npm - @jmruthers/pace-core - Versions diffs - 0.5.188 → 0.5.190 - Mend

@jmruthers/pace-core 0.5.188 → 0.5.190

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (424) hide show

package/core-usage-manifest.json +0 -4
package/dist/{AuthService-B-cd2MA4.d.ts → AuthService-CbP_utw2.d.ts} +7 -3
package/dist/{DataTable-GUFUNZ3N.js → DataTable-ON3IXISJ.js} +8 -8
package/dist/{PublicPageProvider-DrLDztHt.d.ts → PublicPageProvider-C4uxosp6.d.ts} +129 -40
package/dist/{UnifiedAuthProvider-BG0AL5eE.d.ts → UnifiedAuthProvider-BYA9qB-o.d.ts} +4 -3
package/dist/{UnifiedAuthProvider-643PUAIM.js → UnifiedAuthProvider-X5NXANVI.js} +4 -2
package/dist/{api-YP7XD5L6.js → api-I6UCQ5S6.js} +4 -2
package/dist/{chunk-DDM4CCYT.js → chunk-4QYC5L4K.js} +60 -35
package/dist/chunk-4QYC5L4K.js.map +1 -0
package/dist/{chunk-IM4QE42D.js → chunk-73HSNNOQ.js} +141 -326
package/dist/chunk-73HSNNOQ.js.map +1 -0
package/dist/{chunk-YHCN776L.js → chunk-DZWK57KZ.js} +2 -75
package/dist/chunk-DZWK57KZ.js.map +1 -0
package/dist/{chunk-3GOZZZYH.js → chunk-HQVPB5MZ.js} +238 -301
package/dist/chunk-HQVPB5MZ.js.map +1 -0
package/dist/{chunk-THRPYOFK.js → chunk-HW3OVDUF.js} +5 -5
package/dist/chunk-HW3OVDUF.js.map +1 -0
package/dist/{chunk-F2IMUDXZ.js → chunk-I7PSE6JW.js} +75 -2
package/dist/chunk-I7PSE6JW.js.map +1 -0
package/dist/{chunk-VGZZXKBR.js → chunk-J2XXC7R5.js} +280 -52
package/dist/chunk-J2XXC7R5.js.map +1 -0
package/dist/{chunk-UNOTYLQF.js → chunk-NIU6J6OX.js} +772 -725
package/dist/chunk-NIU6J6OX.js.map +1 -0
package/dist/{chunk-HESYZWZW.js → chunk-QWWZ5CAQ.js} +2 -2
package/dist/{chunk-HEHYGYOX.js → chunk-RUYZKXOD.js} +401 -46
package/dist/chunk-RUYZKXOD.js.map +1 -0
package/dist/{chunk-2UUZZJFT.js → chunk-SDMHPX3X.js} +176 -160
package/dist/{chunk-2UUZZJFT.js.map → chunk-SDMHPX3X.js.map} +1 -1
package/dist/{chunk-IPCH26AG.js → chunk-STYK4OH2.js} +11 -11
package/dist/chunk-STYK4OH2.js.map +1 -0
package/dist/{chunk-EFCLXK7F.js → chunk-VVBAW5A5.js} +4201 -3809
package/dist/chunk-VVBAW5A5.js.map +1 -0
package/dist/chunk-Y4BUBBHD.js +614 -0
package/dist/chunk-Y4BUBBHD.js.map +1 -0
package/dist/{chunk-SAUPYVLF.js → chunk-ZSAAAMVR.js} +1 -1
package/dist/chunk-ZSAAAMVR.js.map +1 -0
package/dist/components.d.ts +3 -5
package/dist/components.js +19 -23
package/dist/components.js.map +1 -1
package/dist/eslint-rules/pace-core-compliance.cjs +0 -2
package/dist/{file-reference-D037xOFK.d.ts → file-reference-BavO2eQj.d.ts} +13 -10
package/dist/hooks.d.ts +10 -5
package/dist/hooks.js +14 -8
package/dist/hooks.js.map +1 -1
package/dist/index.d.ts +13 -12
package/dist/index.js +79 -73
package/dist/index.js.map +1 -1
package/dist/providers.d.ts +3 -3
package/dist/providers.js +3 -1
package/dist/rbac/index.d.ts +76 -12
package/dist/rbac/index.js +12 -9
package/dist/types.d.ts +1 -1
package/dist/types.js +1 -1
package/dist/{usePublicRouteParams-CTDELQ7H.d.ts → usePublicRouteParams-DxIDS4bC.d.ts} +16 -9
package/dist/utils.js +16 -16
package/docs/README.md +2 -2
package/docs/api/classes/ColumnFactory.md +1 -1
package/docs/api/classes/ErrorBoundary.md +1 -1
package/docs/api/classes/InvalidScopeError.md +2 -2
package/docs/api/classes/Logger.md +1 -1
package/docs/api/classes/MissingUserContextError.md +2 -2
package/docs/api/classes/OrganisationContextRequiredError.md +1 -1
