npm - @jmruthers/pace-core - Versions diffs - 0.5.185 → 0.5.187 - Mend

@jmruthers/pace-core 0.5.185 → 0.5.187

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (300) hide show

package/dist/{DataTable-Z9NLVJh0.d.ts → DataTable-IVYljGJ6.d.ts} +1 -1
package/dist/{DataTable-IX2NBUTP.js → DataTable-K3RJRSOX.js} +7 -7
package/dist/{PublicPageProvider-BABf6JCh.d.ts → PublicPageProvider-DrLDztHt.d.ts} +214 -107
package/dist/{UnifiedAuthProvider-A4BCQRJY.js → UnifiedAuthProvider-B76OWOAT.js} +2 -2
package/dist/{api-BMFCXVQX.js → api-YP7XD5L6.js} +3 -3
package/dist/{audit-WRS3KJKI.js → audit-B5P6FFIR.js} +2 -2
package/dist/{chunk-445GEP27.js → chunk-3IC5WCMO.js} +33 -8
package/dist/chunk-3IC5WCMO.js.map +1 -0
package/dist/{chunk-OKI34GZD.js → chunk-3NFNJOO7.js} +8 -8
package/dist/chunk-3NFNJOO7.js.map +1 -0
package/dist/{chunk-FSFQFJCU.js → chunk-63FOKYGO.js} +174 -6
package/dist/chunk-63FOKYGO.js.map +1 -0
package/dist/{chunk-MX3EIJGQ.js → chunk-C4OYJOV4.js} +631 -97
package/dist/chunk-C4OYJOV4.js.map +1 -0
package/dist/{chunk-HGPQUCBC.js → chunk-FMTK4XNN.js} +3 -3
package/dist/{chunk-U6WNSFX5.js → chunk-HEHYGYOX.js} +279 -44
package/dist/chunk-HEHYGYOX.js.map +1 -0
package/dist/{chunk-XAUHJD3L.js → chunk-K2JGDXGU.js} +2 -2
package/dist/{chunk-HC67NW5K.js → chunk-LBBUPSSC.js} +863 -552
package/dist/chunk-LBBUPSSC.js.map +1 -0
package/dist/{chunk-IXSNYUCT.js → chunk-SAUPYVLF.js} +1 -1
package/dist/chunk-SAUPYVLF.js.map +1 -0
package/dist/{chunk-AISXLWGZ.js → chunk-T6ZJVI3A.js} +27 -23
package/dist/chunk-T6ZJVI3A.js.map +1 -0
package/dist/{chunk-STTZQK2I.js → chunk-ULX5FYEM.js} +9 -7
package/dist/chunk-ULX5FYEM.js.map +1 -0
package/dist/{chunk-FXFJRTKI.js → chunk-WK2Y6TGA.js} +3 -3
package/dist/chunk-WK2Y6TGA.js.map +1 -0
package/dist/chunk-YHCN776L.js +447 -0
package/dist/chunk-YHCN776L.js.map +1 -0
package/dist/components.d.ts +4 -4
package/dist/components.js +12 -10
package/dist/components.js.map +1 -1
package/dist/{database.generated-CBmg2950.d.ts → database.generated-DI89OQeI.d.ts} +63 -9
package/dist/{file-reference-BjR39ktt.d.ts → file-reference-D037xOFK.d.ts} +3 -1
package/dist/hooks.d.ts +265 -6
package/dist/hooks.js +148 -49
package/dist/hooks.js.map +1 -1
package/dist/index.d.ts +25 -10
package/dist/index.js +65 -30
package/dist/index.js.map +1 -1
package/dist/providers.js +1 -1
package/dist/rbac/index.d.ts +125 -8
package/dist/rbac/index.js +27 -7
package/dist/{types-DUyCRSTj.d.ts → types-Bwgl--Xo.d.ts} +162 -1
package/dist/types.d.ts +2 -2
package/dist/types.js +1 -1
package/dist/{usePublicRouteParams-CvnC3d-e.d.ts → usePublicRouteParams-CTDELQ7H.d.ts} +3 -3
package/dist/utils.d.ts +214 -4
package/dist/utils.js +22 -2
package/dist/utils.js.map +1 -1
package/docs/api/classes/ColumnFactory.md +1 -1
package/docs/api/classes/ErrorBoundary.md +1 -1
package/docs/api/classes/InvalidScopeError.md +1 -1
package/docs/api/classes/Logger.md +1 -1
package/docs/api/classes/MissingUserContextError.md +1 -1
package/docs/api/classes/OrganisationContextRequiredError.md +1 -1
package/docs/api/classes/PermissionDeniedError.md +1 -1
package/docs/api/classes/RBACAuditManager.md +21 -17
package/docs/api/classes/RBACCache.md +31 -23
package/docs/api/classes/RBACEngine.md +6 -6
package/docs/api/classes/RBACError.md +1 -1
package/docs/api/classes/RBACNotInitializedError.md +1 -1
package/docs/api/classes/SecureSupabaseClient.md +5 -5
package/docs/api/classes/StorageUtils.md +1 -1
package/docs/api/enums/FileCategory.md +1 -1
package/docs/api/enums/LogLevel.md +1 -1
package/docs/api/enums/RBACErrorCode.md +1 -1
package/docs/api/enums/RPCFunction.md +1 -1
package/docs/api/interfaces/AddressFieldProps.md +241 -0
package/docs/api/interfaces/AddressFieldRef.md +94 -0
package/docs/api/interfaces/AggregateConfig.md +1 -1
package/docs/api/interfaces/AutocompleteOptions.md +75 -0
package/docs/api/interfaces/BadgeProps.md +1 -1
package/docs/api/interfaces/ButtonProps.md +1 -1
package/docs/api/interfaces/CalendarProps.md +1 -1
package/docs/api/interfaces/CardProps.md +1 -1
