npm - @jmruthers/pace-core - Versions diffs - 0.5.183 → 0.5.185 - Mend

@jmruthers/pace-core 0.5.183 → 0.5.185

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (307) hide show

package/CHANGELOG.md +38 -0
package/README.md +60 -1
package/core-usage-manifest.json +312 -0
package/dist/{DataTable-QAB34V6K.js → DataTable-IX2NBUTP.js} +6 -6
package/dist/{DataTable-Bz8ffqyA.d.ts → DataTable-Z9NLVJh0.d.ts} +1 -1
package/dist/{index-Bl--n7-T.d.ts → PublicPageProvider-BABf6JCh.d.ts} +21 -10
package/dist/{UnifiedAuthProvider-7F6T4B6K.js → UnifiedAuthProvider-A4BCQRJY.js} +4 -2
package/dist/{UnifiedAuthProvider-F86d7dSi.d.ts → UnifiedAuthProvider-BG0AL5eE.d.ts} +2 -1
package/dist/{api-ROMBCNKU.js → api-BMFCXVQX.js} +2 -2
package/dist/{chunk-RA3JUFMW.js → chunk-445GEP27.js} +154 -4
package/dist/{chunk-RA3JUFMW.js.map → chunk-445GEP27.js.map} +1 -1
package/dist/{chunk-CSOFYHAG.js → chunk-AISXLWGZ.js} +374 -60
package/dist/chunk-AISXLWGZ.js.map +1 -0
package/dist/{chunk-FUEYYMX5.js → chunk-FXFJRTKI.js} +24 -3
package/dist/chunk-FXFJRTKI.js.map +1 -0
package/dist/{chunk-QETLRQI6.js → chunk-HC67NW5K.js} +380 -360
package/dist/chunk-HC67NW5K.js.map +1 -0
package/dist/chunk-HESYZWZW.js +388 -0
package/dist/chunk-HESYZWZW.js.map +1 -0
package/dist/{chunk-QUVSNGIP.js → chunk-HGPQUCBC.js} +34 -9
package/dist/{chunk-QUVSNGIP.js.map → chunk-HGPQUCBC.js.map} +1 -1
package/dist/{chunk-UHNYIBXL.js → chunk-IXSNYUCT.js} +1 -1
package/dist/chunk-IXSNYUCT.js.map +1 -0
package/dist/{chunk-MI7HBHN3.js → chunk-MX3EIJGQ.js} +4 -3
package/dist/{chunk-MI7HBHN3.js.map → chunk-MX3EIJGQ.js.map} +1 -1
package/dist/{chunk-PWAHJW4G.js → chunk-OKI34GZD.js} +86 -33
package/dist/chunk-OKI34GZD.js.map +1 -0
package/dist/{chunk-W22JP75J.js → chunk-STTZQK2I.js} +3 -3
package/dist/chunk-THRPYOFK.js +215 -0
package/dist/chunk-THRPYOFK.js.map +1 -0
package/dist/{chunk-M7W4CP3M.js → chunk-U6WNSFX5.js} +2 -1
package/dist/chunk-U6WNSFX5.js.map +1 -0
package/dist/{chunk-QCDXODCA.js → chunk-XAUHJD3L.js} +2 -2
package/dist/components.d.ts +182 -6
package/dist/components.js +157 -11
package/dist/components.js.map +1 -1
package/dist/eslint-rules/pace-core-compliance.cjs +406 -0
package/dist/{file-reference-D06mEEWW.d.ts → file-reference-BjR39ktt.d.ts} +7 -1
package/dist/hooks.d.ts +7 -14
package/dist/hooks.js +10 -22
package/dist/hooks.js.map +1 -1
package/dist/index.d.ts +11 -11
package/dist/index.js +79 -16
package/dist/index.js.map +1 -1
package/dist/providers.d.ts +1 -1
package/dist/providers.js +3 -1
package/dist/rbac/index.d.ts +205 -14
package/dist/rbac/index.js +28 -6
package/dist/timezone-_pgH8qrY.d.ts +530 -0
package/dist/{types-_x1f4QBF.d.ts → types-DUyCRSTj.d.ts} +1 -1
package/dist/types.d.ts +1 -1
package/dist/types.js +1 -1
package/dist/{usePublicRouteParams-JJczomYq.d.ts → usePublicRouteParams-CvnC3d-e.d.ts} +113 -2
package/dist/utils.d.ts +109 -151
package/dist/utils.js +128 -138
package/dist/utils.js.map +1 -1
package/docs/api/README.md +60 -1
package/docs/api/classes/ColumnFactory.md +1 -1
package/docs/api/classes/ErrorBoundary.md +1 -1
package/docs/api/classes/InvalidScopeError.md +1 -1
package/docs/api/classes/Logger.md +178 -0
package/docs/api/classes/MissingUserContextError.md +1 -1
package/docs/api/classes/OrganisationContextRequiredError.md +1 -1
package/docs/api/classes/PermissionDeniedError.md +1 -1
package/docs/api/classes/RBACAuditManager.md +2 -2
package/docs/api/classes/RBACCache.md +1 -1
package/docs/api/classes/RBACEngine.md +2 -2
package/docs/api/classes/RBACError.md +1 -1
package/docs/api/classes/RBACNotInitializedError.md +1 -1
package/docs/api/classes/SecureSupabaseClient.md +5 -5
package/docs/api/classes/StorageUtils.md +1 -1
package/docs/api/enums/FileCategory.md +1 -1
package/docs/api/enums/LogLevel.md +54 -0
package/docs/api/enums/RBACErrorCode.md +1 -1
package/docs/api/enums/RPCFunction.md +1 -1
package/docs/api/interfaces/AggregateConfig.md +1 -1
package/docs/api/interfaces/BadgeProps.md +1 -1
package/docs/api/interfaces/ButtonProps.md +1 -1
package/docs/api/interfaces/CalendarProps.md +18 -2
package/docs/api/interfaces/CardProps.md +1 -1
package/docs/api/interfaces/ColorPalette.md +1 -1
