@jmruthers/pace-core 0.5.181 → 0.5.182

package/dist/types.js

@@ -1,70 +1,58 @@
 import {
   FileCategory
-} from "./chunk-XJ2HZOBU.js";
+} from "./chunk-UHNYIBXL.js";
 import {
+  AuthErrorCode,
+  PermissionErrorCode,
+  assertAppId,
+  assertEventId,
+  assertOrganisationId,
+  assertPageId,
+  assertUserId,
+  createAppId,
+  createEventId,
+  createOrganisationId,
+  createPageId,
+  createPermissionString,
+  createRequestId,
+  createSessionToken,
+  createUserId,
+  isAppId,
+  isEventId,
+  isOrganisationId,
+  isPageId,
+  isPermissionString,
+  isRequestId,
+  isSessionToken,
+  isUserId
+} from "./chunk-QXHPKYJV.js";
+import {
+  changePasswordSchema,
   combineSchemas,
-  pickSchema
-} from "./chunk-BJPBT3CU.js";
-import "./chunk-PLDDJCW6.js";
+  contactFormSchema,
+  dateSchema,
+  emailSchema,
+  loginSchema,
+  nameSchema,
+  passwordResetSchema,
+  passwordSchema,
+  phoneSchema,
+  pickSchema,
+  registrationSchema,
+  secureLoginSchema,
+  securePasswordSchema,
+  urlSchema,
+  userProfileSchema
+} from "./chunk-LMC26NLJ.js";
+import "./chunk-7D4SUZUM.js";
 
-// src/types/unified.ts
-var AuthErrorCode = /* @__PURE__ */ ((AuthErrorCode2) => {
-  AuthErrorCode2["UNKNOWN_ERROR"] = "UNKNOWN_ERROR";
-  AuthErrorCode2["INVALID_CREDENTIALS"] = "INVALID_CREDENTIALS";
-  AuthErrorCode2["USER_NOT_FOUND"] = "USER_NOT_FOUND";
-  AuthErrorCode2["EMAIL_NOT_CONFIRMED"] = "EMAIL_NOT_CONFIRMED";
-  AuthErrorCode2["PASSWORD_TOO_WEAK"] = "PASSWORD_TOO_WEAK";
-  AuthErrorCode2["WEAK_PASSWORD"] = "WEAK_PASSWORD";
-  AuthErrorCode2["RATE_LIMITED"] = "RATE_LIMITED";
-  AuthErrorCode2["RATE_LIMIT_EXCEEDED"] = "RATE_LIMIT_EXCEEDED";
-  AuthErrorCode2["SESSION_EXPIRED"] = "SESSION_EXPIRED";
-  AuthErrorCode2["PERMISSION_DENIED"] = "PERMISSION_DENIED";
-  AuthErrorCode2["NETWORK_ERROR"] = "NETWORK_ERROR";
-  return AuthErrorCode2;
-})(AuthErrorCode || {});
-var PermissionErrorCode = /* @__PURE__ */ ((PermissionErrorCode2) => {
-  PermissionErrorCode2["INSUFFICIENT_PERMISSIONS"] = "INSUFFICIENT_PERMISSIONS";
-  PermissionErrorCode2["INVALID_PERMISSION"] = "INVALID_PERMISSION";
-  PermissionErrorCode2["PERMISSION_CHECK_FAILED"] = "PERMISSION_CHECK_FAILED";
-  PermissionErrorCode2["ACCESS_DENIED"] = "ACCESS_DENIED";
-  return PermissionErrorCode2;
-})(PermissionErrorCode || {});
-var AccessLevel = /* @__PURE__ */ ((AccessLevel2) => {
-  AccessLevel2["NONE"] = "none";
-  AccessLevel2["VIEWER"] = "viewer";
-  AccessLevel2["PARTICIPANT"] = "participant";
-  AccessLevel2["EDITOR"] = "editor";
-  AccessLevel2["PLANNER"] = "planner";
-  AccessLevel2["ADMIN"] = "admin";
-  AccessLevel2["SUPER_ADMIN"] = "super_admin";
-  AccessLevel2["SUPER"] = "super";
-  return AccessLevel2;
-})(AccessLevel || {});
-function createUserId(id) {
-  return id;
-}
-function createSessionToken(token) {
-  return token;
-}
-function createPermissionString(permission) {
-  return permission;
-}
-function createRequestId(id) {
-  return id;
-}
-function isUserId(value) {
-  return typeof value === "string" && value.length > 0;
-}
-function isSessionToken(value) {
-  return typeof value === "string" && value.length > 0;
-}
-function isPermissionString(value) {
-  if (typeof value !== "string" || value.length === 0) return false;
-  return value.includes(":") && value.split(":").length === 2;
-}
-function isRequestId(value) {
-  return typeof value === "string" && value.length > 0;
-}
+// src/types/organisation.ts
+var ORGANISATION_ROLE_PERMISSIONS = {
+  supporter: ["view_basic"],
+  member: ["view_basic", "view_details"],
+  leader: ["view_basic", "view_details", "moderate_content", "manage_events"],
+  org_admin: ["view_basic", "view_details", "moderate_content", "manage_events", "manage_members", "manage_settings"]
+};
 
 // src/types/guards.ts
 function isAuthErrorCode(code) {
@@ -78,70 +66,34 @@ function isSession(obj) {
   const candidate = obj;
   return candidate != null && typeof candidate === "object" && typeof candidate.access_token === "string" && candidate.user != null && typeof candidate.user === "object";
 }
-
-// src/types/validation.ts
-import { z } from "zod";
-var emailSchema = z.string().email("Please enter a valid email address");
-var nameSchema = z.string().min(1, "Name is required").max(100, "Name must be less than 100 characters");
-var phoneSchema = z.string().regex(/^\+?[\d\s\-\(\)]+$/, "Please enter a valid phone number");
-var urlSchema = z.string().url("Please enter a valid URL");
-var dateSchema = z.string().refine((date) => !isNaN(Date.parse(date)), "Please enter a valid date");
-var passwordSchema = z.string().min(8, "Password must be at least 8 characters").regex(/[A-Z]/, "Password must contain at least one uppercase letter").regex(/[a-z]/, "Password must contain at least one lowercase letter").regex(/[0-9]/, "Password must contain at least one number");