package/docs/api/interfaces/ColorPalette.md +1 -1
package/docs/api/interfaces/ColorShade.md +1 -1
package/docs/api/interfaces/ComplianceResult.md +1 -1
package/docs/api/interfaces/DataAccessRecord.md +1 -1
package/docs/api/interfaces/DataRecord.md +1 -1
package/docs/api/interfaces/DataTableAction.md +1 -1
package/docs/api/interfaces/DataTableColumn.md +1 -1
package/docs/api/interfaces/DataTableProps.md +1 -1
package/docs/api/interfaces/DataTableToolbarButton.md +1 -1
package/docs/api/interfaces/DatabaseComplianceResult.md +1 -1
package/docs/api/interfaces/DatabaseIssue.md +1 -1
package/docs/api/interfaces/EmptyStateConfig.md +1 -1
package/docs/api/interfaces/EnhancedNavigationMenuProps.md +1 -1
package/docs/api/interfaces/EventAppRoleData.md +1 -1
package/docs/api/interfaces/ExportColumn.md +1 -1
package/docs/api/interfaces/ExportOptions.md +1 -1
package/docs/api/interfaces/FileDisplayProps.md +15 -15
package/docs/api/interfaces/FileMetadata.md +1 -1
package/docs/api/interfaces/FileReference.md +1 -1
package/docs/api/interfaces/FileSizeLimits.md +1 -1
package/docs/api/interfaces/FileUploadOptions.md +33 -9
package/docs/api/interfaces/FileUploadProps.md +36 -14
package/docs/api/interfaces/FooterProps.md +1 -1
package/docs/api/interfaces/FormFieldProps.md +1 -1
package/docs/api/interfaces/FormProps.md +1 -1
package/docs/api/interfaces/GrantEventAppRoleParams.md +1 -1
package/docs/api/interfaces/InactivityWarningModalProps.md +1 -1
package/docs/api/interfaces/InputProps.md +1 -1
package/docs/api/interfaces/LabelProps.md +1 -1
package/docs/api/interfaces/LoggerConfig.md +1 -1
package/docs/api/interfaces/LoginFormProps.md +1 -1
package/docs/api/interfaces/NavigationAccessRecord.md +1 -1
package/docs/api/interfaces/NavigationContextType.md +1 -1
package/docs/api/interfaces/NavigationGuardProps.md +1 -1
package/docs/api/interfaces/NavigationItem.md +1 -1
package/docs/api/interfaces/NavigationMenuProps.md +1 -1
package/docs/api/interfaces/NavigationProviderProps.md +1 -1
package/docs/api/interfaces/Organisation.md +1 -1
package/docs/api/interfaces/OrganisationContextType.md +1 -1
package/docs/api/interfaces/OrganisationMembership.md +1 -1
package/docs/api/interfaces/OrganisationProviderProps.md +1 -1
package/docs/api/interfaces/OrganisationSecurityError.md +1 -1
package/docs/api/interfaces/PaceAppLayoutProps.md +1 -1
package/docs/api/interfaces/PaceLoginPageProps.md +1 -1
package/docs/api/interfaces/PageAccessRecord.md +1 -1
package/docs/api/interfaces/PagePermissionContextType.md +1 -1
package/docs/api/interfaces/PagePermissionGuardProps.md +11 -11
package/docs/api/interfaces/PagePermissionProviderProps.md +1 -1
package/docs/api/interfaces/PaletteData.md +1 -1
package/docs/api/interfaces/ParsedAddress.md +120 -0
package/docs/api/interfaces/PermissionEnforcerProps.md +1 -1
package/docs/api/interfaces/ProgressProps.md +1 -1
package/docs/api/interfaces/ProtectedRouteProps.md +6 -6
package/docs/api/interfaces/PublicPageFooterProps.md +1 -1
package/docs/api/interfaces/PublicPageHeaderProps.md +1 -1
package/docs/api/interfaces/PublicPageLayoutProps.md +1 -1
package/docs/api/interfaces/QuickFix.md +1 -1
package/docs/api/interfaces/RBACAccessValidateParams.md +1 -1
package/docs/api/interfaces/RBACAccessValidateResult.md +1 -1
package/docs/api/interfaces/RBACAuditLogParams.md +1 -1
package/docs/api/interfaces/RBACAuditLogResult.md +1 -1
package/docs/api/interfaces/RBACConfig.md +27 -4
package/docs/api/interfaces/RBACContext.md +1 -1
package/docs/api/interfaces/RBACLogger.md +5 -5
package/docs/api/interfaces/RBACPageAccessCheckParams.md +1 -1
package/docs/api/interfaces/RBACPerformanceMetrics.md +138 -0
package/docs/api/interfaces/RBACPermissionCheckParams.md +1 -1
package/docs/api/interfaces/RBACPermissionCheckResult.md +1 -1
package/docs/api/interfaces/RBACPermissionsGetParams.md +1 -1
package/docs/api/interfaces/RBACPermissionsGetResult.md +1 -1
package/docs/api/interfaces/RBACResult.md +1 -1