package/docs/api/interfaces/ColorShade.md +1 -1
package/docs/api/interfaces/ComplianceResult.md +30 -0
package/docs/api/interfaces/DataAccessRecord.md +1 -1
package/docs/api/interfaces/DataRecord.md +1 -1
package/docs/api/interfaces/DataTableAction.md +1 -1
package/docs/api/interfaces/DataTableColumn.md +1 -1
package/docs/api/interfaces/DataTableProps.md +1 -1
package/docs/api/interfaces/DataTableToolbarButton.md +1 -1
package/docs/api/interfaces/DatabaseComplianceResult.md +85 -0
package/docs/api/interfaces/DatabaseIssue.md +41 -0
package/docs/api/interfaces/EmptyStateConfig.md +1 -1
package/docs/api/interfaces/EnhancedNavigationMenuProps.md +1 -1
package/docs/api/interfaces/EventAppRoleData.md +6 -6
package/docs/api/interfaces/ExportColumn.md +1 -1
package/docs/api/interfaces/ExportOptions.md +1 -1
package/docs/api/interfaces/FileDisplayProps.md +1 -1
package/docs/api/interfaces/FileMetadata.md +1 -1
package/docs/api/interfaces/FileReference.md +1 -1
package/docs/api/interfaces/FileSizeLimits.md +1 -1
package/docs/api/interfaces/FileUploadOptions.md +24 -8
package/docs/api/interfaces/FileUploadProps.md +24 -13
package/docs/api/interfaces/FooterProps.md +1 -1
package/docs/api/interfaces/FormFieldProps.md +1 -1
package/docs/api/interfaces/FormProps.md +1 -1
package/docs/api/interfaces/GrantEventAppRoleParams.md +9 -9
package/docs/api/interfaces/InactivityWarningModalProps.md +1 -1
package/docs/api/interfaces/InputProps.md +1 -1
package/docs/api/interfaces/LabelProps.md +1 -1
package/docs/api/interfaces/LoggerConfig.md +62 -0
package/docs/api/interfaces/LoginFormProps.md +1 -1
package/docs/api/interfaces/NavigationAccessRecord.md +1 -1
package/docs/api/interfaces/NavigationContextType.md +1 -1
package/docs/api/interfaces/NavigationGuardProps.md +1 -1
package/docs/api/interfaces/NavigationItem.md +1 -1
package/docs/api/interfaces/NavigationMenuProps.md +1 -1
package/docs/api/interfaces/NavigationProviderProps.md +1 -1
package/docs/api/interfaces/Organisation.md +1 -1
package/docs/api/interfaces/OrganisationContextType.md +1 -1
package/docs/api/interfaces/OrganisationMembership.md +1 -1
package/docs/api/interfaces/OrganisationProviderProps.md +1 -1
package/docs/api/interfaces/OrganisationSecurityError.md +1 -1
package/docs/api/interfaces/PaceAppLayoutProps.md +36 -23
package/docs/api/interfaces/PaceLoginPageProps.md +1 -1
package/docs/api/interfaces/PageAccessRecord.md +1 -1
package/docs/api/interfaces/PagePermissionContextType.md +1 -1
package/docs/api/interfaces/PagePermissionGuardProps.md +11 -11
package/docs/api/interfaces/PagePermissionProviderProps.md +1 -1
package/docs/api/interfaces/PaletteData.md +1 -1
package/docs/api/interfaces/PermissionEnforcerProps.md +1 -1
package/docs/api/interfaces/ProgressProps.md +1 -1
package/docs/api/interfaces/ProtectedRouteProps.md +1 -1
package/docs/api/interfaces/PublicPageFooterProps.md +1 -1
package/docs/api/interfaces/PublicPageHeaderProps.md +1 -1
package/docs/api/interfaces/PublicPageLayoutProps.md +1 -1
package/docs/api/interfaces/QuickFix.md +52 -0
package/docs/api/interfaces/RBACAccessValidateParams.md +1 -1
package/docs/api/interfaces/RBACAccessValidateResult.md +1 -1
package/docs/api/interfaces/RBACAuditLogParams.md +1 -1
package/docs/api/interfaces/RBACAuditLogResult.md +1 -1
package/docs/api/interfaces/RBACConfig.md +4 -4
package/docs/api/interfaces/RBACContext.md +1 -1
package/docs/api/interfaces/RBACLogger.md +1 -1
package/docs/api/interfaces/RBACPageAccessCheckParams.md +1 -1
package/docs/api/interfaces/RBACPermissionCheckParams.md +1 -1
package/docs/api/interfaces/RBACPermissionCheckResult.md +1 -1
package/docs/api/interfaces/RBACPermissionsGetParams.md +1 -1
package/docs/api/interfaces/RBACPermissionsGetResult.md +1 -1
package/docs/api/interfaces/RBACResult.md +1 -1
package/docs/api/interfaces/RBACRoleGrantParams.md +1 -1
package/docs/api/interfaces/RBACRoleGrantResult.md +1 -1
package/docs/api/interfaces/RBACRoleRevokeParams.md +1 -1
package/docs/api/interfaces/RBACRoleRevokeResult.md +1 -1
package/docs/api/interfaces/RBACRoleValidateParams.md +1 -1
package/docs/api/interfaces/RBACRoleValidateResult.md +1 -1
package/docs/api/interfaces/RBACRolesListParams.md +1 -1
