -1
- package/docs/api/interfaces/OrganisationContextType.md +1 -1
- package/docs/api/interfaces/OrganisationMembership.md +1 -1
- package/docs/api/interfaces/OrganisationProviderProps.md +1 -1
- package/docs/api/interfaces/OrganisationSecurityError.md +1 -1
- package/docs/api/interfaces/PaceAppLayoutProps.md +1 -1
- package/docs/api/interfaces/PaceLoginPageProps.md +1 -1
- package/docs/api/interfaces/PageAccessRecord.md +1 -1
- package/docs/api/interfaces/PagePermissionContextType.md +1 -1
- package/docs/api/interfaces/PagePermissionGuardProps.md +1 -1
- package/docs/api/interfaces/PagePermissionProviderProps.md +1 -1
- package/docs/api/interfaces/PaletteData.md +1 -1
- package/docs/api/interfaces/PermissionEnforcerProps.md +1 -1
- package/docs/api/interfaces/ProtectedRouteProps.md +1 -1
- package/docs/api/interfaces/PublicErrorBoundaryProps.md +1 -1
- package/docs/api/interfaces/PublicErrorBoundaryState.md +1 -1
- package/docs/api/interfaces/PublicLoadingSpinnerProps.md +1 -1
- package/docs/api/interfaces/PublicPageFooterProps.md +1 -1
- package/docs/api/interfaces/PublicPageHeaderProps.md +1 -1
- package/docs/api/interfaces/PublicPageLayoutProps.md +1 -1
- package/docs/api/interfaces/RBACConfig.md +1 -1
- package/docs/api/interfaces/RBACLogger.md +1 -1
- package/docs/api/interfaces/ResourcePermissions.md +1 -1
- package/docs/api/interfaces/RevokeEventAppRoleParams.md +1 -1
- package/docs/api/interfaces/RoleBasedRouterContextType.md +1 -1
- package/docs/api/interfaces/RoleBasedRouterProps.md +1 -1
- package/docs/api/interfaces/RoleManagementResult.md +1 -1
- package/docs/api/interfaces/RouteAccessRecord.md +1 -1
- package/docs/api/interfaces/RouteConfig.md +1 -1
- package/docs/api/interfaces/SecureDataContextType.md +1 -1
- package/docs/api/interfaces/SecureDataProviderProps.md +1 -1
- package/docs/api/interfaces/SessionRestorationLoaderProps.md +1 -1
- package/docs/api/interfaces/StorageConfig.md +1 -1
- package/docs/api/interfaces/StorageFileInfo.md +1 -1
- package/docs/api/interfaces/StorageFileMetadata.md +1 -1
- package/docs/api/interfaces/StorageListOptions.md +1 -1
- package/docs/api/interfaces/StorageListResult.md +1 -1
- package/docs/api/interfaces/StorageUploadOptions.md +1 -1
- package/docs/api/interfaces/StorageUploadResult.md +1 -1
- package/docs/api/interfaces/StorageUrlOptions.md +1 -1
- package/docs/api/interfaces/StyleImport.md +1 -1
- package/docs/api/interfaces/SwitchProps.md +1 -1
- package/docs/api/interfaces/TabsContentProps.md +1 -1
- package/docs/api/interfaces/TabsListProps.md +1 -1
- package/docs/api/interfaces/TabsProps.md +1 -1
- package/docs/api/interfaces/TabsTriggerProps.md +1 -1
- package/docs/api/interfaces/TextareaProps.md +1 -1
- package/docs/api/interfaces/ToastActionElement.md +1 -1
- package/docs/api/interfaces/ToastProps.md +1 -1