package/docs/api/interfaces/RBACRoleGrantParams.md +1 -1
package/docs/api/interfaces/RBACRoleGrantResult.md +1 -1
package/docs/api/interfaces/RBACRoleRevokeParams.md +1 -1
package/docs/api/interfaces/RBACRoleRevokeResult.md +1 -1
package/docs/api/interfaces/RBACRoleValidateParams.md +1 -1
package/docs/api/interfaces/RBACRoleValidateResult.md +1 -1
package/docs/api/interfaces/RBACRolesListParams.md +1 -1
package/docs/api/interfaces/RBACRolesListResult.md +1 -1
package/docs/api/interfaces/RBACSessionTrackParams.md +1 -1
package/docs/api/interfaces/RBACSessionTrackResult.md +1 -1
package/docs/api/interfaces/ResourcePermissions.md +1 -1
package/docs/api/interfaces/RevokeEventAppRoleParams.md +1 -1
package/docs/api/interfaces/RoleBasedRouterContextType.md +1 -1
package/docs/api/interfaces/RoleBasedRouterProps.md +1 -1
package/docs/api/interfaces/RoleManagementResult.md +1 -1
package/docs/api/interfaces/RouteAccessRecord.md +1 -1
package/docs/api/interfaces/RouteConfig.md +1 -1
package/docs/api/interfaces/RuntimeComplianceResult.md +1 -1
package/docs/api/interfaces/SecureDataContextType.md +1 -1
package/docs/api/interfaces/SecureDataProviderProps.md +1 -1
package/docs/api/interfaces/SessionRestorationLoaderProps.md +1 -1
package/docs/api/interfaces/SetupIssue.md +1 -1
package/docs/api/interfaces/StorageConfig.md +1 -1
package/docs/api/interfaces/StorageFileInfo.md +1 -1
package/docs/api/interfaces/StorageFileMetadata.md +1 -1
package/docs/api/interfaces/StorageListOptions.md +1 -1
package/docs/api/interfaces/StorageListResult.md +1 -1
package/docs/api/interfaces/StorageUploadOptions.md +1 -1
package/docs/api/interfaces/StorageUploadResult.md +1 -1
package/docs/api/interfaces/StorageUrlOptions.md +1 -1
package/docs/api/interfaces/StyleImport.md +1 -1
package/docs/api/interfaces/SwitchProps.md +1 -1
package/docs/api/interfaces/TabsContentProps.md +1 -1
package/docs/api/interfaces/TabsListProps.md +1 -1
package/docs/api/interfaces/TabsProps.md +1 -1
package/docs/api/interfaces/TabsTriggerProps.md +1 -1
package/docs/api/interfaces/TextareaProps.md +1 -1
package/docs/api/interfaces/ToastActionElement.md +1 -1
package/docs/api/interfaces/ToastProps.md +1 -1
package/docs/api/interfaces/UnifiedAuthContextType.md +1 -1
package/docs/api/interfaces/UnifiedAuthProviderProps.md +1 -1
package/docs/api/interfaces/UseFormDialogOptions.md +1 -1
package/docs/api/interfaces/UseFormDialogReturn.md +1 -1
package/docs/api/interfaces/UseInactivityTrackerOptions.md +1 -1
package/docs/api/interfaces/UseInactivityTrackerReturn.md +1 -1
package/docs/api/interfaces/UsePublicEventLogoOptions.md +2 -2
package/docs/api/interfaces/UsePublicEventLogoReturn.md +1 -1
package/docs/api/interfaces/UsePublicEventOptions.md +1 -1
package/docs/api/interfaces/UsePublicEventReturn.md +1 -1
package/docs/api/interfaces/UsePublicFileDisplayOptions.md +2 -2
package/docs/api/interfaces/UsePublicFileDisplayReturn.md +1 -1
package/docs/api/interfaces/UsePublicRouteParamsReturn.md +1 -1
package/docs/api/interfaces/UseResolvedScopeOptions.md +2 -2
package/docs/api/interfaces/UseResolvedScopeReturn.md +1 -1
package/docs/api/interfaces/UseResourcePermissionsOptions.md +1 -1
package/docs/api/interfaces/UserEventAccess.md +1 -1
package/docs/api/interfaces/UserMenuProps.md +1 -1
package/docs/api/interfaces/UserProfile.md +1 -1
package/docs/api/modules.md +328 -69
package/docs/api-reference/components.md +26 -12
package/docs/best-practices/performance.md +11 -0
package/docs/implementation-guides/file-reference-system.md +24 -2
package/docs/implementation-guides/file-upload-storage.md +38 -1
package/docs/rbac/README.md +2 -1
package/docs/rbac/api-reference.md +11 -0
package/docs/rbac/performance.md +320 -0
package/docs/standards/01-architecture-standard.md +5 -0
package/docs/standards/05-security-standard.md +12 -0
package/package.json +1 -1
package/scripts/check-pace-core-compliance.js +512 -0
package/src/components/AddressField/AddressField.test.tsx +411 -0
package/src/components/AddressField/AddressField.tsx +323 -0