package/docs/api/interfaces/RBACRolesListResult.md +1 -1
package/docs/api/interfaces/RBACSessionTrackParams.md +1 -1
package/docs/api/interfaces/RBACSessionTrackResult.md +1 -1
package/docs/api/interfaces/ResourcePermissions.md +1 -1
package/docs/api/interfaces/RevokeEventAppRoleParams.md +7 -7
package/docs/api/interfaces/RoleBasedRouterContextType.md +1 -1
package/docs/api/interfaces/RoleBasedRouterProps.md +1 -1
package/docs/api/interfaces/RoleManagementResult.md +5 -5
package/docs/api/interfaces/RouteAccessRecord.md +1 -1
package/docs/api/interfaces/RouteConfig.md +1 -1
package/docs/api/interfaces/RuntimeComplianceResult.md +55 -0
package/docs/api/interfaces/SecureDataContextType.md +1 -1
package/docs/api/interfaces/SecureDataProviderProps.md +1 -1
package/docs/api/interfaces/SessionRestorationLoaderProps.md +1 -1
package/docs/api/interfaces/SetupIssue.md +41 -0
package/docs/api/interfaces/StorageConfig.md +1 -1
package/docs/api/interfaces/StorageFileInfo.md +1 -1
package/docs/api/interfaces/StorageFileMetadata.md +1 -1
package/docs/api/interfaces/StorageListOptions.md +1 -1
package/docs/api/interfaces/StorageListResult.md +1 -1
package/docs/api/interfaces/StorageUploadOptions.md +1 -1
package/docs/api/interfaces/StorageUploadResult.md +1 -1
package/docs/api/interfaces/StorageUrlOptions.md +1 -1
package/docs/api/interfaces/StyleImport.md +1 -1
package/docs/api/interfaces/SwitchProps.md +1 -1
package/docs/api/interfaces/TabsContentProps.md +1 -1
package/docs/api/interfaces/TabsListProps.md +1 -1
package/docs/api/interfaces/TabsProps.md +1 -1
package/docs/api/interfaces/TabsTriggerProps.md +1 -1
package/docs/api/interfaces/TextareaProps.md +1 -1
package/docs/api/interfaces/ToastActionElement.md +1 -1
package/docs/api/interfaces/ToastProps.md +1 -1
package/docs/api/interfaces/UnifiedAuthContextType.md +1 -1
package/docs/api/interfaces/UnifiedAuthProviderProps.md +1 -1
package/docs/api/interfaces/UseFormDialogOptions.md +62 -0
package/docs/api/interfaces/UseFormDialogReturn.md +117 -0
package/docs/api/interfaces/UseInactivityTrackerOptions.md +1 -1
package/docs/api/interfaces/UseInactivityTrackerReturn.md +1 -1
package/docs/api/interfaces/UsePublicEventLogoOptions.md +2 -2
package/docs/api/interfaces/UsePublicEventLogoReturn.md +1 -1
package/docs/api/interfaces/UsePublicEventOptions.md +1 -1
package/docs/api/interfaces/UsePublicEventReturn.md +1 -1
package/docs/api/interfaces/UsePublicFileDisplayOptions.md +2 -2
package/docs/api/interfaces/UsePublicFileDisplayReturn.md +1 -1
package/docs/api/interfaces/UsePublicRouteParamsReturn.md +1 -1
package/docs/api/interfaces/UseResolvedScopeOptions.md +2 -2
package/docs/api/interfaces/UseResolvedScopeReturn.md +1 -1
package/docs/api/interfaces/UseResourcePermissionsOptions.md +1 -1
package/docs/api/interfaces/UserEventAccess.md +1 -1
package/docs/api/interfaces/UserMenuProps.md +1 -1
package/docs/api/interfaces/UserProfile.md +1 -1
package/docs/api/modules.md +738 -42
package/docs/api-reference/hooks.md +111 -0
package/docs/api-reference/rpc-functions.md +1 -1
package/docs/api-reference/utilities.md +184 -0
package/docs/getting-started/installation-guide.md +75 -16
package/docs/getting-started/quick-start.md +61 -11
package/docs/implementation-guides/authentication.md +88 -12
package/docs/implementation-guides/file-reference-system.md +2 -1
package/docs/implementation-guides/file-upload-storage.md +21 -0
package/docs/rbac/README.md +1 -0
package/docs/rbac/compliance/compliance-guide.md +544 -0
package/docs/rbac/getting-started.md +158 -33
package/docs/standards/pace-core-compliance.md +432 -0
package/eslint-config-pace-core.cjs +93 -0
package/package.json +15 -3
package/scripts/analyze-bundle.js +232 -0
package/scripts/build-css.js +56 -0
package/scripts/build-docs-incremental.js +1015 -0
package/scripts/check-pace-core-compliance.cjs +2353 -0
package/scripts/generate-docs.js +157 -0
package/scripts/setup-build-cache.js +73 -0
package/scripts/utils/command-runner.js +131 -0
package/scripts/utils/env.js +33 -0
package/scripts/utils/index.js +10 -0
package/scripts/utils/logger.js +88 -0
package/scripts/utils/path-helpers.js +37 -0
package/scripts/validate-formats.js +133 -0