-var securePasswordSchema = passwordSchema.regex(/[!@#$%^&*(),.?":{}|<>]/, "Password must contain at least one special character");
-var loginSchema = z.object({
-  email: emailSchema,
-  password: z.string().min(1, "Password is required")
-});
-var registrationSchema = z.object({
-  email: emailSchema,
-  password: passwordSchema,
-  confirmPassword: z.string()
-}).refine((data) => data.password === data.confirmPassword, {
-  message: "Passwords don't match",
-  path: ["confirmPassword"]
-});
-var secureLoginSchema = z.object({
-  email: emailSchema,
-  password: securePasswordSchema
-});
-var passwordResetSchema = z.object({
-  email: emailSchema
-});
-var changePasswordSchema = z.object({
-  currentPassword: z.string().min(1, "Current password is required"),
-  newPassword: securePasswordSchema,
-  confirmPassword: z.string()
-}).refine((data) => data.newPassword === data.confirmPassword, {
-  message: "Passwords don't match",
-  path: ["confirmPassword"]
-});
-var userProfileSchema = z.object({
-  name: nameSchema,
-  email: emailSchema,
-  phone: phoneSchema.optional(),
-  website: urlSchema.optional(),
-  bio: z.string().max(500).optional()
-});
-var contactFormSchema = z.object({
-  name: nameSchema,
-  email: emailSchema,
-  message: z.string().min(1, "Message is required").max(1e3, "Message must be less than 1000 characters")
-});
 export {
-  AccessLevel,
   AuthErrorCode,
   FileCategory,
+  ORGANISATION_ROLE_PERMISSIONS,
   PermissionErrorCode,
+  assertAppId,
+  assertEventId,
+  assertOrganisationId,
+  assertPageId,
+  assertUserId,
   changePasswordSchema,
   combineSchemas,
   contactFormSchema,
+  createAppId,
+  createEventId,
+  createOrganisationId,
+  createPageId,
   createPermissionString,
   createRequestId,
   createSessionToken,
   createUserId,
   dateSchema,
   emailSchema,
+  isAppId,
   isAuthErrorCode,
+  isEventId,
+  isOrganisationId,
+  isPageId,
   isPermissionString,
   isRequestId,
   isSession,

package/dist/types.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/types/unified.ts","../src/types/guards.ts","../src/types/validation.ts"],"sourcesContent":["/**\n * @file Unified types for PACE Core\n * @package @jmruthers/pace-core\n * @module unified\n * @since 0.1.0\n */\n\n/**\n * @file Unified Types for DataTable\n * @package @jmruthers/pace-core\n * @module Types\n * @since 0.3.0\n */\n\n// Authentication Error Codes\nexport enum AuthErrorCode {\n  UNKNOWN_ERROR = 'UNKNOWN_ERROR',\n  INVALID_CREDENTIALS = 'INVALID_CREDENTIALS',\n  USER_NOT_FOUND = 'USER_NOT_FOUND',\n  EMAIL_NOT_CONFIRMED = 'EMAIL_NOT_CONFIRMED',\n  PASSWORD_TOO_WEAK = 'PASSWORD_TOO_WEAK',\n  WEAK_PASSWORD = 'WEAK_PASSWORD',\n  RATE_LIMITED = 'RATE_LIMITED',\n  RATE_LIMIT_EXCEEDED = 'RATE_LIMIT_EXCEEDED',\n  SESSION_EXPIRED = 'SESSION_EXPIRED',\n  PERMISSION_DENIED = 'PERMISSION_DENIED',\n  NETWORK_ERROR = 'NETWORK_ERROR'\n}\n\n// Permission Error Codes\nexport enum PermissionErrorCode {\n  INSUFFICIENT_PERMISSIONS = 'INSUFFICIENT_PERMISSIONS',\n  INVALID_PERMISSION = 'INVALID_PERMISSION',\n  PERMISSION_CHECK_FAILED = 'PERMISSION_CHECK_FAILED',\n  ACCESS_DENIED = 'ACCESS_DENIED'\n}\n\n// Access Levels - using lowercase to match test expectations\nexport enum AccessLevel {\n  NONE = 'none',\n  VIEWER = 'viewer',\n  PARTICIPANT = 'participant',\n  EDITOR = 'editor',\n  PLANNER = 'planner',\n  ADMIN = 'admin',\n  SUPER_ADMIN = 'super_admin',\n  SUPER = 'super'\n}\n\n// Branded Types\nexport type UserId = string & { __brand: 'UserId' };\nexport type SessionToken = string & { __brand: 'SessionToken' };\nexport type PermissionString = string & { __brand: 'PermissionString' };\nexport type RequestId = string & { __brand: 'RequestId' };\n\n// Branded Type Creators\nexport function createUserId(id: string): UserId {\n  return id as UserId;\n}\n\nexport function createSessionToken(token: string): SessionToken {\n  return token as SessionToken;\n}\n\nexport function createPermissionString(permission: string): PermissionString {\n  return permission as PermissionString;\n}\n\nexport function createRequestId(id: string): RequestId {\n  return id as RequestId;\n}\n\n// Type Guards for branded types\nexport function isUserId(value: unknown): value is UserId {\n  return typeof value === 'string' && value.length > 0;\n}\n\nexport function isSessionToken(value: unknown): value is SessionToken {\n  return typeof value === 'string' && value.length > 0;\n}\n\nexport function isPermissionString(value: unknown): value is PermissionString {\n  if (typeof value !