package/src/components/AddressField/README.md +336 -0
package/src/components/AddressField/index.ts +10 -0
package/src/components/AddressField/types.ts +65 -0
package/src/components/FileDisplay/FileDisplay.test.tsx +454 -0
package/src/components/FileDisplay/FileDisplay.tsx +28 -1
package/src/components/FileUpload/FileUpload.test.tsx +2 -0
package/src/components/FileUpload/FileUpload.tsx +7 -1
package/src/components/Header/Header.tsx +2 -5
package/src/components/ProtectedRoute/ProtectedRoute.tsx +134 -1
package/src/components/index.ts +2 -0
package/src/hooks/__tests__/useFileDisplay.unit.test.ts +30 -5
package/src/hooks/__tests__/useOrganisationSecurity.unit.test.tsx +11 -10
package/src/hooks/__tests__/usePublicFileDisplay.test.ts +31 -6
package/src/hooks/index.ts +9 -0
package/src/hooks/public/usePublicFileDisplay.ts +8 -10
package/src/hooks/useAddressAutocomplete.test.ts +318 -0
package/src/hooks/useAddressAutocomplete.ts +268 -0
package/src/hooks/useFileDisplay.ts +3 -15
package/src/hooks/useFileReference.test.ts +21 -3
package/src/hooks/useFileReference.ts +3 -24
package/src/hooks/useFileUrlCache.ts +246 -0
package/src/hooks/useInactivityTracker.ts +31 -20
package/src/hooks/useOrganisationSecurity.test.ts +10 -7
package/src/hooks/useOrganisationSecurity.ts +3 -3
package/src/hooks/usePreventTabReload.ts +106 -0
package/src/hooks/useQueryCache.ts +315 -0
package/src/hooks/useSecureDataAccess.ts +2 -2
package/src/index.ts +2 -0
package/src/providers/services/EventServiceProvider.tsx +4 -1
package/src/rbac/__tests__/rbac-role-isolation.test.ts +456 -0
package/src/rbac/api.test.ts +21 -6
package/src/rbac/api.ts +32 -11
package/src/rbac/audit-batched.ts +223 -0
package/src/rbac/audit-enhanced.ts +2 -2
package/src/rbac/audit.test.ts +6 -5
package/src/rbac/audit.ts +34 -6
package/src/rbac/cache-invalidation.ts +63 -12
package/src/rbac/cache.test.ts +2 -2
package/src/rbac/cache.ts +61 -14
package/src/rbac/components/PagePermissionGuard.tsx +19 -10
package/src/rbac/components/__tests__/PagePermissionGuard.performance.test.tsx +248 -0
package/src/rbac/config.ts +9 -0
package/src/rbac/engine.ts +2 -21
package/src/rbac/hooks/usePermissions.ts +21 -5
package/src/rbac/index.ts +19 -0
package/src/rbac/performance.ts +210 -0
package/src/rbac/request-deduplication.ts +87 -0
package/src/rbac/utils/deep-equal.ts +93 -0
package/src/styles/core.css +5 -5
package/src/types/database.generated.ts +63 -9
package/src/types/file-reference.ts +3 -1
package/src/utils/file-reference/__tests__/file-reference.test.ts +89 -8
package/src/utils/file-reference/index.ts +56 -17
package/src/utils/google-places/googlePlacesUtils.test.ts +403 -0
package/src/utils/google-places/googlePlacesUtils.ts +475 -0
package/src/utils/google-places/index.ts +26 -0
package/src/utils/google-places/loadGoogleMapsScript.ts +207 -0
package/src/utils/google-places/types.ts +94 -0
package/src/utils/index.ts +23 -0
package/src/utils/request-deduplication.ts +165 -0
package/src/utils/security/secureDataAccess.ts +1 -1
package/src/utils/storage/helpers.ts +211 -4
package/dist/chunk-445GEP27.js.map +0 -1
package/dist/chunk-AISXLWGZ.js.map +0 -1
package/dist/chunk-FMUCXFII.js +0 -76
package/dist/chunk-FMUCXFII.js.map +0 -1
package/dist/chunk-FSFQFJCU.js.map +0 -1
package/dist/chunk-FXFJRTKI.js.map +0 -1
package/dist/chunk-HC67NW5K.js.map +0 -1
package/dist/chunk-IXSNYUCT.js.map +0 -1
package/dist/chunk-MX3EIJGQ.js.map +0 -1
package/dist/chunk-OKI34GZD.js.map +0 -1
package/dist/chunk-STTZQK2I.js.map +0 -1
package/dist/chunk-U6WNSFX5.js.map +0 -1
/package/dist/{DataTable-IX2NBUTP.js.map → DataTable-K3RJRSOX.js.map} +0 -0
/package/dist/{UnifiedAuthProvider-A4BCQRJY.js.map → UnifiedAuthProvider-B76OWOAT.js.map} +0 -0
/package/dist/{api-BMFCXVQX.js.map → api-YP7XD5L6.js.map} +0 -0
/package/dist/{audit-WRS3KJKI.js.map → audit-B5P6FFIR.js.map} +0 -0
/package/dist/{chunk-HGPQUCBC.js.map → chunk-FMTK4XNN.js.map} +0 -0
/package/dist/{chunk-XAUHJD3L.js.map → chunk-K2JGDXGU.js.map} +0 -0