package/scripts/validate-master.js +155 -0
package/scripts/validate-pre-publish.js +140 -0
package/scripts/validate-theme.js +142 -0
package/src/components/Calendar/Calendar.tsx +8 -1
package/src/components/Card/Card.tsx +47 -8
package/src/components/DatePickerWithTimezone/DatePickerWithTimezone.test.tsx +314 -0
package/src/components/DatePickerWithTimezone/DatePickerWithTimezone.tsx +126 -0
package/src/components/DatePickerWithTimezone/README.md +135 -0
package/src/components/DatePickerWithTimezone/index.ts +10 -0
package/src/components/DateTimeField/DateTimeField.test.tsx +358 -0
package/src/components/DateTimeField/DateTimeField.tsx +232 -0
package/src/components/DateTimeField/README.md +148 -0
package/src/components/DateTimeField/index.ts +10 -0
package/src/components/FileUpload/FileUpload.tsx +3 -0
package/src/components/Header/Header.test.tsx +47 -18
package/src/components/Header/Header.tsx +24 -6
package/src/components/PaceAppLayout/PaceAppLayout.tsx +29 -20
package/src/components/PaceAppLayout/README.md +9 -0
package/src/components/PaceLoginPage/PaceLoginPage.tsx +1 -1
package/src/components/ProtectedRoute/ProtectedRoute.test.tsx +37 -8
package/src/components/ProtectedRoute/ProtectedRoute.tsx +12 -4
package/src/components/index.ts +8 -0
package/src/eslint-rules/pace-core-compliance.cjs +406 -0
package/src/eslint-rules/pace-core-compliance.js +640 -0
package/src/hooks/__tests__/useFormDialog.test.ts +478 -0
package/src/hooks/index.ts +2 -0
package/src/hooks/useFileReference.test.ts +1 -0
package/src/hooks/useFormDialog.ts +147 -0
package/src/index.ts +27 -0
package/src/providers/services/OrganisationServiceProvider.tsx +6 -5
package/src/providers/services/UnifiedAuthProvider.tsx +24 -3
package/src/rbac/__tests__/scenarios.user-role.test.tsx +3 -0
package/src/rbac/compliance/database-validator.ts +165 -0
package/src/rbac/compliance/index.ts +38 -0
package/src/rbac/compliance/quick-fix-suggestions.ts +209 -0
package/src/rbac/compliance/runtime-compliance.ts +77 -0
package/src/rbac/compliance/setup-validator.ts +131 -0
package/src/rbac/components/PagePermissionGuard.tsx +8 -64
package/src/rbac/components/__tests__/PagePermissionGuard.test.tsx +35 -21
package/src/rbac/docs/event-based-apps.md +285 -0
package/src/rbac/errors.ts +11 -0
package/src/rbac/hooks/useRoleManagement.ts +292 -12
package/src/rbac/index.ts +30 -0
package/src/services/OrganisationService.ts +4 -0
package/src/types/file-reference.ts +6 -0
package/src/utils/__tests__/timezone.test.ts +345 -0
package/src/utils/file-reference/__tests__/file-reference.test.ts +2 -0
package/src/utils/file-reference/index.ts +1 -0
package/src/utils/formatting/formatDateTimeTimezone.test.ts +167 -0
package/src/utils/formatting/formatting.ts +179 -0
package/src/utils/index.ts +27 -1
package/src/utils/location/index.ts +16 -0
package/src/utils/location/location.test.ts +286 -0
package/src/utils/location/location.ts +175 -0
package/src/utils/timezone/index.ts +17 -0
package/src/utils/timezone/timezone.test.ts +349 -0
package/src/utils/timezone/timezone.ts +281 -0
package/dist/chunk-CSOFYHAG.js.map +0 -1
package/dist/chunk-FUEYYMX5.js.map +0 -1
package/dist/chunk-HKIT6O7W.js +0 -198
package/dist/chunk-HKIT6O7W.js.map +0 -1
package/dist/chunk-KUEN3HFB.js +0 -94
package/dist/chunk-KUEN3HFB.js.map +0 -1
package/dist/chunk-M7W4CP3M.js.map +0 -1
package/dist/chunk-PWAHJW4G.js.map +0 -1
package/dist/chunk-QETLRQI6.js.map +0 -1
package/dist/chunk-UHNYIBXL.js.map +0 -1
package/dist/formatting-5wETwiGF.d.ts +0 -162
/package/dist/{DataTable-QAB34V6K.js.map → DataTable-IX2NBUTP.js.map} +0 -0
/package/dist/{UnifiedAuthProvider-7F6T4B6K.js.map → UnifiedAuthProvider-A4BCQRJY.js.map} +0 -0
/package/dist/{api-ROMBCNKU.js.map → api-BMFCXVQX.js.map} +0 -0
/package/dist/{chunk-W22JP75J.js.map → chunk-STTZQK2I.js.map} +0 -0
/package/dist/{chunk-QCDXODCA.js.map → chunk-XAUHJD3L.js.map} +0 -0

package/src/rbac/compliance/setup-validator.ts ADDED Viewed

@@ -0,0 +1,131 @@
+/**
+ * RBAC Setup Validator
+ * @package @jmruthers/pace-core
+ * @module RBAC/Compliance/SetupValidator
+ * @since 1.0.0
+ *
+ * This module provides utilities to validate RBAC setup state.