- package/docs/api/interfaces/UnifiedAuthContextType.md +1 -1
- package/docs/api/interfaces/UnifiedAuthProviderProps.md +1 -1
- package/docs/api/interfaces/UseInactivityTrackerOptions.md +1 -1
- package/docs/api/interfaces/UseInactivityTrackerReturn.md +1 -1
- package/docs/api/interfaces/UsePublicEventOptions.md +1 -1
- package/docs/api/interfaces/UsePublicEventReturn.md +1 -1
- package/docs/api/interfaces/UsePublicFileDisplayOptions.md +1 -1
- package/docs/api/interfaces/UsePublicFileDisplayReturn.md +1 -1
- package/docs/api/interfaces/UsePublicRouteParamsReturn.md +1 -1
- package/docs/api/interfaces/UseResolvedScopeOptions.md +1 -1
- package/docs/api/interfaces/UseResolvedScopeReturn.md +1 -1
- package/docs/api/interfaces/UseResourcePermissionsOptions.md +1 -1
- package/docs/api/interfaces/UserEventAccess.md +1 -1
- package/docs/api/interfaces/UserMenuProps.md +1 -1
- package/docs/api/interfaces/UserProfile.md +1 -1
- package/docs/api/modules.md +6 -6
- package/docs/best-practices/deployment.md +6 -3
- package/docs/getting-started/installation-guide.md +2 -1
- package/docs/implementation-guides/authentication.md +5 -3
- package/docs/rbac/quick-start.md +2 -1
- package/package.json +1 -1
- package/src/components/PaceAppLayout/PaceAppLayout.tsx +15 -3
- package/src/components/PublicLayout/PublicPageDiagnostic.tsx +1 -1
- package/src/components/PublicLayout/PublicPageProvider.tsx +2 -1
- package/src/hooks/public/usePublicEvent.ts +1 -1
- package/src/rbac/secureClient.ts +2 -2
- package/src/vite-env.d.ts +1 -0
- package/dist/chunk-2AKRP5QZ.js.map +0 -1
- package/dist/chunk-CRGFNQ2L.js.map +0 -1
- package/dist/chunk-LEBYAJVF.js.map +0 -1
- package/dist/chunk-PJEVDATQ.js.map +0 -1
package/docs/api/modules.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
[@jmruthers/pace-core - v0.5.
|
|
1
|
+
[@jmruthers/pace-core - v0.5.180](README.md) / Exports
|
|
2
2
|
|
|
3
|
-
# @jmruthers/pace-core - v0.5.
|
|
3
|
+
# @jmruthers/pace-core - v0.5.180
|
|
4
4
|
|
|
5
5
|
**`File`**
|
|
6
6
|
|
|
@@ -3545,7 +3545,7 @@ Public page context with environment variables
|
|
|
3545
3545
|
|
|
3546
3546
|
#### Defined in
|
|
3547
3547
|
|
|
3548
|
-
[packages/core/src/components/PublicLayout/PublicPageProvider.tsx:
|
|
3548
|
+
[packages/core/src/components/PublicLayout/PublicPageProvider.tsx:130](https://github.com/jmruthers/pace-core/blob/main/packages/core/src/components/PublicLayout/PublicPageProvider.tsx#L130)
|
|
3549
3549
|
|
|
3550
3550
|
___
|
|
3551
3551
|
|
|
@@ -3563,7 +3563,7 @@ True if we're in a public page context
|
|
|
3563
3563
|
|
|
3564
3564
|
#### Defined in
|
|
3565
3565
|
|
|
3566
|
-
[packages/core/src/components/PublicLayout/PublicPageProvider.tsx:
|
|
3566
|
+