package/src/components/ProtectedRoute/ProtectedRoute.tsx CHANGED Viewed

@@ -68,7 +68,7 @@
  * - LoadingSpinner - Loading state UI
  */
-import React, { useMemo } from 'react';
+import React, { useMemo, useEffect, useRef, useState } from 'react';
 import { Navigate, Outlet } from 'react-router-dom';
 import { useUnifiedAuth } from '../../providers/services/UnifiedAuthProvider';
 import { useSessionRestoration } from '../../hooks/useSessionRestoration';
@@ -77,6 +77,7 @@ import { LoadingSpinner } from '../LoadingSpinner/LoadingSpinner';
 import { SessionRestorationLoader } from '../SessionRestorationLoader';
 import { Alert, AlertDescription, AlertTitle } from '../Alert/Alert';
 import { logger } from '../../utils/core/logger';
+import { usePreventTabReload } from '../../hooks/usePreventTabReload';
 export interface ProtectedRouteProps {
   /**
@@ -148,6 +149,96 @@ export function ProtectedRoute({
   const sessionRestoration = useSessionRestoration();
+  // Prevent full page reloads when switching tabs (handles bfcache and visibility changes)
+  usePreventTabReload({ enabled: true, gracePeriodMs: 2000 });
+  // Track if user was previously authenticated to prevent redirects during session refresh
+  const wasAuthenticatedRef = useRef(false);
+  const [shouldRedirect, setShouldRedirect] = useState(false);
+  const tabJustBecameVisibleRef = useRef(false);
+  // Track authentication state to detect when user was previously logged in
+  useEffect(() => {
+    if (isAuthenticated) {
+      wasAuthenticatedRef.current = true;
+      setShouldRedirect(false);
+      tabJustBecameVisibleRef.current = false; // Clear visibility flag when authenticated
+    }
+  }, [isAuthenticated]);
+  // Handle tab visibility changes - prevent immediate redirects when tab becomes visible
+  // This prevents the page from refreshing when switching back to the tab
+  useEffect(() => {
+    if (typeof document === 'undefined') return;
+    let timeoutId: ReturnType<typeof setTimeout> | null = null;
+    let wasHidden = document.hidden;
+    const handleVisibilityChange = () => {
+      const isNowVisible = !document.hidden;
+      // When tab becomes visible, immediately prevent redirects and give session refresh time
+      if (isNowVisible && wasHidden) {
+        // Tab just became visible - immediately prevent redirects
+        if (!isAuthenticated && wasAuthenticatedRef.current) {
+          tabJustBecameVisibleRef.current = true;
+          setShouldRedirect(false); // Immediately clear redirect flag
+          // Clear any existing timeout
+          if (timeoutId) {
+            clearTimeout(timeoutId);
+          }
+          // Wait a bit to see if session refresh completes
+          timeoutId = setTimeout(() => {
+            // Only allow redirect if still not authenticated after delay
+            tabJustBecameVisibleRef.current = false;
+            // Use a function to get the latest state
+            setShouldRedirect((prev) => {
+              // Only set to true if we're still not authenticated
+              // This will be checked again in the render logic
+              return prev;
+            });
+          }, 2000); // 2 second grace period for session refresh
+        }
+      } else if (!isNowVisible) {
+        // Tab became hidden - clear the visibility flag
+        tabJustBecameVisibleRef.current = false;
+        if (timeoutId) {
+          clearTimeout(timeoutId);
+          timeoutId = null;
+        }
+      }
+      wasHidden = !isNowVisible;
+    };
+    // Check initial state - if tab is visible and user appears logged out, give grace period
+    if (!document.hidden && !isAuthenticated && wasAuthenticatedRef.current) {
+      tabJustBecameVisibleRef.current = true;
+      setShouldRedirect(false);
+      timeoutId = setTimeout(() => {
+        tabJustBecameVisibleRef.current = false;
+      }, 2000);
+    }
+    document.addEventListener('visibilitychange', handleVisibilityChange);
+    return () => {
+      document.removeEventListener('visibilitychange', handleVisibilityChange);
+      if (timeoutId) {
+        clearTimeout(timeoutId);
+      }
+    };
+  }, [isAuthenticated]);
+  // Reset redirect flag when authenticated
+  useEffect(() => {
+    if (isAuthenticated) {
+      setShouldRedirect(false);
+      tabJustBecameVisibleRef.current = false;
+    }
+  }, [isAuthenticated]);
   const isRestoringSession = useMemo(() => {
     return sessionRestoration.isRestoring &&
       !sessionRestoration.restorationComplete &&
@@ -182,13 +273,55 @@ export function ProtectedRoute({
   }
   // Redirect to login if not authenticated
+  // Priority order:
+  // 1. If session restoration has timed out or errored → redirect immediately (even if loading)
+  // 2. If user was never authenticated → redirect immediately (even if loading)
+  // 3. If tab just became visible → show loading (prevent redirect during grace period)
+  // 4. If we've confirmed they should redirect (after visibility change grace period) → redirect
+  // 5. Otherwise, if loading → show loading spinner (session might be refreshing)
+  // 6. Otherwise → redirect (user is not authenticated and not loading)
   if (!isAuthenticated) {
+    // Session restoration timeout/error always redirects immediately
     if (sessionRestoration.hasTimedOut || sessionRestoration.restorationError) {
       logger.warn('ProtectedRoute', 'Session restoration failed, redirecting to login', {
         timedOut: sessionRestoration.hasTimedOut,
         error: sessionRestoration.restorationError?.message
       });
+      return <Navigate to={loginPath} replace />;
+    }
+    // User was never authenticated → redirect immediately
+    if (!wasAuthenticatedRef.current) {
+      return <Navigate to={loginPath} replace />;
+    }
+    // Tab just became visible - show loading to prevent redirect during grace period
+    // Also check document visibility state directly as a fallback
+    const isTabVisible = typeof document !== 'undefined' && !document.hidden;
+    if (tabJustBecameVisibleRef.current || (isTabVisible && wasAuthenticatedRef.current && isLoading)) {
+      return loadingFallback || (
+        <div style={{ display: 'flex', justifyContent: 'center', alignItems: 'center', height: '100vh' }}>
+          <LoadingSpinner />
+        </div>
+      );
     }
+    // We've confirmed redirect after grace period → redirect
+    if (shouldRedirect) {
+      return <Navigate to={loginPath} replace />;
+    }
+    // User was authenticated before but now appears logged out
+    // Show loading state while we wait for session refresh (unless we're not loading)
+    if (isLoading) {
+      return loadingFallback || (
+        <div style={{ display: 'flex', justifyContent: 'center', alignItems: 'center', height: '100vh' }}>
+          <LoadingSpinner />
+        </div>
+      );
+    }
+    // Not loading and not authenticated → redirect
     return <Navigate to={loginPath} replace />;
   }

