@jmruthers/pace-core 0.5.181 → 0.5.183

package/docs/implementation-guides/large-datasets.md

@@ -255,7 +255,7 @@ cell: ({ getValue }) => {
 
 ## Migration Guide
 
-If you're upgrading from a previous version:
+If you're upgrading from a previous version: 0.5.181
 
 1. **Update page size options**: Change from `[10, 20, 50]` to `[25, 50, 100, 250]`
 2. **Remove hardcoded page sizes**: Let the component auto-optimize

package/docs/implementation-guides/navigation.md

@@ -1,7 +1,7 @@
 ---
-lastUpdated: 2025-10-29T22:43:00+11:00
-version: 0.5.76
-reviewedBy: content-audit
+lastUpdated: 2025-11-18T14:00:00+11:00
+version: 0.5.181
+reviewedBy: documentation-standards-audit
 ---
 
 # Navigation Implementation Guide
@@ -327,7 +327,7 @@ function ProtectedNavigation() {
       currentPath={pathname}
       onNavigate={(href) => router.push(href)}
       // Automatically filters items based on permissions
-      filterByPermissions={true}
+      // Permission filtering is always enabled
     />
   );
 }
@@ -810,7 +810,7 @@ test('filters navigation items based on permissions', () => {
       items={items}
       currentPath="/dashboard"
       onNavigate={jest.fn()}
-      filterByPermissions={true}
+      // Permission filtering is always enabled
     />
   );
 
@@ -849,4 +849,54 @@ test('filters navigation items based on permissions', () => {
 - Implement proper loading states
 - Handle navigation errors gracefully
 
+## ⚠️ Edge Cases
+
+### Permission Changes During Session
+
+When user permissions change during active session:
+- Navigation updates automatically
+- Hidden items appear when permissions granted
+- Visible items hide when permissions revoked
+- No page refresh required
+
+### Missing Navigation Items
+
+When navigation items are missing or invalid:
+- Navigation gracefully handles missing items
+- Invalid links are skipped
+- Error states are handled gracefully
+- User experience is not disrupted
+
+### Rapid Route Changes
+
+When routes change rapidly:
+- Navigation state is managed efficiently
+- Active states update correctly
+- No flickering or inconsistent states
+- Smooth transitions maintained
+
+### Deep Linking to Protected Routes
+
+When users access protected routes directly:
+- Permission checks occur before navigation
+- Redirects to appropriate pages if unauthorized
+- Clear error messages explain restrictions
+- User-friendly fallback navigation
+
+### Navigation State Loss
+
+When navigation state is lost:
+- Default states are restored
+- Navigation rebuilds from configuration
+- No data loss or corruption
+- Graceful recovery from errors
+
+### Concurrent Navigation Actions
+
+When multiple navigation actions occur:
+- Actions are queued and processed in order
+- State conflicts are prevented
+- User feedback is provided
+- Data consistency is maintained
+
 For more advanced navigation patterns and examples, see the [Navigation Examples](../examples/navigation.md) guide.

package/docs/implementation-guides/organisation-security.md

@@ -1,7 +1,7 @@
 ---
-lastUpdated: 2025-10-29T22:43:00+11:00
-version: 0.5.76
-reviewedBy: content-audit
+lastUpdated: 2025-11-18T14:00:00+11:00
+version: 0.5.181
+reviewedBy: documentation-standards-audit
 ---
 