package/docs/api/classes/PermissionDeniedError.md +1 -1
package/docs/api/classes/RBACAuditManager.md +1 -1
package/docs/api/classes/RBACCache.md +1 -1
package/docs/api/classes/RBACEngine.md +4 -4
package/docs/api/classes/RBACError.md +1 -1
package/docs/api/classes/RBACNotInitializedError.md +2 -2
package/docs/api/classes/SecureSupabaseClient.md +21 -16
package/docs/api/classes/StorageUtils.md +7 -4
package/docs/api/enums/FileCategory.md +1 -1
package/docs/api/enums/LogLevel.md +1 -1
package/docs/api/enums/RBACErrorCode.md +1 -1
package/docs/api/enums/RPCFunction.md +1 -1
package/docs/api/interfaces/AddressFieldProps.md +1 -1
package/docs/api/interfaces/AddressFieldRef.md +1 -1
package/docs/api/interfaces/AggregateConfig.md +1 -1
package/docs/api/interfaces/AutocompleteOptions.md +1 -1
package/docs/api/interfaces/AvatarProps.md +128 -0
package/docs/api/interfaces/BadgeProps.md +1 -1
package/docs/api/interfaces/ButtonProps.md +1 -1
package/docs/api/interfaces/CalendarProps.md +20 -6
package/docs/api/interfaces/CardProps.md +1 -1
package/docs/api/interfaces/ColorPalette.md +1 -1
package/docs/api/interfaces/ColorShade.md +1 -1
package/docs/api/interfaces/ComplianceResult.md +1 -1
package/docs/api/interfaces/DataAccessRecord.md +9 -9
package/docs/api/interfaces/DataRecord.md +1 -1
package/docs/api/interfaces/DataTableAction.md +1 -1
package/docs/api/interfaces/DataTableColumn.md +1 -1
package/docs/api/interfaces/DataTableProps.md +1 -1
package/docs/api/interfaces/DataTableToolbarButton.md +1 -1
package/docs/api/interfaces/DatabaseComplianceResult.md +1 -1
package/docs/api/interfaces/DatabaseIssue.md +1 -1
package/docs/api/interfaces/EmptyStateConfig.md +1 -1
package/docs/api/interfaces/EnhancedNavigationMenuProps.md +1 -1
package/docs/api/interfaces/EventAppRoleData.md +1 -1
package/docs/api/interfaces/ExportColumn.md +1 -1
package/docs/api/interfaces/ExportOptions.md +1 -1
package/docs/api/interfaces/FileDisplayProps.md +62 -16
package/docs/api/interfaces/FileMetadata.md +1 -1
package/docs/api/interfaces/FileReference.md +2 -2
package/docs/api/interfaces/FileSizeLimits.md +1 -1
package/docs/api/interfaces/FileUploadOptions.md +26 -12
package/docs/api/interfaces/FileUploadProps.md +30 -19
package/docs/api/interfaces/FooterProps.md +1 -1
package/docs/api/interfaces/FormFieldProps.md +1 -1
package/docs/api/interfaces/FormProps.md +1 -1
package/docs/api/interfaces/GrantEventAppRoleParams.md +1 -1
package/docs/api/interfaces/InactivityWarningModalProps.md +1 -1
package/docs/api/interfaces/InputProps.md +1 -1
package/docs/api/interfaces/LabelProps.md +1 -1
package/docs/api/interfaces/LoggerConfig.md +1 -1
package/docs/api/interfaces/LoginFormProps.md +1 -1
package/docs/api/interfaces/NavigationAccessRecord.md +10 -10
package/docs/api/interfaces/NavigationContextType.md +9 -9
package/docs/api/interfaces/NavigationGuardProps.md +1 -1
package/docs/api/interfaces/NavigationItem.md +1 -1
package/docs/api/interfaces/NavigationMenuProps.md +1 -1
package/docs/api/interfaces/NavigationProviderProps.md +7 -7
package/docs/api/interfaces/Organisation.md +1 -1
package/docs/api/interfaces/OrganisationContextType.md +1 -1
package/docs/api/interfaces/OrganisationMembership.md +1 -1