[packages/core/src/components/PublicLayout/PublicPageProvider.tsx:145](https://github.com/jmruthers/pace-core/blob/main/packages/core/src/components/PublicLayout/PublicPageProvider.tsx#L145)
|
|
3567
3567
|
|
|
3568
3568
|
___
|
|
3569
3569
|
|
|
@@ -7178,7 +7178,7 @@ Create a secure Supabase client with organisation context
|
|
|
7178
7178
|
| Name | Type | Description |
|
|
7179
7179
|
| :------ | :------ | :------ |
|
|
7180
7180
|
| `supabaseUrl` | `string` | Supabase project URL |
|
|
7181
|
-
| `supabaseKey` | `string` | Supabase anon key |
|
|
7181
|
+
| `supabaseKey` | `string` | Supabase publishable key or anon key (accepts both legacy anon keys and modern publishable keys) |
|
|
7182
7182
|
| `organisationId` | `string` | Required organisation ID |
|
|
7183
7183
|
| `eventId?` | `string` | Optional event ID |
|
|
7184
7184
|
| `appId?` | `string` | Optional app ID |
|
|
@@ -7194,7 +7194,7 @@ SecureSupabaseClient instance
|
|
|
7194
7194
|
```typescript
|
|
7195
7195
|
const client = createSecureClient(
|
|
7196
7196
|
'https://your-project.supabase.co',
|
|
7197
|
-
'your-anon-key',
|
|
7197
|
+
'your-publishable-key-or-anon-key',
|
|
7198
7198
|
'org-123',
|
|
7199
7199
|
'event-456',
|
|
7200
7200
|
'app-789'
|
|
@@ -24,19 +24,22 @@ Deployment in `@jmruthers/pace-core` covers multiple environments:
|
|
|
24
24
|
```typescript
|
|
25
25
|
// .env.local (development)
|
|
26
26
|
VITE_SUPABASE_URL=http://localhost:54321
|
|
27
|
-
|
|
27
|
+
// Accepts both legacy anon keys and modern publishable keys (sb_publishable_...)
|
|
28
|
+
VITE_SUPABASE_ANON_KEY=your-local-publishable-key-or-anon-key
|
|
28
29
|
VITE_APP_ENV=development
|
|
29
30
|
VITE_DEBUG=true
|
|
30
31
|
|
|
31
32
|
// .env.staging
|
|
32
33
|
VITE_SUPABASE_URL=https://your-project.supabase.co
|
|
33
|
-
|
|
34
|
+
// Accepts both legacy anon keys and modern publishable keys (sb_publishable_...)
|
|
35
|
+
VITE_SUPABASE_ANON_KEY=your-staging-publishable-key-or-anon-key
|
|
34
36
|
VITE_APP_ENV=staging
|
|
35
37
|
VITE_DEBUG=false
|
|
36
38
|
|
|
37
39
|
// .env.production
|
|
38
40
|
VITE_SUPABASE_URL=https://your-project.supabase.co
|
|
39
|
-
|
|
41
|
+
// Accepts both legacy anon keys and modern publishable keys (sb_publishable_...)
|
|
42
|
+
VITE_SUPABASE_ANON_KEY=your-production-publishable-key-or-anon-key
|
|
40
43
|
VITE_APP_ENV=production
|
|
41
44
|
VITE_DEBUG=false
|
|
42
45
|
```
|
|
@@ -171,7 +171,8 @@ Set environment variables in `.env.local`:
|
|
|
171
171
|
|
|
172
172
|
```bash
|
|
173
173
|
VITE_SUPABASE_URL=https://your-project.supabase.co
|
|
174
|
-
|
|
174
|
+
# Accepts both legacy anon keys and modern publishable keys (sb_publishable_...)
|
|
175
|
+
VITE_SUPABASE_ANON_KEY=your-publishable-key-or-anon-key-here
|
|
175
176
|
```
|
|
176
177
|
|
|
177
178
|
Wrap your app with providers:
|
|
@@ -44,10 +44,12 @@ Create `.env.local`:
|
|
|
44
44
|
```bash
|
|
45
45
|
# Supabase Configuration
|
|
46
46
|
REACT_APP_SUPABASE_URL=https://your-project.supabase.co
|
|
47
|
-
|
|
47
|
+
# Accepts both legacy anon keys and modern publishable keys (sb_publishable_...)
|
|
48
|
+
REACT_APP_SUPABASE_ANON_KEY=your-publishable-key-or-anon-key-here
|
|
48
49
|
|
|
49
|
-
# ⚠️ CRITICAL: Use anon key, NOT service role key
|
|
50
|
-
#
|
|
50
|
+
# ⚠️ CRITICAL: Use publishable key or anon key, NOT service role key
|
|
51
|
+
# Legacy anon key starts with: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
|
|
52
|
+
# Modern publishable key starts with: sb_publishable_
|
|
51
53
|
# The service role key has different permissions and can cause RPC timeouts
|
|
52
54
|
```
|
|
53
55
|
|
package/docs/rbac/quick-start.md
CHANGED
|
@@ -87,7 +87,8 @@ Create `.env.local`:
|
|
|
87
87
|
```bash
|
|
88
88
|
# .env.local
|
|
89
89
|
VITE_SUPABASE_URL=https://your-project.supabase.co
|
|
90
|
-
|
|
90
|
+
# Accepts both legacy anon keys and modern publishable keys (sb_publishable_...)
|
|
91
|
+
VITE_SUPABASE_ANON_KEY=your-publishable-key-or-anon-key-here
|
|
91
92
|
VITE_APP_NAME=user-manager
|
|
92
93
|
```
|
|
93
94
|
|
package/package.json
CHANGED
|
@@ -397,12 +397,14 @@ export function PaceAppLayout({
|
|
|
397
397
|
});
|
|
398
398
|
|
|
399
399
|
// Build scope from resolved values
|
|
400
|
+
// Preserve appId from resolvedScope even when creating fallback scope
|
|
400
401
|
const scope = useMemo<Scope>(() => {
|
|
401
402
|
if (!resolvedScope?.organisationId) {
|
|
402
403
|
return {
|
|
403
404
|
organisationId: selectedOrganisation?.id || '',
|
|
404
405
|
eventId: selectedEvent?.event_id || undefined,
|
|
405
|
-
appId
|
|
406
|
+
// Preserve appId from resolvedScope if it exists, even if organisationId is missing
|
|
407
|
+
appId: resolvedScope?.appId || undefined
|
|
406
408
|
};
|
|
407
409
|
}
|
|
408
410
|
return resolvedScope;
|
|
@@ -557,9 +559,19 @@ export function PaceAppLayout({
|
|
|
557
559
|
// Wait for scope to be fully resolved (including appId) before filtering
|
|
558
560
|
// This is important because getPermissionMap requires appId to fetch pages
|
|
559
561
|
if (scopeLoading || !currentScope.appId) {
|
|
560
|
-
// Scope still loading or appId not resolved yet - show
|
|
562
|
+
// Scope still loading or appId not resolved yet - show no items until ready
|
|
563
|
+
// This is a security measure: don't show navigation until we can verify permissions
|
|
564
|
+
if (!scopeLoading && !currentScope.appId) {
|
|
565
|
+
logger.error('PaceAppLayout', 'appId not resolved in scope - navigation filtering disabled for security', {
|
|
566
|
+
scope: currentScope,
|
|
567
|
+
resolvedScope,
|
|
568
|
+
selectedOrganisationId: selectedOrganisation?.id,
|
|
569
|
+
selectedEventId: selectedEvent?.event_id,
|
|
570
|
+
appName: appName
|
|
571
|
+
});
|
|
572
|
+
}
|
|
561
573
|
if (isMounted) {
|
|
562
|
-
setFilteredMenuItems(
|
|
574
|
+
setFilteredMenuItems([]);
|
|
563
575
|
}
|
|
564
576
|
return;
|
|
565
577
|
}
|
|
@@ -122,7 +122,7 @@ export function PublicPageDiagnostic({ enabled = true, label = 'PublicPage' }: P
|
|
|
122
122
|
console.warn('🔧 SOLUTION: Wrap your public page component in <PublicPageProvider>');
|
|
123
123
|
} else if (!newDiagnostics.hasEnvironmentVars) {
|
|
124
124
|
console.warn(`⚠️ [${label}] WARNING: Missing environment variables`);
|
|
125
|
-
console.warn('🔧 SOLUTION: Set VITE_SUPABASE_URL and VITE_SUPABASE_ANON_KEY in your environment');
|
|
125
|
+
console.warn('🔧 SOLUTION: Set VITE_SUPABASE_URL and VITE_SUPABASE_ANON_KEY in your environment (use publishable key if anon key is disabled)');
|
|
126
126
|
} else {
|
|
127
127
|
console.log(`✅ [${label}] All diagnostics passed! Public page should work correctly.`);
|
|
128
128
|
}
|
|
@@ -92,9 +92,10 @@ export function PublicPageProvider({ children, appName }: PublicPageProviderProp
|
|
|
92
92
|
null;
|
|
93
93
|
|
|
94
94
|
// Create Supabase client if environment variables are available
|
|
95
|
+
// Note: VITE_SUPABASE_ANON_KEY accepts both legacy anon keys and modern publishable keys (sb_publishable_...)