 # Organisation Security
@@ -746,6 +746,75 @@ const { superAdminContext } = useOrganisationSecurity();
 console.log('Super admin context:', superAdminContext);
 ```
 
+## ♿ Accessibility
+
+Organisation security components are designed with accessibility in mind:
+
+- **WCAG 2.1 AA compliant** - All security components meet accessibility standards
+- **Keyboard Navigation** - Full keyboard support for all security operations
+- **Screen Reader Support** - Proper ARIA labels for security actions and status
+- **Focus Management** - Logical tab order for security interfaces
+- **Error Announcements** - Security errors are properly announced to screen readers
+- **Status Indicators** - Security status is clearly communicated
+
+### Accessibility Best Practices
+
+1. **Use semantic HTML** - Prefer semantic elements for security interfaces
+2. **Label security controls clearly** - Use descriptive labels for all security actions
+3. **Announce security status** - Use ARIA live regions for dynamic security updates
+4. **Test with screen readers** - Verify security operations work with assistive technologies
+5. **Ensure keyboard access** - All security actions should be keyboard accessible
+
+## ⚠️ Edge Cases
+
+### Organisation Context Loss
+
+When organisation context is lost during security operations:
+- Operations fail gracefully with clear error messages
+- User is redirected to organisation selection
+- Data is protected by RLS policies
+- Context is restored automatically when possible
+
+### Permission Changes During Operation
+
+When permissions change during an active operation:
+- Current operation completes with original permissions
+- Subsequent operations use new permissions
+- Clear feedback explains permission changes
+- No data corruption or unauthorized access
+
+### Super Admin Access Revocation
+
+When super admin access is revoked:
+- Current session may continue with elevated privileges
+- New operations respect revoked status
+- Audit logs track all super admin actions
+- Clear warnings indicate privilege changes
+
+### Network Failures During Security Checks
+
+When network fails during security validation:
+- Operations fail securely (deny by default)
+- Error messages clearly explain the issue
+- Retry mechanisms are available
+- User-friendly error messages guide recovery
+
+### Concurrent Security Operations
+
+When multiple security operations occur simultaneously:
+- Operations are queued and processed in order
+- Security checks prevent conflicts
+- Audit logging tracks all operations
+- Data consistency is maintained
+
+### Invalid Organisation IDs
+
+When invalid organisation IDs are provided:
+- Validation errors are clearly displayed
+- Operations fail gracefully
+- No unauthorized data access
+- User-friendly error messages guide correction
+
 ## Next Steps
 
 - **[RBAC System](../rbac/README.md)** - Role-based access control

package/docs/implementation-guides/performance.md

@@ -1,3 +1,9 @@
+---
+lastUpdated: 2025-11-18T14:00:00+11:00
+version: 0.5.181
+reviewedBy: documentation-standards-audit
+---
+
 # DataTable Performance Optimizations
 
 ## Overview
@@ -400,4 +406,54 @@ Enable detailed logging:
 
 The enhanced DataTable provides enterprise-grade performance optimizations that automatically adapt to your dataset size and usage patterns. With comprehensive virtual scrolling, intelligent pagination modes, advanced search indexing, and memory management, it can handle datasets from hundreds to hundreds of thousands of records while maintaining excellent user experience.
 
-The implementation includes extensive testing, performance monitoring, and backward compatibility, making it a drop-in replacement for the standard DataTable component with significant performance benefits. 
+The implementation includes extensive testing, performance monitoring, and backward compatibility, making it a drop-in replacement for the standard DataTable component with significant performance benefits.
+
+## ⚠️ Edge Cases
+
+### Memory Exhaustion
+
+When available memory is exhausted:
+- System gracefully degrades to server-side mode
+- Data chunking prevents memory overflow
+- Clear warnings indicate performance issues
+- Automatic cleanup prevents memory leaks
+
+### Network Failures During Data Loading
+
+When network fails during data loading:
+- Partial data is preserved when possible
+- Retry mechanisms are available
+- Error states are clearly displayed
+- User-friendly error messages guide recovery
+
+### Rapid Data Updates
+
+When data changes very rapidly:
+- Updates are batched for performance
+- Virtual scrolling handles updates efficiently
+- No flickering or inconsistent states
+- Smooth user experience maintained
+
+### Very Large Datasets (100k+ records)
+
+When handling extremely large datasets:
+- Server-side pagination is automatically enabled
+- Memory usage is optimized
+- Performance metrics help identify bottlenecks
+- System scales gracefully
+
+### Concurrent User Interactions
+
+When multiple user interactions occur simultaneously:
+- Interactions are queued and processed in order
+- Performance optimizations prevent conflicts
+- User feedback is provided for all operations
+- Data consistency is maintained
+
+### Browser Performance Limitations
+
+When browser performance is limited:
+- System automatically adjusts optimization level
+- Features may be disabled for better performance