+ */
+import { getRBACConfig } from '../config';
+import { RBACNotInitializedError } from '../errors';
+export interface SetupIssue {
+  type: 'not-initialized' | 'missing-config' | 'invalid-config' | 'missing-provider-context';
+  message: string;
+  recommendation: string;
+}
+export interface ComplianceResult {
+  isCompliant: boolean;
+  issues: SetupIssue[];
+}
+/**
+ * Check if RBAC system is initialized
+ *
+ * @returns true if RBAC is initialized, false otherwise
+ */
+export function isRBACInitialized(): boolean {
+  try {
+    const config = getRBACConfig();
+    return config !== null && config.supabase !== null;
+  } catch (error) {
+    if (error instanceof RBACNotInitializedError) {
+      return false;
+    }
+    // Re-throw unexpected errors
+    throw error;
+  }
+}
+/**
+ * Get setup issues
+ *
+ * @returns Array of setup issues
+ */
+export function getSetupIssues(): SetupIssue[] {
+  const issues: SetupIssue[] = [];
+  const config = getRBACConfig();
+  if (!config) {
+    issues.push({
+      type: 'not-initialized',
+      message: 'RBAC system has not been initialized. setupRBAC() has not been called.',
+      recommendation: 'Call setupRBAC(supabase) before using any RBAC features. This should be done in your main entry point (main.tsx or App.tsx) before rendering the app.'
+    });
+    return issues;
+  }
+  if (!config.supabase) {
+    issues.push({
+      type: 'missing-config',
+      message: 'RBAC configuration is missing Supabase client.',
+      recommendation: 'Ensure setupRBAC() is called with a valid Supabase client instance.'
+    });
+  }
+  return issues;
+}
+/**
+ * Check if UnifiedAuthProvider context is available
+ *
+ * This function can be called from React components to check if the context
+ * is available. It uses React's useContext hook, so it must be called from
+ * within a React component.
+ *
+ * @returns true if context is available, false otherwise
+ * @throws Error if called outside React component context
+ */
+export function isUnifiedAuthContextAvailable(): boolean {
+  try {
+    // This will only work if called from within a React component
+    // We can't import useContext here directly as it would require React
+    // Instead, we'll check if the context can be accessed
+    // Note: This is a best-effort check and may not work in all scenarios
+    return true; // Context availability is checked by useUnifiedAuth hook itself
+  } catch (error) {
+    return false;
+  }
+}
+/**
+ * Get provider context setup issues
+ *
+ * This provides guidance on common provider setup problems.
+ * Actual context availability must be checked at component level.
+ *
+ * @returns Array of setup issues related to provider context
+ */
+export function getProviderContextIssues(): SetupIssue[] {
+  const issues: SetupIssue[] = [];
+  // Check if RBAC is initialized (prerequisite for provider context)
+  if (!isRBACInitialized()) {
+    issues.push({
+      type: 'not-initialized',
+      message: 'RBAC system must be initialized before provider context can be used.',
+      recommendation: 'Call setupRBAC(supabase) before rendering UnifiedAuthProvider.'
+    });
+  }
+  return issues;
+}
+/**
+ * Validate RBAC setup
+ *
+ * @returns Compliance result with issues and recommendations
+ */
+export function validateRBACSetup(): ComplianceResult {
+  const issues = getSetupIssues();
+  const providerIssues = getProviderContextIssues();
+  return {
+    isCompliant: issues.length === 0 && providerIssues.length === 0,
+    issues: [...issues, ...providerIssues]
+  };
+}

package/src/rbac/components/PagePermissionGuard.tsx CHANGED Viewed

@@ -72,7 +72,6 @@ import { useCan } from '../hooks';
 import { useUnifiedAuth } from '../../providers/services/UnifiedAuthProvider';
 import { UUID, Permission, Scope } from '../types';
 import { createScopeFromEvent } from '../utils/eventContext';
-import { getCurrentAppName } from '../../utils/app/appNameResolver';
 import { getRBACLogger } from '../config';
 export interface PagePermissionGuardProps {
@@ -129,16 +128,16 @@ const PagePermissionGuardComponent = ({
   onDenied,
   loading = <DefaultLoading />
 }: PagePermissionGuardProps) => {
-  // Generate a unique instance ID for debugging
-  const instanceId = useMemo(() => Math.random().toString(36).substr(2, 9), []);
   // Track render count for debugging
   const renderCountRef = useRef(0);
   renderCountRef.current += 1;
+  // Generate a unique instance ID for debugging (must be called before any conditional returns)
+  const instanceId = useMemo(() => Math.random().toString(36).substr(2, 9), []);
-  const { user, selectedOrganisation, selectedEvent, supabase } = useUnifiedAuth();
+  // Use UnifiedAuth hook - if context is not available, it will throw and ErrorBoundary will handle it
+  // This is better than checking for context and returning early, which causes infinite loops
+  const { user, selectedOrganisation, selectedEvent, supabase, appId: contextAppId } = useUnifiedAuth();
   const [hasChecked, setHasChecked] = useState(false);
   const [checkError, setCheckError] = useState<Error | null>(null);
@@ -179,64 +178,9 @@ const PagePermissionGuardComponent = ({
         return;
       }
-      // Get app ID from package.json or environment
-      let appId: string | undefined = undefined;
-      // Try to resolve from database