package/docs/api/interfaces/OrganisationProviderProps.md +1 -1
package/docs/api/interfaces/OrganisationSecurityError.md +1 -1
package/docs/api/interfaces/PaceAppLayoutProps.md +1 -1
package/docs/api/interfaces/PaceLoginPageProps.md +1 -1
package/docs/api/interfaces/PageAccessRecord.md +8 -8
package/docs/api/interfaces/PagePermissionContextType.md +8 -8
package/docs/api/interfaces/PagePermissionGuardProps.md +1 -1
package/docs/api/interfaces/PagePermissionProviderProps.md +7 -7
package/docs/api/interfaces/PaletteData.md +1 -1
package/docs/api/interfaces/ParsedAddress.md +1 -1
package/docs/api/interfaces/PermissionEnforcerProps.md +1 -1
package/docs/api/interfaces/ProgressProps.md +3 -11
package/docs/api/interfaces/ProtectedRouteProps.md +1 -1
package/docs/api/interfaces/PublicPageFooterProps.md +1 -1
package/docs/api/interfaces/PublicPageHeaderProps.md +1 -1
package/docs/api/interfaces/PublicPageLayoutProps.md +1 -1
package/docs/api/interfaces/QuickFix.md +1 -1
package/docs/api/interfaces/RBACAccessValidateParams.md +1 -1
package/docs/api/interfaces/RBACAccessValidateResult.md +1 -1
package/docs/api/interfaces/RBACAuditLogParams.md +1 -1
package/docs/api/interfaces/RBACAuditLogResult.md +1 -1
package/docs/api/interfaces/RBACConfig.md +1 -1
package/docs/api/interfaces/RBACContext.md +1 -1
package/docs/api/interfaces/RBACLogger.md +1 -1
package/docs/api/interfaces/RBACPageAccessCheckParams.md +1 -1
package/docs/api/interfaces/RBACPerformanceMetrics.md +1 -1
package/docs/api/interfaces/RBACPermissionCheckParams.md +1 -1
package/docs/api/interfaces/RBACPermissionCheckResult.md +1 -1
package/docs/api/interfaces/RBACPermissionsGetParams.md +1 -1
package/docs/api/interfaces/RBACPermissionsGetResult.md +1 -1
package/docs/api/interfaces/RBACResult.md +1 -1
package/docs/api/interfaces/RBACRoleGrantParams.md +1 -1
package/docs/api/interfaces/RBACRoleGrantResult.md +1 -1
package/docs/api/interfaces/RBACRoleRevokeParams.md +1 -1
package/docs/api/interfaces/RBACRoleRevokeResult.md +1 -1
package/docs/api/interfaces/RBACRoleValidateParams.md +1 -1
package/docs/api/interfaces/RBACRoleValidateResult.md +1 -1
package/docs/api/interfaces/RBACRolesListParams.md +1 -1
package/docs/api/interfaces/RBACRolesListResult.md +1 -1
package/docs/api/interfaces/RBACSessionTrackParams.md +1 -1
package/docs/api/interfaces/RBACSessionTrackResult.md +1 -1
package/docs/api/interfaces/ResourcePermissions.md +1 -1
package/docs/api/interfaces/RevokeEventAppRoleParams.md +1 -1
package/docs/api/interfaces/RoleBasedRouterContextType.md +8 -8
package/docs/api/interfaces/RoleBasedRouterProps.md +10 -10
package/docs/api/interfaces/RoleManagementResult.md +1 -1
package/docs/api/interfaces/RouteAccessRecord.md +10 -10
package/docs/api/interfaces/RouteConfig.md +10 -10
package/docs/api/interfaces/RuntimeComplianceResult.md +1 -1
package/docs/api/interfaces/SecureDataContextType.md +9 -9
package/docs/api/interfaces/SecureDataProviderProps.md +8 -8
package/docs/api/interfaces/SessionRestorationLoaderProps.md +1 -1
package/docs/api/interfaces/SetupIssue.md +1 -1
package/docs/api/interfaces/StorageConfig.md +4 -4
package/docs/api/interfaces/StorageFileInfo.md +7 -7
package/docs/api/interfaces/StorageFileMetadata.md +25 -14