+- Clear indicators show performance mode
+- Graceful degradation ensures functionality 

package/docs/implementation-guides/permission-enforcement.md

@@ -1,12 +1,12 @@
 ---
-lastUpdated: 2025-10-29T22:43:00+11:00
-version: 0.5.76
-reviewedBy: content-audit
+lastUpdated: 2025-11-18T14:00:00+11:00
+version: 0.5.181
+reviewedBy: documentation-standards-audit
 ---
 
 # Permission Enforcement
 
-> **📚 New Developer?** Start with the [Installation](../getting-started/installation.md) guide, then [Quick Start](../getting-started/quick-start.md) to build your first app.
+> **📚 New Developer?** Start with the [Installation](../getting-started/installation-guide.md) guide, then [Quick Start](../getting-started/quick-start.md) to build your first app.
 
 This guide covers all aspects of implementing permission enforcement in PACE Core applications, from layout-level safety nets to granular page-level controls.
 
@@ -120,7 +120,7 @@ Filter navigation items based on user permissions:
   appName="My Application"
   navItems={navItems}
   enforcePermissions={true}
-  filterNavigationByPermissions={true}
+  // Permission filtering is always enabled
   routePermissions={{
     '/dashboard': 'read',
     '/meals': 'read',
@@ -525,7 +525,7 @@ async function handleCreateMeal(req, res) {
   const { user, supabase } = req;
   
   // Check permission server-side
-  const { data: hasPermission } = await supabase.rpc('check_page_permission', {
+  const { data: hasPermission, error: permissionError } = await supabase.rpc('rbac_page_access_check', {
     p_user_id: user.id,
     p_app_id: appData.id, // Use app ID instead of app name
     p_page_id: 'meals',
@@ -534,6 +534,10 @@ async function handleCreateMeal(req, res) {
     p_organisation_id: req.body.organisationId
   });
 
+  if (permissionError) {
+    return res.status(500).json({ error: 'Failed to check permissions' });
+  }
+
   if (!hasPermission) {
     return res.status(403).json({ error: 'Insufficient permissions' });
   }
@@ -727,7 +731,7 @@ setupRBAC(supabase);
 - Ensure OrganisationProvider is wrapping your app
 
 #### 2. Navigation items not filtering
-- Enable `filterNavigationByPermissions={true}`
+- Permission filtering is always enabled - no prop needed
 - Ensure `routePermissions` is configured
 - Check that page IDs match the mapping
 
@@ -777,4 +781,73 @@ rbacLogger.debug('Permission debug:', debugInfo);
 - You're building dynamic UI based on permissions
 - You need fine-grained control over permission checks
 
-This comprehensive permission enforcement system provides multiple layers of security and UX optimization for PACE Core applications. 
+This comprehensive permission enforcement system provides multiple layers of security and UX optimization for PACE Core applications.
+
+## ♿ Accessibility
+
+Permission enforcement components are designed with accessibility in mind:
+
+- **WCAG 2.1 AA compliant** - All permission components meet accessibility standards
+- **Keyboard Navigation** - Full keyboard support for permission-protected interfaces
+- **Screen Reader Support** - Proper ARIA labels for permission states and errors
+- **Focus Management** - Logical tab order for permission interfaces
+- **Error Announcements** - Permission errors are properly announced to screen readers
+- **Status Indicators** - Permission status is clearly communicated
+
+### Accessibility Best Practices
+
+1. **Use semantic HTML** - Prefer semantic elements for permission-protected content
+2. **Label permission controls clearly** - Use descriptive labels for all permission actions
+3. **Announce permission changes** - Use ARIA live regions for dynamic permission updates
+4. **Test with screen readers** - Verify permission operations work with assistive technologies
+5. **Ensure keyboard access** - All permission-protected content should be keyboard accessible
+
+## ⚠️ Edge Cases
+
+### Permission Changes During Session
+
+When user permissions change during active session:
+- Permission checks update automatically
+- Protected content appears/disappears dynamically
+- No page refresh required
+- Clear feedback explains permission changes
+
+### Missing Permission Data
+
+When permission data is missing or unavailable:
+- System fails securely (denies access by default)
+- Clear error messages explain the issue
+- Fallback UI is shown when appropriate
+- User-friendly error messages guide recovery
+
+### Network Failures During Permission Checks
+
+When network fails during permission validation:
+- Operations fail securely (deny by default)
+- Cached permissions may be used when available
+- Error messages clearly explain the issue
+- Retry mechanisms are available
+
+### Concurrent Permission Operations
+
+When multiple permission operations occur simultaneously:
+- Operations are queued and processed in order
+- Permission checks prevent conflicts
+- Audit logging tracks all operations
+- Data consistency is maintained
+
+### Invalid Permission Scopes
+
+When invalid permission scopes are provided:
+- Validation errors are clearly displayed
+- Operations fail gracefully
+- No unauthorized data access
+- User-friendly error messages guide correction
+
+### Super Admin Bypass
+
+When super admin bypasses permission checks:
+- Bypass is clearly logged in audit trail
+- UI indicates elevated privileges
+- Security is maintained through audit logging
+- Clear warnings indicate privilege status