== 'string' || value.length === 0) return false;\n  // Basic validation for permission format (resource:action)\n  return value.includes(':') && value.split(':').length === 2;\n}\n\nexport function isRequestId(value: unknown): value is RequestId {\n  return typeof value === 'string' && value.length > 0;\n}\n\n// Permission Types\nexport type PermissionMap = Record<string, boolean>;\n\n// Permission Context\nexport interface PermissionContext {\n  eventId?: string;\n  appName?: string;\n  userId?: string;\n}\n\n// Auth Error Interface - Define locally to avoid circular dependency\nexport interface AuthError extends Error {\n  __isAuthError: true;\n  name: 'AuthError';\n  message: string;\n  code: AuthErrorCode;\n  user_message: string;\n  timestamp: number;\n}\n\n// Permission Error Interface\nexport interface PermissionError extends Error {\n  __isPermissionError: true;\n  name: 'PermissionError';\n  message: string;\n  code: PermissionErrorCode;\n  timestamp: number;\n}\n\n// Theme Types - Consolidated from theme.ts\nexport interface ThemeColors {\n  primary: string;\n  secondary: string;\n  hover?: string;\n  active?: string;\n  bgSoft?: string;\n}\n\nexport interface EventTheme {\n  mid: ThemeColors;\n  light: ThemeColors;\n}\n\n// Event Types - Updated to match database schema exactly with organisation context\nexport interface Event {\n  // Primary identification\n  id: string;\n  event_id: string;\n  event_name: string;\n  event_code?: string;\n  \n  // Organisation context - MANDATORY for security\n  organisation_id: string;\n  \n  // Event details\n  event_date?: string; // Use event_date from database for proper sorting\n  event_days?: number;\n  event_venue?: string;\n  event_participants?: number;\n  is_visible?: boolean;\n  \n  // Visual branding\n  event_logo?: string; // DEPRECATED: Use file_references table instead\n  event_colours?: Record<string, unknown> | null; // JSONB field for theme colors\n  event_col_d1?: string;\n  event_col_d2?: string;\n  event_col_m1?: string;\n  event_col_m2?: string;\n  event_col_l1?: string;\n  event_col_l2?: string;\n  \n  // Additional metadata\n  event_news?: string;\n  event_billing?: string;\n  event_catering_email?: string;\n  event_email?: string;\n  event_footer?: string;\n  event_rounddown?: number;\n  event_youthmultiplier?: number;\n  event_typicalunit?: number;\n  \n  // Timestamps\n  created_at: string;\n  updated_at: string;\n  created_by?: string;\n  updated_by?: string;\n  \n  // Legacy compatibility\n  name?: string; // Alias for event_name\n  description?: string;\n  start_date?: string; // Alias for event_date\n  end_date?: string;\n  theme_colors?: EventTheme;\n}\n\n// Event Context Type\nexport interface EventContextType {\n  selectedEvent: Event | null;\n  currentEvent: Event | null; // Added missing property\n  events: Event[];\n  isLoading: boolean;\n  error: string | null;\n  selectEvent: (event: Event) => void;\n  setCurrentEvent: (event: Event | null) => void; // Added missing property\n  clearSelection: () => void;\n  refreshEvents: () => Promise<void>;\n  createEvent: (event: Partial<Event>) => Promise<Event>;\n  updateEvent: (id: string, updates: Partial<Event>) => Promise<Event>;\n  deleteEvent: (id: string) => Promise<void>;\n}\n\n// RBAC Types\nexport interface UserPermissions {\n  user_id: UserId;\n  accessLevel: AccessLevel;\n  permissions: PermissionMap;\n  roles: string[];\n}\n\n// Re-export standard Supabase types for consistency\n// Note: These are the same as what's in @supabase/supabase-js\nexport interface User {\n  id: string;\n  email?: string;\n  created_at: string;\n  updated_at: string;\n  email_confirmed_at?: string;\n  last_sign_in_at?: string;\n  user_metadata?: Record<string, unknown>;\n  app_metadata?: Record<string, unknown>;\n}\n\nexport interface Session {\n  access_token: string;\n  refresh_token?: string;\n  expires_in: number;\n  expires_at: number;\n  token_type: string;\n  user: User;\n  provider_token?: string;\n  provider_refresh_token?: string;\n}\n\nexport interface DataRecord {\n  id: string | number;\n  [key: string]: unknown;\n}\n\nexport interface DataTableAction<T = unknown> {\n  label: string;\n  onClick: (row: T) => void;\n  testId?: string;\n  disabled?: boolean | ((row: T) => boolean);\n  variant?: 'primary' | 'secondary' | 'destructive';\n}\n\nexport interface DataTableColumn<T = unknown> {\n  id?: string;\n  key: string;\n  label: string;\n  sortable?: boolean;\n  filterable?: boolean;\n  accessorKey?: keyof T;\n  accessorFn?: (row: T) => unknown;\n  cell?: (value: unknown, row: T) => React.ReactNode;\n  header?: React.ReactNode;\n  enableSorting?: boolean;\n  enableColumnFilter?: boolean;\n  enableGrouping?: boolean;\n  enableHiding?: boolean;\n}\n\n// Re-export file reference types\nexport * from './file-reference';\n","\n/**\n * @file Type Guards\n */\n\nimport { AuthErrorCode, User, Session } from './unified';\n\nexport function isAuthErrorCode(code: string): code is AuthErrorCode {\n  return Object.values(AuthErrorCode).includes(code as AuthErrorCode);\n}\n\nexport function isUser(obj: unknown): obj is User {\n  const candidate = obj as Partial<User> | null | undefined;\n  return (\n    candidate != null &&\n    typeof candidate === 'object' &&\n    typeof candidate.id === 'string' &&\n    typeof candidate.created_at === 'string'\n  );\n}\n\nexport function isSession(obj: unknown): obj is Session {\n  const candidate = obj as Partial<Session> | null | undefined;\n  return (\n    candidate != null &&\n    typeof candidate === 'object' &&\n    typeof candidate.access_token === 'string' &&\n    candidate.user != null &&\n    typeof candidate.user === 'object'\n  );\n}\n","/**\n * @file Validation Types\n * @package @jmruthers/pace-core\n * @module Types/Validation\n * @since 0.1.0\n * \n * Consolidated validation types and interfaces for the PACE Core library.\n * This file contains all validation-related type definitions.\n */\n\nimport { z } from 'zod';\n\n// ============================================================================\n// Core Validation Interfaces\n// ============================================================================\n\nexport interface ValidationError {\n  field: string;\n  message: string;\n  code: string;\n}\n\nexport interface ValidationResult<T = unknown> {\n  success: boolean;\n  data?: T;\n  errors?: ValidationError[];\n}\n\n// ============================================================================\n// Form Value Types\n// ============================================================================\n\n// Basic form schemas\nexport const emailSchema = z.string().email('Please enter a valid email address');\nexport const nameSchema = z.string().min(1, 'Name is required').max(100, 'Name must be less than 100 characters');\nexport const phoneSchema = z.string().regex(/^\\+?[\\d\\s\\-\\(\\)]+$/, 'Please enter a valid phone number');\nexport const urlSchema = z.string().url('Please enter a valid URL');\nexport const dateSchema = z.string().refine((date) => !isNaN(Date.parse(date)), 'Please enter a valid date');\n\n// Password schemas\nexport const passwordSchema = z.string()\n  .min(8, 'Password must be at least 8 characters')\n  .regex(/[A-Z]/, 'Password must contain at least one uppercase letter')\n  .regex(/[a-z]/, 'Password must contain at least one lowercase letter')\n  .regex(/[0-9]/, 'Password must contain at least one number');\n\nexport const securePasswordSchema = passwordSchema\n  .regex(/[!@#$%^&*(),.?\":{}|<>]/, 'Password must contain at least one special character');\n\n// Auth schemas\nexport const loginSchema = z.object({\n  email: emailSchema,\n  password: z.string().min(1, 'Password is required'),\n});\n\nexport const registrationSchema = z.object({\n  email: emailSchema,\n  password: passwordSchema,\n  confirmPassword: z.string(),\n}).refine((data) => data.password === data.confirmPassword, {\n  message: \"Passwords don't match\",\n  path: [\"confirmPassword\"],\n});\n\nexport const secureLoginSchema = z.object({\n  email: emailSchema,\n  password: securePasswordSchema,\n});\n\nexport const passwordResetSchema = z.object({\n  email: emailSchema,\n});\n\nexport const changePasswordSchema = z.object({\n  currentPassword: z.string().min(1, 'Current password is required'),\n  newPassword: securePasswordSchema,\n  confirmPassword: z.string(),\n}).refine((data) => data.newPassword === data.confirmPassword, {\n  message: \"Passwords don't match\",\n  path: ['confirmPassword'],\n});\n\n// User schemas\nexport const userProfileSchema = z.object({\n  name: nameSchema,\n  email: emailSchema,\n  phone: phoneSchema.optional(),\n  website: urlSchema.optional(),\n  bio: z.string().max(500).optional(),\n});\n\n// Contact form schema\nexport const contactFormSchema = z.object({\n  name: nameSchema,\n  email: emailSchema,\n  message: z.string().min(1, 'Message is required').max(1000, 'Message must be less than 1000 characters'),\n});\n\n// ============================================================================\n// Inferred Types\n// ============================================================================\n\nexport type LoginFormValues = z.infer<typeof loginSchema>;\nexport type RegistrationFormValues = z.infer<typeof registrationSchema>;\nexport type ChangePasswordFormValues = z.infer<typeof changePasswordSchema>;\nexport type UserProfileFormValues = z.infer<typeof userProfileSchema>;\n\n// Secure form types (with CSRF protection)\nexport type SecureLoginFormValues = {\n  email: string;\n  password: string;\n  csrfToken?: string;\n};\n\nexport type SecureRegistrationFormValues = {\n  email: string;\n  password: string;\n  confirmPassword: string;\n  csrfToken?: string;\n};\n\n// ============================================================================\n// Utility Types\n// ============================================================================\n\nexport type