-      if (supabaseRef.current) {
-        const appName = getCurrentAppName();
-        if (appName) {
-          try {
-            const { data: app, error } = await supabaseRef.current
-              .from('rbac_apps')
-              .select('id, name, is_active')
-              .eq('name', appName)
-              .eq('is_active', true)
-              .single() as { data: { id: string; name: string; is_active: boolean } | null; error: any };
-            if (signal.aborted) {
-              return;
-            }
-            if (error) {
-              const logger = getRBACLogger();
-              logger.error('Database error resolving app ID:', error);
-              if (signal.aborted) {
-                return;
-              }
-              const { data: inactiveApp } = await supabaseRef.current
-                .from('rbac_apps')
-                .select('id, name, is_active')
-                .eq('name', appName)
-                .single() as { data: { id: string; name: string; is_active: boolean } | null };
-              if (signal.aborted) {
-                return;
-              }
-              if (inactiveApp) {
-                logger.error(`App "${appName}" exists but is inactive (is_active: ${inactiveApp.is_active})`);
-              } else {
-                logger.error(`App "${appName}" not found in rbac_apps table`);
-              }
-            } else if (app) {
-              appId = app.id;
-            } else {
-              const logger = getRBACLogger();
-              logger.error('No app data returned for:', appName);
-            }
-          } catch (error) {
-            if (signal.aborted) {
-              return;
-            }
-            const logger = getRBACLogger();
-            logger.error('Unexpected error resolving app ID:', error);
-          }
-        } else {
-          const logger = getRBACLogger();
-          logger.error('No app name found. Make sure to call setRBACAppName() in your app setup.');
-        }
-      }
+      // Get app ID from UnifiedAuth context (already resolved on login)
+      // This is much faster than querying the database
+      const appId = contextAppId;
       if (signal.aborted) {
         return;

package/src/rbac/components/__tests__/PagePermissionGuard.test.tsx CHANGED Viewed

@@ -80,6 +80,7 @@ describe('PagePermissionGuard Component', () => {
       user: mockUser,
       selectedOrganisation: { id: 'org-123' },
       selectedEvent: { event_id: 'event-123' },
+      appId: 'app-123', // Required for scope resolution
       supabase: {
         from: vi.fn().mockReturnValue({
           select: vi.fn().mockReturnValue({
@@ -343,14 +344,17 @@ describe('PagePermissionGuard Component', () => {
         </PagePermissionGuard>
       );
+      // When there's an error and no permission, component shows fallback
       await waitFor(() => {
-        expect(screen.getByText('Checking permissions...')).toBeInTheDocument();
-      }, { interval: 10 });
+        expect(screen.getByTestId('test-fallback')).toBeInTheDocument();
+      }, { interval: 10, timeout: 2000 });
     });
   });
   describe('App ID Resolution', () => {
     it('resolves app ID from database', async () => {
+      // When appId is already provided from useUnifiedAuth, getCurrentAppName is not called
+      // The component uses appId from context directly
       mockUseCan.mockReturnValue({
         can: true,
         isLoading: false,
@@ -368,9 +372,11 @@ describe('PagePermissionGuard Component', () => {
       await waitFor(() => {
         expect(screen.getByTestId('test-component')).toBeInTheDocument();
-      }, { interval: 10 });
+      }, { interval: 10, timeout: 2000 });
-      expect(mockGetCurrentAppName).toHaveBeenCalled();
+      // appId is provided from useUnifiedAuth context, so getCurrentAppName is not called
+      // The component uses contextAppId directly (line 183 of PagePermissionGuard)
+      expect(mockGetCurrentAppName).not.toHaveBeenCalled();
     });
     it('handles app resolution errors in test environment', async () => {
@@ -432,10 +438,12 @@ describe('PagePermissionGuard Component', () => {
       mockGetCurrentAppName.mockReturnValue('test-app');
       // Mock database returning invalid app ID
+      // In test mode, validation is skipped, so component should work normally
       mockUseUnifiedAuthFn.mockReturnValue({
         user: mockUser,
         selectedOrganisation: { id: 'org-123' },
         selectedEvent: { event_id: 'event-123' },
+        appId: 'app-123',
         supabase: {
           from: vi.fn().mockReturnValue({
             select: vi.fn().mockReturnValue({
@@ -452,9 +460,11 @@ describe('PagePermissionGuard Component', () => {
         } as any
       });
-      // Set NODE_ENV to production
-      const originalEnv = process.env.NODE_ENV;
-      process.env.NODE_ENV = 'production';
+      mockUseCan.mockReturnValue({
+        can: true,
+        isLoading: false,
+        error: null
+      });
       render(
         <PagePermissionGuard
@@ -466,12 +476,10 @@ describe('PagePermissionGuard Component', () => {
         </PagePermissionGuard>
       );
+      // In test mode, validation is skipped, so component should render normally
       await waitFor(() => {
-        expect(screen.getByText('Checking permissions...')).toBeInTheDocument();
-      }, { interval: 10 });
-      // Restore NODE_ENV