package/docs/api/interfaces/StorageListOptions.md +22 -9
package/docs/api/interfaces/StorageListResult.md +4 -4
package/docs/api/interfaces/StorageUploadOptions.md +21 -8
package/docs/api/interfaces/StorageUploadResult.md +6 -6
package/docs/api/interfaces/StorageUrlOptions.md +19 -6
package/docs/api/interfaces/StyleImport.md +1 -1
package/docs/api/interfaces/SwitchProps.md +1 -1
package/docs/api/interfaces/TabsContentProps.md +1 -1
package/docs/api/interfaces/TabsListProps.md +1 -1
package/docs/api/interfaces/TabsProps.md +1 -1
package/docs/api/interfaces/TabsTriggerProps.md +1 -1
package/docs/api/interfaces/TextareaProps.md +1 -1
package/docs/api/interfaces/ToastActionElement.md +1 -1
package/docs/api/interfaces/ToastProps.md +1 -1
package/docs/api/interfaces/UnifiedAuthContextType.md +53 -53
package/docs/api/interfaces/UnifiedAuthProviderProps.md +13 -13
package/docs/api/interfaces/UseFormDialogOptions.md +1 -1
package/docs/api/interfaces/UseFormDialogReturn.md +1 -1
package/docs/api/interfaces/UseInactivityTrackerOptions.md +1 -1
package/docs/api/interfaces/UseInactivityTrackerReturn.md +1 -1
package/docs/api/interfaces/UsePublicEventLogoOptions.md +1 -1
package/docs/api/interfaces/UsePublicEventLogoReturn.md +1 -1
package/docs/api/interfaces/UsePublicEventOptions.md +1 -1
package/docs/api/interfaces/UsePublicEventReturn.md +1 -1
package/docs/api/interfaces/UsePublicFileDisplayOptions.md +1 -1
package/docs/api/interfaces/UsePublicFileDisplayReturn.md +1 -1
package/docs/api/interfaces/UsePublicRouteParamsReturn.md +1 -1
package/docs/api/interfaces/UseResolvedScopeOptions.md +4 -4
package/docs/api/interfaces/UseResolvedScopeReturn.md +4 -4
package/docs/api/interfaces/UseResourcePermissionsOptions.md +1 -1
package/docs/api/interfaces/UserEventAccess.md +11 -11
package/docs/api/interfaces/UserMenuProps.md +1 -1
package/docs/api/interfaces/UserProfile.md +1 -1
package/docs/api/modules.md +155 -135
package/docs/api-reference/components.md +72 -29
package/docs/api-reference/providers.md +2 -2
package/docs/api-reference/rpc-functions.md +1 -0
package/docs/best-practices/README.md +1 -1
package/docs/best-practices/deployment.md +8 -8
package/docs/getting-started/examples/README.md +2 -2
package/docs/getting-started/installation-guide.md +4 -4
package/docs/getting-started/quick-start.md +3 -3
package/docs/migration/MIGRATION_GUIDE.md +3 -3
package/docs/rbac/compliance/compliance-guide.md +2 -2
package/docs/rbac/event-based-apps.md +2 -2
package/docs/rbac/getting-started.md +2 -2
package/docs/rbac/quick-start.md +2 -2
package/docs/security/README.md +4 -4
package/docs/standards/07-rbac-and-rls-standard.md +430 -7
package/docs/troubleshooting/README.md +2 -2
package/docs/troubleshooting/migration.md +3 -3
package/package.json +1 -4
package/scripts/check-pace-core-compliance.cjs +1 -1
package/scripts/check-pace-core-compliance.js +1 -1
package/src/__tests__/fixtures/supabase.ts +301 -0
package/src/__tests__/public-recipe-view.test.ts +9 -9
package/src/__tests__/rls-policies.test.ts +197 -61
package/src/components/AddressField/AddressField.test.tsx +42 -0
package/src/components/AddressField/AddressField.tsx +71 -60
package/src/components/AddressField/README.md +1 -0
package/src/components/Alert/Alert.test.tsx +50 -10