FormData = LoginFormData | RegistrationFormData | ProfileFormData | ContactFormData;\n\nexport type LoginFormData = z.infer<typeof loginSchema>;\nexport type RegistrationFormData = z.infer<typeof registrationSchema>;\nexport type ProfileFormData = z.infer<typeof userProfileSchema>;\nexport type ContactFormData = z.infer<typeof contactFormSchema>;\n\n// ============================================================================\n// Schema Utility Functions\n// ============================================================================\n// Re-exported from utils/validation/schema.ts\nexport { pickSchema, combineSchemas } from '../utils/validation/schema';\n"],"mappings":";;;;;;;;;;AAeO,IAAK,gBAAL,kBAAKA,mBAAL;AACL,EAAAA,eAAA,mBAAgB;AAChB,EAAAA,eAAA,yBAAsB;AACtB,EAAAA,eAAA,oBAAiB;AACjB,EAAAA,eAAA,yBAAsB;AACtB,EAAAA,eAAA,uBAAoB;AACpB,EAAAA,eAAA,mBAAgB;AAChB,EAAAA,eAAA,kBAAe;AACf,EAAAA,eAAA,yBAAsB;AACtB,EAAAA,eAAA,qBAAkB;AAClB,EAAAA,eAAA,uBAAoB;AACpB,EAAAA,eAAA,mBAAgB;AAXN,SAAAA;AAAA,GAAA;AAeL,IAAK,sBAAL,kBAAKC,yBAAL;AACL,EAAAA,qBAAA,8BAA2B;AAC3B,EAAAA,qBAAA,wBAAqB;AACrB,EAAAA,qBAAA,6BAA0B;AAC1B,EAAAA,qBAAA,mBAAgB;AAJN,SAAAA;AAAA,GAAA;AAQL,IAAK,cAAL,kBAAKC,iBAAL;AACL,EAAAA,aAAA,UAAO;AACP,EAAAA,aAAA,YAAS;AACT,EAAAA,aAAA,iBAAc;AACd,EAAAA,aAAA,YAAS;AACT,EAAAA,aAAA,aAAU;AACV,EAAAA,aAAA,WAAQ;AACR,EAAAA,aAAA,iBAAc;AACd,EAAAA,aAAA,WAAQ;AARE,SAAAA;AAAA,GAAA;AAkBL,SAAS,aAAa,IAAoB;AAC/C,SAAO;AACT;AAEO,SAAS,mBAAmB,OAA6B;AAC9D,SAAO;AACT;AAEO,SAAS,uBAAuB,YAAsC;AAC3E,SAAO;AACT;AAEO,SAAS,gBAAgB,IAAuB;AACrD,SAAO;AACT;AAGO,SAAS,SAAS,OAAiC;AACxD,SAAO,OAAO,UAAU,YAAY,MAAM,SAAS;AACrD;AAEO,SAAS,eAAe,OAAuC;AACpE,SAAO,OAAO,UAAU,YAAY,MAAM,SAAS;AACrD;AAEO,SAAS,mBAAmB,OAA2C;AAC5E,MAAI,OAAO,UAAU,YAAY,MAAM,WAAW,EAAG,QAAO;AAE5D,SAAO,MAAM,SAAS,GAAG,KAAK,MAAM,MAAM,GAAG,EAAE,WAAW;AAC5D;AAEO,SAAS,YAAY,OAAoC;AAC9D,SAAO,OAAO,UAAU,YAAY,MAAM,SAAS;AACrD;;;AClFO,SAAS,gBAAgB,MAAqC;AACnE,SAAO,OAAO,OAAO,aAAa,EAAE,SAAS,IAAqB;AACpE;AAEO,SAAS,OAAO,KAA2B;AAChD,QAAM,YAAY;AAClB,SACE,aAAa,QACb,OAAO,cAAc,YACrB,OAAO,UAAU,OAAO,YACxB,OAAO,UAAU,eAAe;AAEpC;AAEO,SAAS,UAAU,KAA8B;AACtD,QAAM,YAAY;AAClB,SACE,aAAa,QACb,OAAO,cAAc,YACrB,OAAO,UAAU,iBAAiB,YAClC,UAAU,QAAQ,QAClB,OAAO,UAAU,SAAS;AAE9B;;;ACpBA,SAAS,SAAS;AAuBX,IAAM,cAAc,EAAE,OAAO,EAAE,MAAM,oCAAoC;AACzE,IAAM,aAAa,EAAE,OAAO,EAAE,IAAI,GAAG,kBAAkB,EAAE,IAAI,KAAK,uCAAuC;AACzG,IAAM,cAAc,EAAE,OAAO,EAAE,MAAM,sBAAsB,mCAAmC;AAC9F,IAAM,YAAY,EAAE,OAAO,EAAE,IAAI,0BAA0B;AAC3D,IAAM,aAAa,EAAE,OAAO,EAAE,OAAO,CAAC,SAAS,CAAC,MAAM,KAAK,MAAM,IAAI,CAAC,GAAG,2BAA2B;AAGpG,IAAM,iBAAiB,EAAE,OAAO,EACpC,IAAI,GAAG,wCAAwC,EAC/C,MAAM,SAAS,qDAAqD,EACpE,MAAM,SAAS,qDAAqD,EACpE,MAAM,SAAS,2CAA2C;AAEtD,IAAM,uBAAuB,eACjC,MAAM,0BAA0B,sDAAsD;AAGlF,IAAM,cAAc,EAAE,OAAO;AAAA,EAClC,OAAO;AAAA,EACP,UAAU,EAAE,OAAO,EAAE,IAAI,GAAG,sBAAsB;AACpD,CAAC;AAEM,IAAM,qBAAqB,EAAE,OAAO;AAAA,EACzC,OAAO;AAAA,EACP,UAAU;AAAA,EACV,iBAAiB,EAAE,OAAO;AAC5B,CAAC,EAAE,OAAO,CAAC,SAAS,KAAK,aAAa,KAAK,iBAAiB;AAAA,EAC1D,SAAS;AAAA,EACT,MAAM,CAAC,iBAAiB;AAC1B,CAAC;AAEM,IAAM,oBAAoB,EAAE,OAAO;AAAA,EACxC,OAAO;AAAA,EACP,UAAU;AACZ,CAAC;AAEM,IAAM,sBAAsB,EAAE,OAAO;AAAA,EAC1C,OAAO;AACT,CAAC;AAEM,IAAM,uBAAuB,EAAE,OAAO;AAAA,EAC3C,iBAAiB,EAAE,OAAO,EAAE,IAAI,GAAG,8BAA8B;AAAA,EACjE,aAAa;AAAA,EACb,iBAAiB,EAAE,OAAO;AAC5B,CAAC,EAAE,OAAO,CAAC,SAAS,KAAK,gBAAgB,KAAK,iBAAiB;AAAA,EAC7D,SAAS;AAAA,EACT,MAAM,CAAC,iBAAiB;AAC1B,CAAC;AAGM,IAAM,oBAAoB,EAAE,OAAO;AAAA,EACxC,MAAM;AAAA,EACN,OAAO;AAAA,EACP,OAAO,YAAY,SAAS;AAAA,EAC5B,SAAS,UAAU,SAAS;AAAA,EAC5B,KAAK,EAAE,OAAO,EAAE,IAAI,GAAG,EAAE,SAAS;AACpC,CAAC;AAGM,IAAM,oBAAoB,EAAE,OAAO;AAAA,EACxC,MAAM;AAAA,EACN,OAAO;AAAA,EACP,SAAS,EAAE,OAAO,EAAE,IAAI,GAAG,qBAAqB,EAAE,IAAI,KAAM,2CAA2C;AACzG,CAAC;","names":["AuthErrorCode","PermissionErrorCode","AccessLevel"]}
+{"version":3,"sources":["../src/types/organisation.ts","../src/types/guards.ts"],"sourcesContent":["/**\n * @file Organisation Types\n * @package @jmruthers/pace-core\n * @module Types/Organisation\n * @since 1.0.0\n * \n * Type definitions for organisations, memberships, roles, and organisation context.\n */\n\nimport type { OrganisationId, UserId } from './core';\n\nexport interface Organisation {\n  id: string;\n  name: string;\n  display_name: string;\n  description?: string;\n  parent_id?: string;\n  subscription_tier: string;\n  settings: Record<string, unknown>;\n  is_active: boolean;\n  created_at: string;\n  updated_at: string;\n  created_by?: string;\n  updated_by?: string;\n}\n\nexport interface OrganisationMembership {\n  id: string;\n  user_id: UserId;\n  organisation_id: OrganisationId;\n  role: 'org_admin' | 'leader' | 'member' | 'supporter';\n  status: 'active' | 'inactive' | 'suspended';\n  granted_at: string;\n  granted_by?: string;\n  revoked_at?: string;\n  revoked_by?: string;\n  notes?: string;\n  created_at: string;\n  updated_at: string;\n}\n\nexport interface UserProfile {\n  id: UserId;\n  email: string;\n  full_name?: string;\n  created_at: string;\n  updated_at: string;\n}\n\nexport interface OrganisationSettings {\n  organisation_id: OrganisationId;\n  logo_url?: string;\n  primary_color?: string;\n  secondary_color?: string;\n  website_url?: string;\n  contact_email?: string;\n  phone?: string;\n  address?: Record<string, unknown>;\n  timezone?: string;\n  date_format?: string;\n  currency?: string;\n  language?: string;\n  custom_css?: string;\n  email_templates?: Record<string, unknown>;\n  notification_settings?: Record<string, unknown>;\n  created_at: string;\n  updated_at: string;\n  created_by?: string;\n  updated_by?: string;\n}\n\nexport interface OrganisationInvitation {\n  id: string;\n  organisation_id: OrganisationId;\n  email: string;\n  role: 'supporter' | 'member' | 'leader' | 'org_admin';\n  invited_by?: string;\n  expires_at: string;\n  accepted_at?: string;\n  created_at: string;\n  updated_at: string;\n}\n\nexport interface OrganisationRoleDefinition {\n  id: string;\n  name: string;\n  display_name: string;\n  description?: string;\n  permissions: Record<string, unknown>;\n  is_active: boolean;\n  created_at: string;\n  updated_at: string;\n}\n\nexport interface SuperAdminContext {\n  isSuperAdmin: boolean;\n  hasGlobalAccess: boolean;\n  canManageAllOrganisations: boolean;\n}\n\nexport interface OrganisationSecurityError extends Error {\n  name: 'OrganisationSecurityError';\n  code: string;\n  organisationId?: string;\n  userId?: string;\n}\n\nexport interface OrganisationContextType {\n  // Current organisation context\n  selectedOrganisation: Organisation | null;\n  organisations: Organisation[];\n  userMemberships: OrganisationMembership[];\n  \n  // Loading and error states\n  isLoading: boolean;\n  error: Error | null;\n  hasValidOrganisationContext: boolean;\n  isContextReady: boolean;\n  \n  // Organisation management\n  setSelectedOrganisation: (org: Organisation | null) => void;\n  switchOrganisation: (orgId: string) => Promise<void>;\n  \n  // Security helpers\n  getUserRole: (orgId?: string) => string;\n  validateOrganisationAccess: (orgId: string) => boolean;\n  ensureOrganisationContext: () => Organisation;\n  \n  // Data management\n  refreshOrganisations: () => Promise<void>;\n  getPrimaryOrganisation: () => Organisation | null;\n  isOrganisationSecure: () => boolean;\n  \n  // Enhanced security features\n  getOrganisationHierarchy?: (orgId: string) => Promise<OrganisationHierarchy[]>;\n  canAccessChildOrganisations?: (orgId: string) => boolean;\n  validateUserAccess?: (userId: string, orgId: string) => Promise<boolean>;\n  getUserPermissions?: (orgId?: string) => Promise<string[]>;\n  logOrganisationAccess?: (action: string, details?: unknown) => Promise<void>;\n}\n\nexport interface OrganisationProviderProps {\n  children: React.ReactNode;\n}\n\nexport interface OrganisationHierarchy {\n  organisation: Organisation;\n  children: OrganisationHierarchy[];\n  parent?: Organisation;\n  depth: number;\n}\n\n// Role permissions mapping - Updated for new consolidated role system\nexport const ORGANISATION_ROLE_PERMISSIONS = {\n  supporter: ['view_basic'],\n  member: ['view_basic', 'view_details'],\n  leader: ['view_basic', 'view_details', 'moderate_content', 'manage_events'],\n  org_admin: ['view_basic', 'view_details', 'moderate_content', 'manage_events', 'manage_members', 'manage_settings'],\n} as const;\n\nexport type OrganisationRole = keyof typeof ORGANISATION_ROLE_PERMISSIONS;\n\n// Define permission types based on the permissions used in the system\nexport type OrganisationPermission = \n  | 'view_basic'\n  | 'view_details'\n  | 'moderate_content'\n  | 'manage_events'\n  | 'manage_members'\n  | 'manage_settings'\n  | '*';\n\n// Enhanced security types\nexport interface OrganisationAccessLog {\n  id: string;\n  user_id: UserId;\n  organisation_id: OrganisationId;\n  action: string;\n  details: Record<string, unknown>;\n  created_at: string;\n}\n\nexport interface SecureQueryOptions {\n  table: string;\n  select: string;\n  filters?: Record<string, unknown>;\n  organisationId: OrganisationId;\n  userId?: UserId;\n} ","\n/**\n * @file Type Guards\n */\n\nimport { AuthErrorCode } from './core';\nimport type { User, Session } from './auth';\n\nexport function isAuthErrorCode(code: string): code is AuthErrorCode {\n  return Object.values(AuthErrorCode).includes(code as AuthErrorCode);\n}\n\nexport function isUser(obj: unknown): obj is User {\n  const candidate = obj as Partial<User> | null | undefined;\n  return (\n    candidate != null &&\n    typeof candidate === 'object' &&\n    typeof candidate.id === 'string' &&\n    typeof candidate.created_at === 'string'\n  );\n}\n\nexport function isSession(obj: unknown): obj is Session {\n  const candidate = obj as Partial<Session> | null | undefined;\n  return (\n    candidate != null &&\n    typeof candidate === 'object' &&\n    typeof candidate.access_token === 'string' &&\n    candidate.user != null &&\n    typeof candidate.user === 'object'\n  );\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAyJO,IAAM,gCAAgC;AAAA,EAC3C,WAAW,CAAC,YAAY;AAAA,EACxB,QAAQ,CAAC,cAAc,cAAc;AAAA,EACrC,QAAQ,CAAC,cAAc,gBAAgB,oBAAoB,eAAe;AAAA,EAC1E,WAAW,CAAC,cAAc,gBAAgB,oBAAoB,iBAAiB,kBAAkB,iBAAiB;AACpH;;;ACtJO,SAAS,gBAAgB,MAAqC;AACnE,SAAO,OAAO,OAAO,aAAa,EAAE,SAAS,IAAqB;AACpE;AAEO,SAAS,OAAO,KAA2B;AAChD,QAAM,YAAY;AAClB,SACE,aAAa,QACb,OAAO,cAAc,YACrB,OAAO,UAAU,OAAO,YACxB,OAAO,UAAU,eAAe;AAEpC;AAEO,SAAS,UAAU,KAA8B;AACtD,QAAM,YAAY;AAClB,SACE,aAAa,QACb,OAAO,cAAc,YACrB,OAAO,UAAU,iBAAiB,YAClC,UAAU,QAAQ,QAClB,OAAO,UAAU,SAAS;AAE9B;","names":[]}

package/dist/{usePublicRouteParams-B7PabvuH.d.ts → usePublicRouteParams-JJczomYq.d.ts}

@@ -1,8 +1,7 @@
-import { b as OrganisationRole, c as OrganisationPermission, S as SuperAdminContext } from './organisation-D6qRDtbF.js';
-import { E as Event } from './unified-DQ4VcT7H.js';
+import { l as OrganisationRole, m as OrganisationPermission, S as SuperAdminContext, E as Event } from './event-CW5YB_2p.js';
 import { SupabaseClient } from '@supabase/supabase-js';
-import { D as Database } from './database-C6jy7EOu.js';
-import { F as FileCategory, a as FileReference } from './file-reference-C6Gkn77H.js';
+import { D as Database } from './database.generated-CBmg2950.js';
+import { b as FileCategory, F as FileReference } from './file-reference-D06mEEWW.js';
 
 /**
  * @file useOrganisationPermissions Hook
@@ -102,7 +101,7 @@ interface OrganisationSecurityHook {
     canAccessChildOrganisations: (orgId?: string) => boolean;
     hasPermission: (permission: string, orgId?: string) => Promise<boolean>;
     getUserPermissions: (orgId?: string) => Promise<string[]>;
-    logOrganisationAccess: (action: string, details?: any) => Promise<void>;
+    logOrganisationAccess: (action: string, details?: Record<string, unknown>) => Promise<void>;
     ensureOrganisationAccess: (orgId: string) => Promise<void>;
     validateUserAccess: (userId: string, orgId: string) => Promise<boolean>;
 }
@@ -236,6 +235,88 @@ declare function useAppConfig(): UseAppConfigReturn;
  */
 declare function useEventTheme(event?: Event | null): void;
 
+/**
+ * Storage utility types for pace-core
+ */
+interface StorageUploadOptions {
+    /** The app name from rbac_apps */
+    appName: string;
+    /** Organisation ID for scoping */
+    orgId: string;
+    /** Whether the file should be publicly accessible */
+    isPublic?: boolean;
+    /** Optional tags for categorisation */
+    tags?: string[];
+    /** Optional custom path within the app/org structure */
+    customPath?: string;
+    /** Optional metadata to store with the file */
+    metadata?: Record<string, any>;
+}
+interface StorageFileMetadata {
+    mimeType: string;
+    size: number;
+    width?: number;
+    height?: number;
+    hash?: string;
+    orgId: string;
+    appName: string;
+    uploadedBy: string;
+    uploadedAt: string;
+    tags?: string[];
+    isPublic: boolean;
+    customMetadata?: Record<string, any>;
+}
+interface StorageUploadResult {
+    success: boolean;
+    path?: string;
+    publicUrl?: string;
+    metadata?: StorageFileMetadata;
+    error?: string;
+}
+interface StorageUrlOptions {
+    /** The app name from rbac_apps */
+    appName: string;
+    /** Organisation ID for scoping */
+    orgId: string;
+    /** Expiry time in seconds for signed URLs (default: 3600) */
+    expiresIn?: number;
+}
+interface StorageListOptions {
+    /** The app name from rbac_apps */
+    appName: string;
+    /** Organisation ID for scoping */
+    orgId: string;
+    /** Optional path prefix to filter by */
+    pathPrefix?: string;
+    /** Optional tags to filter by */
+    tags?: string[];
+    /** Maximum number of files to return */
+    limit?: number;
+    /** Offset for pagination */
+    offset?: number;
+}
+interface StorageFileInfo {
+    name: string;
+    path: string;
+    size: number;
+    mimeType: string;
+    lastModified: string;
+    metadata: StorageFileMetadata;
+}
+interface StorageListResult {
+    files: StorageFileInfo[];
+    totalCount: number;
+    hasMore: boolean;
+}
+interface FileSizeLimits {
+    [mimeType: string]: number;
+}
+interface StorageConfig {
+    bucketName: string;
+    fileSizeLimits: FileSizeLimits;
+    defaultFileSizeLimit: number;
+}
+
 /**
  * @file Public Event Hook
  * @package @jmruthers/pace-core
@@ -428,6 +509,122 @@ declare function getPublicFileDisplayCacheStats(): {
     keys: string[];
 };
 
+/**
+ * @file Public Event Logo Hook
+ * @package @jmruthers/pace-core
+ * @module Hooks/Public
+ * @since 1.0.0
+ *
+ * A React hook for accessing public event logo URLs without authentication.