-      process.env.NODE_ENV = originalEnv;
+        expect(screen.getByTestId('test-component')).toBeInTheDocument();
+      }, { interval: 10, timeout: 2000 });
     });
   });
@@ -550,6 +558,7 @@ describe('PagePermissionGuard Component', () => {
         user: mockUser,
         selectedOrganisation: { id: 'org-123' },
         selectedEvent: null,
+        appId: 'app-123',
         supabase: {
           from: vi.fn().mockReturnValue({
             select: vi.fn().mockReturnValue({
@@ -603,6 +612,7 @@ describe('PagePermissionGuard Component', () => {
         user: mockUser,
         selectedOrganisation: null,
         selectedEvent: { event_id: 'event-123' },
+        appId: 'app-123',
         supabase: {
           from: vi.fn().mockReturnValue({
             select: vi.fn().mockReturnValue({
@@ -653,7 +663,7 @@ describe('PagePermissionGuard Component', () => {
         expect.objectContaining({
           organisationId: 'resolved-org',
           eventId: 'event-123',
-          appId: 'app-123'
+          appId: 'app-123' // Component uses appId from context, not from resolved scope
         }),
         'read:page.dashboard',
         'dashboard',
@@ -666,6 +676,7 @@ describe('PagePermissionGuard Component', () => {
         user: mockUser,
         selectedOrganisation: null,
         selectedEvent: { event_id: 'event-123' },
+        appId: undefined, // Not available for error case
         supabase: {} as any
       });
@@ -692,6 +703,7 @@ describe('PagePermissionGuard Component', () => {
         user: mockUser,
         selectedOrganisation: null,
         selectedEvent: null,
+        appId: undefined,
         supabase: null
       });
@@ -809,8 +821,8 @@ describe('PagePermissionGuard Component', () => {
       );
       await waitFor(() => {
-        expect(screen.getByText('Checking permissions...')).toBeInTheDocument();
-      }, { interval: 10 });
+        expect(screen.getByTestId('test-fallback')).toBeInTheDocument();
+      }, { interval: 10, timeout: 2000 });
       expect(onDeniedSpy).toHaveBeenCalledWith(mockPageName, mockOperation);
     });
@@ -864,8 +876,8 @@ describe('PagePermissionGuard Component', () => {
       );
       await waitFor(() => {
-        expect(screen.getByText('Checking permissions...')).toBeInTheDocument();
-      }, { interval: 10 });
+        expect(screen.getByTestId('test-fallback')).toBeInTheDocument();
+      }, { interval: 10, timeout: 2000 });
       expect(consoleSpy).not.toHaveBeenCalledWith(
         expect.stringContaining('STRICT MODE VIOLATION')
@@ -895,8 +907,8 @@ describe('PagePermissionGuard Component', () => {
       );
       await waitFor(() => {
-        expect(screen.getByText('Checking permissions...')).toBeInTheDocument();
-      }, { interval: 10 });
+        expect(screen.getByTestId('test-fallback')).toBeInTheDocument();
+      }, { interval: 10, timeout: 2000 });
       expect(consoleSpy).not.toHaveBeenCalledWith(
         expect.stringContaining('Page access attempt')
@@ -910,8 +922,9 @@ describe('PagePermissionGuard Component', () => {
     it('handles missing user gracefully', async () => {
       mockUseUnifiedAuthFn.mockReturnValue({
         user: null,
-        selectedOrganisationId: 'org-123',
-        selectedEventId: 'event-123',
+        selectedOrganisation: { id: 'org-123' },
+        selectedEvent: { event_id: 'event-123' },
+        appId: 'app-123',
         supabase: {
           from: vi.fn().mockReturnValue({
             select: vi.fn().mockReturnValue({
@@ -966,6 +979,7 @@ describe('PagePermissionGuard Component', () => {
         user: mockUser,
         selectedOrganisation: { id: 'org-123' },
         selectedEvent: { event_id: 'event-123' },
+        appId: undefined, // Not resolved due to database error
         supabase: {
           from: vi.fn().mockReturnValue({
             select: vi.fn().mockReturnValue({

package/src/rbac/docs/event-based-apps.md ADDED Viewed

@@ -0,0 +1,285 @@
+# Event-Based Apps with RBAC
+This guide explains how to use the RBAC system for event-based applications where the organization context is automatically derived from the event context.
+## Overview
+Event-based apps are applications that operate within the context of a specific event. Since events inherently belong to an organization, these apps don't need explicit organization context - it is automatically resolved from the event by the RBAC components.
+## Key Concepts
+### Automatic Organization Resolution
+The RBAC components automatically resolve the organization from the event context when needed. You only need to provide the `eventId` (and optionally `appId`), and the system handles the rest.
+```typescript
+// The components automatically resolve organisationId from eventId
+const scope: Scope = {
+  eventId: 'event-123',
+  appId: 'app-456' // optional
+  // organisationId is automatically resolved
+};
+```
+### Permission Hierarchy
+For event-based apps, the permission hierarchy is:
+1. **Page-level permissions** (most specific)
+2. **Event-app permissions** (event + app specific)
+3. **Organization permissions** (automatically resolved from event)
+4. **Global permissions** (least specific)
+## Components
+The same RBAC components work for both organization-based and event-based apps. They automatically detect the context and resolve the organization when needed.