package/src/components/Alert/Alert.tsx +5 -3
package/src/components/Avatar/Avatar.test.tsx +252 -226
package/src/components/Avatar/Avatar.tsx +179 -53
package/src/components/Avatar/index.ts +1 -1
package/src/components/Button/Button.test.tsx +2 -1
package/src/components/Button/Button.tsx +3 -3
package/src/components/Calendar/Calendar.test.tsx +53 -37
package/src/components/Calendar/Calendar.tsx +409 -82
package/src/components/Card/Card.test.tsx +7 -4
package/src/components/Card/Card.tsx +3 -6
package/src/components/Checkbox/Checkbox.tsx +2 -2
package/src/components/DataTable/components/ActionButtons.tsx +5 -5
package/src/components/DataTable/components/BulkOperationsDropdown.tsx +2 -2
package/src/components/DataTable/components/ColumnFilter.tsx +1 -1
package/src/components/DataTable/components/ColumnVisibilityDropdown.tsx +3 -3
package/src/components/DataTable/components/DataTableBody.tsx +12 -12
package/src/components/DataTable/components/DataTableCore.tsx +3 -3
package/src/components/DataTable/components/DataTableToolbar.tsx +5 -5
package/src/components/DataTable/components/DraggableColumnHeader.tsx +3 -3
package/src/components/DataTable/components/EditableRow.tsx +2 -2
package/src/components/DataTable/components/EmptyState.tsx +3 -3
package/src/components/DataTable/components/GroupHeader.tsx +2 -2
package/src/components/DataTable/components/GroupingDropdown.tsx +1 -1
package/src/components/DataTable/components/ImportModal.tsx +4 -4
package/src/components/DataTable/components/LoadingState.tsx +1 -1
package/src/components/DataTable/components/PaginationControls.tsx +11 -11
package/src/components/DataTable/components/UnifiedTableBody.tsx +9 -9
package/src/components/DataTable/components/ViewRowModal.tsx +2 -2
package/src/components/DataTable/components/__tests__/AccessDeniedPage.test.tsx +11 -37
package/src/components/DataTable/components/__tests__/DataTableToolbar.test.tsx +157 -0
package/src/components/DataTable/components/__tests__/LoadingState.test.tsx +2 -1
package/src/components/DataTable/components/__tests__/VirtualizedDataTable.test.tsx +128 -0
package/src/components/DataTable/core/__tests__/ActionManager.test.ts +19 -0
package/src/components/DataTable/core/__tests__/ColumnFactory.test.ts +51 -0
package/src/components/DataTable/core/__tests__/ColumnManager.test.ts +84 -0
package/src/components/DataTable/core/__tests__/DataManager.test.ts +14 -0
package/src/components/DataTable/core/__tests__/DataTableContext.test.tsx +136 -0
package/src/components/DataTable/core/__tests__/LocalDataAdapter.test.ts +16 -0
package/src/components/DataTable/core/__tests__/PluginRegistry.test.ts +18 -0
package/src/components/DataTable/hooks/useDataTablePermissions.ts +28 -7
package/src/components/DataTable/utils/__tests__/hierarchicalUtils.test.ts +30 -1
package/src/components/DataTable/utils/hierarchicalUtils.ts +38 -10
package/src/components/DatePickerWithTimezone/DatePickerWithTimezone.test.tsx +8 -3
package/src/components/DatePickerWithTimezone/DatePickerWithTimezone.tsx +4 -4
package/src/components/Dialog/Dialog.tsx +2 -2
package/src/components/EventSelector/EventSelector.tsx +7 -7
package/src/components/FileDisplay/FileDisplay.tsx +291 -179
package/src/components/FileUpload/FileUpload.tsx +7 -4