|
|
95
96
|
const supabase = useMemo(() => {
|
|
96
97
|
if (!supabaseUrl || !supabaseKey) {
|
|
97
|
-
logger.warn('PublicPageProvider', 'Missing Supabase environment variables. Please ensure VITE_SUPABASE_URL and VITE_SUPABASE_ANON_KEY are set in your environment.');
|
|
98
|
+
logger.warn('PublicPageProvider', 'Missing Supabase environment variables. Please ensure VITE_SUPABASE_URL and VITE_SUPABASE_ANON_KEY are set in your environment. Use publishable key if anon key is disabled.');
|
|
98
99
|
return null;
|
|
99
100
|
}
|
|
100
101
|
const client = createClient<Database>(supabaseUrl, supabaseKey);
|
|
@@ -128,7 +128,7 @@ export function usePublicEvent(
|
|
|
128
128
|
if (typeof window === 'undefined') return null;
|
|
129
129
|
|
|
130
130
|
if (!environment.supabaseUrl || !environment.supabaseKey) {
|
|
131
|
-
logger.warn('usePublicEvent', 'Missing Supabase environment variables. Please ensure VITE_SUPABASE_URL and VITE_SUPABASE_ANON_KEY are set in your environment.');
|
|
131
|
+
logger.warn('usePublicEvent', 'Missing Supabase environment variables. Please ensure VITE_SUPABASE_URL and VITE_SUPABASE_ANON_KEY are set in your environment. Use publishable key if anon key is disabled.');
|
|
132
132
|
return null;
|
|
133
133
|
}
|
|
134
134
|
|
package/src/rbac/secureClient.ts
CHANGED
|
@@ -198,7 +198,7 @@ export class SecureSupabaseClient {
|
|
|
198
198
|
* Create a secure Supabase client with organisation context
|
|
199
199
|
*
|
|
200
200
|
* @param supabaseUrl - Supabase project URL
|
|
201
|
-
* @param supabaseKey - Supabase anon key
|
|
201
|
+
* @param supabaseKey - Supabase publishable key or anon key (accepts both legacy anon keys and modern publishable keys)
|
|
202
202
|
* @param organisationId - Required organisation ID
|
|
203
203
|
* @param eventId - Optional event ID
|
|
204
204
|
* @param appId - Optional app ID
|
|
@@ -208,7 +208,7 @@ export class SecureSupabaseClient {
|
|
|
208
208
|
* ```typescript
|
|
209
209
|
* const client = createSecureClient(
|
|
210
210
|
* 'https://your-project.supabase.co',
|
|
211
|
-
* 'your-anon-key',
|
|
211
|
+
* 'your-publishable-key-or-anon-key',
|
|
212
212
|
* 'org-123',
|
|
213
213
|
* 'event-456',
|
|
214
214
|
* 'app-789'
|
package/src/vite-env.d.ts
CHANGED
|
@@ -9,6 +9,7 @@ interface ImportMetaEnv {
|
|
|
9
9
|
// Add other environment variables as needed
|
|
10
10
|
readonly VITE_APP_NAME?: string
|
|
11
11
|
readonly VITE_SUPABASE_URL?: string
|
|
12
|
+
// Accepts both legacy anon keys and modern publishable keys (sb_publishable_...)
|
|
12
13
|
readonly VITE_SUPABASE_ANON_KEY?: string
|
|
13
14
|
}
|
|
14
15
|
|