package/src/components/index.ts CHANGED Viewed

@@ -43,6 +43,8 @@ export type { CardProps, CardActionsProps } from './Card';
 export { Input } from './Input';
 export type { InputProps } from './Input';
+export { AddressField } from './AddressField';
+export type { AddressFieldProps, AddressFieldRef, ParsedAddress, AutocompleteOptions } from './AddressField';
 export { Label } from './Label';
 export type { LabelProps } from './Label';

package/src/hooks/__tests__/useFileDisplay.unit.test.ts CHANGED Viewed

@@ -25,7 +25,18 @@ import { FileCategory as FileCategoryEnum } from '../../types/file-reference';
 // Mock storage helpers
 vi.mock('../../utils/storage/helpers', () => ({
   getPublicUrl: vi.fn((supabase: any, path: string) => `https://example.com/${path}`),
-  getSignedUrl: vi.fn().mockResolvedValue({ url: 'https://example.com/signed-file.jpg', expiresAt: new Date().toISOString() })
+  getSignedUrl: vi.fn().mockResolvedValue({ url: 'https://example.com/signed-file.jpg', expiresAt: new Date().toISOString() }),
+  generateFileUrlsBatch: vi.fn().mockImplementation(async (supabase, files) => {
+    const urlMap = new Map<string, string>();
+    for (const file of files) {
+      if (file.is_public) {
+        urlMap.set(file.id, `https://example.com/${file.file_path}`);
+      } else {
+        urlMap.set(file.id, `https://example.com/signed/${file.file_path}`);
+      }
+    }
+    return urlMap;
+  })
 }));
 // Mock file reference service
@@ -38,7 +49,7 @@ vi.mock('../../utils/file-reference', () => ({
   createFileReferenceService: vi.fn(() => mockService)
 }));
-import { getPublicUrl, getSignedUrl } from '../../utils/storage/helpers';
+import { getPublicUrl, getSignedUrl, generateFileUrlsBatch } from '../../utils/storage/helpers';
 import { createFileReferenceService } from '../../utils/file-reference';
 describe('useFileDisplay Hook', () => {
@@ -87,6 +98,19 @@ describe('useFileDisplay Hook', () => {
     mockSupabase = createMockSupabaseClient() as any;
     mockService.getFilesByCategory.mockResolvedValue([]);
     mockService.listFileReferences.mockResolvedValue([]);
+    // Reset generateFileUrlsBatch mock to ensure it returns a Map
+    vi.mocked(generateFileUrlsBatch).mockImplementation(async (supabase, files) => {
+      const urlMap = new Map<string, string>();
+      for (const file of files) {
+        if (file.is_public) {
+          urlMap.set(file.id, `https://example.com/${file.file_path}`);
+        } else {
+          urlMap.set(file.id, `https://example.com/signed/${file.file_path}`);
+        }
+      }
+      return urlMap;
+    });
   });
   afterEach(() => {
@@ -305,13 +329,14 @@ describe('useFileDisplay Hook', () => {
       await waitFor(
         () => {
           expect(result.current.isLoading).toBe(false);
+          expect(result.current.fileCount).toBe(2);
+          expect(result.current.fileReferences.length).toBe(2);
+          expect(result.current.fileUrls).toBeDefined();
+          expect(result.current.fileUrls.size).toBe(2);
         },
         { timeout: 2000 }
       );
-      expect(result.current.fileCount).toBe(2);
-      expect(result.current.fileReferences.length).toBe(2);
-      expect(result.current.fileUrls.size).toBe(2);
       expect(result.current.fileUrl).toBe(null); // No single file URL in multiple mode
       expect(result.current.fileReference).toBe(null); // No single file reference in multiple mode
     });