+### PermissionEnforcer
+Use this component for general permission enforcement in event-based apps:
+```tsx
+import { PermissionEnforcer } from '@jmruthers/pace-core/rbac';
+function EventDashboard() {
+  return (
+    <PermissionEnforcer
+      permissions={['read:events', 'update:participants']}
+      operation="dashboard"
+    >
+      <div>Event Dashboard Content</div>
+    </PermissionEnforcer>
+  );
+}
+```
+### PagePermissionGuard
+Use this component for page-level permission enforcement:
+```tsx
+import { PagePermissionGuard } from '@jmruthers/pace-core/rbac';
+function EventSettingsPage() {
+  return (
+    <PagePermissionGuard
+      pageName="settings"
+      operation="read"
+    >
+      <div>Event Settings</div>
+    </PagePermissionGuard>
+  );
+}
+```
+### NavigationGuard
+Use this component for navigation-level permission enforcement:
+```tsx
+import { NavigationGuard } from '@jmruthers/pace-core/rbac';
+const navigationItems = [
+  {
+    id: 'dashboard',
+    name: 'Dashboard',
+    path: '/event/dashboard',
+    permissions: ['read:events']
+  },
+  {
+    id: 'settings',
+    name: 'Settings',
+    path: '/event/settings',
+    permissions: ['update:events']
+  }
+];
+function EventNavigation() {
+  return (
+    <nav>
+      {navigationItems.map(item => (
+        <NavigationGuard
+          key={item.id}
+          navigationItem={item}
+        >
+          <Link to={item.path}>{item.name}</Link>
+        </NavigationGuard>
+      ))}
+    </nav>
+  );
+}
+```
+## Hooks
+### useCan with Event Context
+You can use the standard `useCan` hook with event-based scopes:
+```tsx
+import { useCan } from '@jmruthers/pace-core/rbac';
+function EventComponent() {
+  const { selectedEventId } = useUnifiedAuth();
+  const { can: canManageEvents } = useCan(
+    userId,
+    { eventId: selectedEventId },
+    'update:events'
+  );
+  return (
+    <div>
+      {canManageEvents && (
+        <button>Manage Event</button>
+      )}
+    </div>
+  );
+}
+```
+## Setup
+### 1. Event Context Provider
+Ensure your app has event context available:
+```tsx
+import { UnifiedAuthProvider } from '@jmruthers/pace-core';
+function App() {
+  return (
+    <UnifiedAuthProvider>
+      {/* Your event-based app components */}
+    </UnifiedAuthProvider>
+  );
+}
+```
+### 2. Event Selection
+Make sure the event is selected in the auth context:
+```tsx
+import { useUnifiedAuth } from '@jmruthers/pace-core';
+function EventSelector() {
+  const { setSelectedEventId } = useUnifiedAuth();
+  const handleEventSelect = (eventId: string) => {
+    setSelectedEventId(eventId);
+  };
+  return (
+    <select onChange={(e) => handleEventSelect(e.target.value)}>
+      <option value="event-1">Event 1</option>
+      <option value="event-2">Event 2</option>
+    </select>
+  );
+}
+```
+## Permission Types
+### Event-App Permissions
+These permissions are specific to an event and app combination:
+```typescript
+const EVENT_APP_PERMISSIONS = {
+  // Event management
+  MANAGE_EVENT: 'update:event',
+  READ_EVENT: 'read:event',
+  UPDATE_EVENT: 'update:event',
+  // Participant management
+  MANAGE_PARTICIPANTS: 'update:participants',
+  READ_PARTICIPANTS: 'read:participants',
+  CREATE_PARTICIPANTS: 'create:participants',
+  UPDATE_PARTICIPANTS: 'update:participants',
+  DELETE_PARTICIPANTS: 'delete:participants',
+  // App-specific permissions
+  MANAGE_APP: 'update:app',
+  READ_APP: 'read:app',
+  UPDATE_APP: 'update:app',
+};
+```
+### Page Permissions
+Page permissions are specific to individual pages within an event app:
+```typescript
+const PAGE_PERMISSIONS = {
+  DASHBOARD_READ: 'read:page.dashboard',
+  DASHBOARD_WRITE: 'write:page.dashboard',
+  SETTINGS_READ: 'read:page.settings',
+  SETTINGS_WRITE: 'write:page.settings',
+  PARTICIPANTS_READ: 'read:page.participants',
+  PARTICIPANTS_WRITE: 'write:page.participants',
+};
+```
+## Best Practices
+### 1. Use Event-Based Components
+Always use the event-based components (`EventPermissionEnforcer`, `EventPagePermissionGuard`, `EventNavigationGuard`) instead of the organization-based ones for event apps.
+### 2. Provide Explicit Scopes
+When possible, provide explicit scopes to avoid context resolution overhead:
+```tsx
+<EventPermissionEnforcer
+  scope={{ eventId: 'event-123', appId: 'app-456' }}
+  permissions={['read:events']}
+>
+  <div>Content</div>
+</EventPermissionEnforcer>
+```
+### 3. Handle Loading States
+Event-based components automatically handle loading states while resolving the organization from the event:
+```tsx
+<EventPermissionEnforcer
+  permissions={['read:events']}
+  loading={<div>Loading permissions...</div>}
+>
+  <div>Content</div>
+</EventPermissionEnforcer>
+```
+### 4. Error Handling
+Handle cases where the organization cannot be resolved from the event:
+```tsx
+<EventPermissionEnforcer
+  permissions={['read:events']}
+  onDenied={(permission, reason) => {
+    console.error(`Permission denied: ${permission}, reason: ${reason}`);
+  }}
+>
+  <div>Content</div>
+</EventPermissionEnforcer>
+```
+## Migration from Organization-Based Apps
+If you're migrating from organization-based apps to event-based apps:
+1. Replace `PermissionEnforcer` with `EventPermissionEnforcer`
+2. Replace `PagePermissionGuard` with `EventPagePermissionGuard`
+3. Replace `NavigationGuard` with `EventNavigationGuard`
+4. Remove explicit organization context from your components
+5. Ensure event context is available in your app
+## Troubleshooting
+### Common Issues
+1. **"Event context is required" error**: Make sure `selectedEventId` is set in the auth context
+2. **"Could not resolve organization from event context" error**: Verify the event exists and has a valid `organisation_id`
+3. **Permission checks failing**: Ensure the user has the appropriate event-app roles assigned
+### Debug Mode
+Enable debug mode to see detailed permission resolution:
+```typescript
+import { createRBACConfig } from '@jmruthers/pace-core/rbac';
+const config = createRBACConfig({
+  debug: true,
+  logLevel: 'debug'
+});
+```