+ * Provides logo URLs with fallback handling for public pages.
+ *
+ * Features:
+ * - No authentication required
+ * - Automatic fallback to event initials
+ * - Caching for performance
+ * - Error handling and loading states
+ * - TypeScript support
+ * - Image validation
+ *
+ * @example
+ * ```tsx
+ * import { usePublicEventLogo } from '@jmruthers/pace-core';
+ *
+ * function EventHeader() {
+ *   const { logoUrl, fallbackText, isLoading, error } = usePublicEventLogo(
+ *     eventId,
+ *     eventName,
+ *     organisationId
+ *   );
+ *
+ *   if (isLoading) return <div>Loading logo...</div>;
+ *   if (error) return <div>Error: {error.message}</div>;
+ *
+ *   return (
+ *     <div>
+ *       {logoUrl ? (
+ *         <img src={logoUrl} alt={`${eventName} logo`} />
+ *       ) : (
+ *         <div className="logo-fallback">{fallbackText}</div>
+ *       )}
+ *     </div>
+ *   );
+ * }
+ * ```
+ *
+ * @accessibility
+ * - No direct accessibility concerns (hook)
+ * - Enables accessible logo display with proper alt text
+ * - Supports screen reader friendly fallbacks
+ *
+ * @security
+ * - Only returns public-safe logo URLs
+ * - Validates image existence before returning URL
+ * - No sensitive information exposed
+ * - Rate limiting applied at storage level
+ *
+ * @performance
+ * - Built-in caching with TTL
+ * - Image validation and optimization
+ * - Minimal re-renders with stable references
+ * - Lazy loading support
+ *
+ * @dependencies
+ * - React 18+ - Hooks and effects
+ * - @supabase/supabase-js - Storage integration
+ * - Event types - Type definitions
+ */
+
+interface UsePublicEventLogoReturn {
+    /** The logo URL if available, null if not found or error */
+    logoUrl: string | null;
+    /** Fallback text (event initials) if no logo is available */
+    fallbackText: string;
+    /** Whether the logo is currently loading */
+    isLoading: boolean;
+    /** Any error that occurred during loading */
+    error: Error | null;
+    /** Function to manually refetch the logo */
+    refetch: () => Promise<void>;
+}
+interface UsePublicEventLogoOptions {
+    /** Cache TTL in milliseconds (default: 30 minutes) */
+    cacheTtl?: number;
+    /** Whether to enable caching (default: true) */
+    enableCache?: boolean;
+    /** Whether to validate image existence (default: true) */
+    validateImage?: boolean;
+    /** Custom fallback text generator */
+    generateFallbackText?: (eventName: string) => string;
+    /** Supabase client instance (required) */
+    supabase: SupabaseClient<Database>;
+}
+/**
+ * Hook for accessing public event logo URLs
+ *
+ * This hook provides access to event logo URLs without requiring
+ * authentication. It includes fallback handling and image validation.
+ *
+ * @param eventId - The event ID to fetch logo for
+ * @param eventName - The event name for fallback text generation
+ * @param organisationId - The organisation ID for storage path
+ * @param options - Configuration options for caching and behavior
+ * @returns Object containing logo URL, fallback text, loading state, error, and refetch function
+ */
+declare function usePublicEventLogo(eventId: string | undefined, eventName: string | undefined, organisationId: string | undefined, options: UsePublicEventLogoOptions): UsePublicEventLogoReturn;
+/**
+ * Clear all cached public logo data
+ * Useful for testing or when you need to force refresh all data
+ */
+declare function clearPublicLogoCache(): void;
+/**
+ * Get cache statistics for debugging
+ */
+declare function getPublicLogoCacheStats(): {
+    size: number;
+    keys: string[];
+};
+
 /**
  * @file Public Route Params Hook
  * @package @jmruthers/pace-core
@@ -537,4 +734,4 @@ declare function generatePublicRoutePath(eventCode: string, pageName?: string):
  */
 declare function extractEventCodeFromPath(path: string): string | null;
 
-export { type OrganisationSecurityHook as O, type UseOrganisationPermissionsReturn as U, useOrganisationPermissions as a, useOrganisationSecurity as b, useAppConfig as c, type UseAppConfigReturn as d, usePublicEvent as e, clearPublicEventCache as f, getPublicEventCacheStats as g, usePublicFileDisplay as h, clearPublicFileDisplayCache as i, getPublicFileDisplayCacheStats as j, usePublicRouteParams as k, usePublicEventCode as l, generatePublicRoutePath as m, extractEventCodeFromPath as n, type UsePublicEventReturn as o, type UsePublicEventOptions as p, type UsePublicFileDisplayReturn as q, type UsePublicFileDisplayOptions as r, type UsePublicRouteParamsReturn as s, useEventTheme as u };
+export { type UsePublicEventLogoReturn as A, type UsePublicEventLogoOptions as B, type UsePublicRouteParamsReturn as C, type StorageConfig as D, type StorageFileMetadata as E, type FileSizeLimits as F, type StorageUrlOptions as G, type OrganisationSecurityHook as O, type StorageUploadOptions as S, type UseOrganisationPermissionsReturn as U, type StorageUploadResult as a, type StorageListOptions as b, type StorageListResult as c, type StorageFileInfo as d, useOrganisationPermissions as e, useOrganisationSecurity as f, useAppConfig as g, type UseAppConfigReturn as h, usePublicEvent as i, clearPublicEventCache as j, getPublicEventCacheStats as k, usePublicFileDisplay as l, clearPublicFileDisplayCache as m, getPublicFileDisplayCacheStats as n, usePublicEventLogo as o, clearPublicLogoCache as p, getPublicLogoCacheStats as q, usePublicRouteParams as r, usePublicEventCode as s, generatePublicRoutePath as t, useEventTheme as u, extractEventCodeFromPath as v, type UsePublicEventReturn as w, type UsePublicEventOptions as x, type UsePublicFileDisplayReturn as y, type UsePublicFileDisplayOptions as z };