package/src/hooks/__tests__/useOrganisationSecurity.unit.test.tsx CHANGED Viewed

@@ -19,6 +19,7 @@ vi.mock('../../hooks/useOrganisations', () => ({
 // Mock the RBAC API
 vi.mock('../../rbac/api', () => ({
   isPermitted: vi.fn(),
+  isPermittedCached: vi.fn(),
   getPermissionMap: vi.fn(),
   emitAuditEvent: vi.fn()
 }));
@@ -451,8 +452,8 @@ describe('useOrganisationSecurity', () => {
       const mockOrg = { id: 'org-123' };
       // Mock the RBAC API
-      const { isPermitted } = await import('../../rbac/api');
-      vi.mocked(isPermitted).mockResolvedValue(true);
+      const { isPermittedCached } = await import('../../rbac/api');
+      vi.mocked(isPermittedCached).mockResolvedValue(true);
       vi.mocked(useUnifiedAuth).mockReturnValue({
         ...mockUseUnifiedAuth,
@@ -469,7 +470,7 @@ describe('useOrganisationSecurity', () => {
       const hasPermission = await result.current.hasPermission('view_basic');
       expect(hasPermission).toBe(true);
-      expect(isPermitted).toHaveBeenCalledWith({
+      expect(isPermittedCached).toHaveBeenCalledWith({
         userId: 'user-123',
         scope: {
           organisationId: 'org-123',
@@ -485,8 +486,8 @@ describe('useOrganisationSecurity', () => {
       const mockOrg = { id: 'org-123' };
       // Mock the RBAC API to throw an error
-      const { isPermitted } = await import('../../rbac/api');
-      vi.mocked(isPermitted).mockRejectedValue(new Error('RBAC API error'));
+      const { isPermittedCached } = await import('../../rbac/api');
+      vi.mocked(isPermittedCached).mockRejectedValue(new Error('RBAC API error'));
       vi.mocked(useUnifiedAuth).mockReturnValue({
         ...mockUseUnifiedAuth,
@@ -510,8 +511,8 @@ describe('useOrganisationSecurity', () => {
       const mockOrg = { id: 'org-123' };
       // Mock the RBAC API to throw an error
-      const { isPermitted } = await import('../../rbac/api');
-      vi.mocked(isPermitted).mockImplementation(() => {
+      const { isPermittedCached } = await import('../../rbac/api');
+      vi.mocked(isPermittedCached).mockImplementation(() => {
         throw new Error('RBAC API exception');
       });
@@ -536,8 +537,8 @@ describe('useOrganisationSecurity', () => {
       const mockUser = { id: 'user-123', user_metadata: { eventId: 'event-123', appId: 'app-123' } };
       // Mock the RBAC API
-      const { isPermitted } = await import('../../rbac/api');
-      vi.mocked(isPermitted).mockResolvedValue(true);
+      const { isPermittedCached } = await import('../../rbac/api');
+      vi.mocked(isPermittedCached).mockResolvedValue(true);
       vi.mocked(useUnifiedAuth).mockReturnValue({
         ...mockUseUnifiedAuth,
@@ -549,7 +550,7 @@ describe('useOrganisationSecurity', () => {
       await result.current.hasPermission('view_basic', 'org-456');
-      expect(isPermitted).toHaveBeenCalledWith({
+      expect(isPermittedCached).toHaveBeenCalledWith({
         userId: 'user-123',
         scope: {
           organisationId: 'org-456',

package/src/hooks/__tests__/usePublicFileDisplay.test.ts CHANGED Viewed

@@ -21,9 +21,20 @@ import type { Database } from '../../types/database';
 import type { FileCategory } from '../../types/file-reference';
 import { FileCategory as FileCategoryEnum } from '../../types/file-reference';
-// Mock getPublicUrl
+// Mock getPublicUrl and generateFileUrlsBatch
 vi.mock('../../utils/storage/helpers', () => ({
-  getPublicUrl: vi.fn((supabase: any, path: string) => `https://example.com/${path}`)
+  getPublicUrl: vi.fn((supabase: any, path: string) => `https://example.com/${path}`),
+  generateFileUrlsBatch: vi.fn().mockImplementation(async (supabase, files) => {
+    const urlMap = new Map<string, string>();
+    for (const file of files) {
+      if (file.is_public) {
+        urlMap.set(file.id, `https://example.com/${file.file_path}`);
+      } else {
+        urlMap.set(file.id, `https://example.com/signed/${file.file_path}`);
+      }
+    }
+    return urlMap;
+  })
 }));
 // Mock logger
@@ -36,7 +47,7 @@ vi.mock('../../utils/core/logger', () => ({
   },
 }));
-import { getPublicUrl } from '../../utils/storage/helpers';
+import { getPublicUrl, generateFileUrlsBatch } from '../../utils/storage/helpers';
 describe('usePublicFileDisplay Hook', () => {
   let mockSupabase: SupabaseClient<Database>;
@@ -61,6 +72,19 @@ describe('usePublicFileDisplay Hook', () => {
     vi.clearAllMocks();
     clearPublicFileDisplayCache();
     mockSupabase = createMockSupabaseClient() as any;
+    // Reset generateFileUrlsBatch mock to ensure it returns a Map
+    vi.mocked(generateFileUrlsBatch).mockImplementation(async (supabase, files) => {
+      const urlMap = new Map<string, string>();
+      for (const file of files) {
+        if (file.is_public) {
+          urlMap.set(file.id, `https://example.com/${file.file_path}`);
+        } else {
+          urlMap.set(file.id, `https://example.com/signed/${file.file_path}`);
+        }
+      }
+      return urlMap;
+    });
   });
   afterEach(() => {
@@ -256,13 +280,14 @@ describe('usePublicFileDisplay Hook', () => {
       await waitFor(
         () => {
           expect(result.current.isLoading).toBe(false);
+          expect(result.current.fileCount).toBe(2);
+          expect(result.current.fileReferences.length).toBe(2);
+          expect(result.current.fileUrls).toBeDefined();
+          expect(result.current.fileUrls.size).toBe(2);
         },
         { timeout: 2000 }
       );
-      expect(result.current.fileCount).toBe(2);
-      expect(result.current.fileReferences.length).toBe(2);
-      expect(result.current.fileUrls.size).toBe(2);
       expect(result.current.fileUrls.get('file-123')).toBe('https://example.com/org-123/logos/logo.png');
       expect(result.current.fileUrls.get('file-456')).toBe('https://example.com/org-123/logos/logo2.png');
       expect(result.current.fileUrl).toBe(null); // No single file URL in multiple mode

package/src/hooks/index.ts CHANGED Viewed

@@ -28,6 +28,8 @@ export { useEventTheme } from './useEventTheme';
 // === DATA & STATE HOOKS ===
 export { useDebounce } from './useDebounce';
 export { useDataTableState } from './useDataTableState';
+export { useAddressAutocomplete } from './useAddressAutocomplete';
+export type { UseAddressAutocompleteOptions, UseAddressAutocompleteReturn } from './useAddressAutocomplete';
 // === ORGANISATION HOOKS ===
 export { useOrganisationPermissions } from './useOrganisationPermissions';
@@ -48,6 +50,8 @@ export { useComponentPerformance } from './useComponentPerformance';
 export { useAppConfig } from './useAppConfig';
 export type { UseAppConfigReturn } from './useAppConfig';
 export { usePerformanceMonitor } from './usePerformanceMonitor';
+export { useQueryCache, queryCacheHelpers } from './useQueryCache';
+export type { UseQueryCacheReturn, UseQueryCacheOptions } from './useQueryCache';
 // DataTable performance hook
 export { useDataTablePerformance } from './useDataTablePerformance';
@@ -56,6 +60,8 @@ export type { UseDataTablePerformanceOptions, UseDataTablePerformanceReturn } fr
 // === FILE DISPLAY HOOKS ===
 export { useFileDisplay, clearFileDisplayCache, getFileDisplayCacheStats, invalidateFileDisplayCache } from './useFileDisplay';
 export type { UseFileDisplayReturn, UseFileDisplayOptions } from './useFileDisplay';
+export { useFileUrlCache } from './useFileUrlCache';
+export type { UseFileUrlCacheReturn } from './useFileUrlCache';
 // === STORAGE HOOKS ===
 export { useStorage, useFileUpload } from './useStorage';
@@ -64,6 +70,9 @@ export type { UseStorageOptions, UseStorageReturn } from './useStorage';
 // === PUBLIC DATA ACCESS HOOKS ===
 export * from './public';
+// === PAGE LIFECYCLE HOOKS ===
+export { usePreventTabReload } from './usePreventTabReload';
+export type { UsePreventTabReloadOptions } from './usePreventTabReload';
 // RBAC Hooks - Use @jmruthers/pace-core/rbac instead
 // Note: RBAC functionality has been moved to the dedicated RBAC module

package/src/hooks/public/usePublicFileDisplay.ts CHANGED Viewed

@@ -40,7 +40,7 @@ import { useState, useEffect, useCallback } from 'react';
 import type { SupabaseClient } from '@supabase/supabase-js';
 import type { Database } from '../../types/database';
 import { FileReference, FileCategory } from '../../types/file-reference';
-import { getPublicUrl } from '../../utils/storage/helpers';
+import { getPublicUrl, generateFileUrlsBatch } from '../../utils/storage/helpers';
 import { logger } from '../../utils/core/logger';
 // Simple in-memory cache for public file data
@@ -236,7 +236,7 @@ export function usePublicFileDisplay(
           const ids = fileIds.map((item: any) => item.id);
           const { data: fullData, error: fetchError } = await supabase
             .from('file_references')
-            .select('*')
+            .select('id, table_name, record_id, file_path, file_metadata, organisation_id, app_id, is_public, created_at, updated_at')
             .in('id', ids)
             .eq('is_public', true); // Only public files in public context
@@ -295,14 +295,12 @@ export function usePublicFileDisplay(
         const url = getPublicUrl(supabase, firstFile.file_path, true);
         setFileUrl(url);
       } else {
-        // Multiple files mode - generate URLs for all files
-        const urlMap = new Map<string, string>();
-        for (const fileRef of fileRefs) {
-          const url = getPublicUrl(supabase, fileRef.file_path, true);
-          if (url) {
-            urlMap.set(fileRef.id, url);
-          }
-        }
+        // Multiple files mode - generate URLs for all files in batch
+        const urlMap = await generateFileUrlsBatch(supabase, fileRefs, {
+          appName: 'pace-core',
+          orgId: organisation_id,
+          expiresIn: 3600
+        });
         setFileUrls(urlMap);
         setFileReference(null);
         setFileUrl(null);