package/src/components/Header/Header.test.tsx +28 -0
package/src/components/Header/Header.tsx +22 -9
package/src/components/InactivityWarningModal/InactivityWarningModal.tsx +2 -2
package/src/components/LoadingSpinner/LoadingSpinner.test.tsx +19 -14
package/src/components/LoadingSpinner/LoadingSpinner.tsx +5 -5
package/src/components/NavigationMenu/NavigationMenu.test.tsx +127 -1
package/src/components/OrganisationSelector/OrganisationSelector.tsx +8 -8
package/src/components/PaceAppLayout/PaceAppLayout.integration.test.tsx +4 -0
package/src/components/PaceAppLayout/PaceAppLayout.performance.test.tsx +3 -0
package/src/components/PaceAppLayout/PaceAppLayout.security.test.tsx +3 -0
package/src/components/PaceAppLayout/PaceAppLayout.test.tsx +16 -6
package/src/components/PaceAppLayout/PaceAppLayout.tsx +37 -3
package/src/components/PaceAppLayout/test-setup.tsx +1 -0
package/src/components/PaceLoginPage/PaceLoginPage.test.tsx +66 -45
package/src/components/PaceLoginPage/PaceLoginPage.tsx +6 -4
package/src/components/Progress/Progress.test.tsx +18 -19
package/src/components/Progress/Progress.tsx +31 -32
package/src/components/PublicLayout/PublicLayout.test.tsx +6 -6
package/src/components/PublicLayout/PublicPageProvider.tsx +5 -3
package/src/components/Select/Select.tsx +5 -5
package/src/components/Switch/Switch.test.tsx +2 -1
package/src/components/Switch/Switch.tsx +1 -1
package/src/components/Toast/Toast.tsx +1 -1
package/src/components/Tooltip/Tooltip.test.tsx +8 -2
package/src/components/UserMenu/UserMenu.test.tsx +7 -9
package/src/components/UserMenu/UserMenu.tsx +10 -8
package/src/components/index.ts +2 -1
package/src/eslint-rules/pace-core-compliance.cjs +0 -2
package/src/eslint-rules/pace-core-compliance.js +0 -2
package/src/hooks/__tests__/hooks.integration.test.tsx +4 -1
package/src/hooks/__tests__/useAppConfig.unit.test.ts +76 -5
package/src/hooks/__tests__/useDataTableState.test.ts +76 -0
package/src/hooks/__tests__/useFileUrl.unit.test.ts +25 -69
package/src/hooks/__tests__/useFileUrlCache.test.ts +129 -0
package/src/hooks/__tests__/usePreventTabReload.test.ts +88 -0
package/src/hooks/__tests__/{usePublicEvent.unit.test.ts → usePublicEvent.test.ts} +28 -1
package/src/hooks/__tests__/useQueryCache.test.ts +144 -0
package/src/hooks/__tests__/useSecureDataAccess.unit.test.tsx +58 -16
package/src/hooks/index.ts +1 -1
package/src/hooks/public/usePublicEvent.ts +2 -2
package/src/hooks/public/usePublicFileDisplay.ts +173 -87
package/src/hooks/useAppConfig.ts +24 -5
package/src/hooks/useFileDisplay.ts +297 -34
package/src/hooks/useFileReference.ts +56 -11
package/src/hooks/useFileUrl.ts +1 -1
package/src/hooks/useInactivityTracker.ts +16 -7
package/src/hooks/usePermissionCache.test.ts +85 -8
package/src/hooks/useQueryCache.ts +21 -0
package/src/hooks/useSecureDataAccess.test.ts +80 -35
package/src/hooks/useSecureDataAccess.ts +80 -37
package/src/index.ts +2 -1
package/src/providers/services/EventServiceProvider.tsx +37 -17
package/src/providers/services/InactivityServiceProvider.tsx +4 -4
package/src/providers/services/OrganisationServiceProvider.tsx +8 -1
package/src/providers/services/UnifiedAuthProvider.tsx +115 -29
package/src/rbac/__tests__/auth-rbac.e2e.test.tsx +451 -0
package/src/rbac/__tests__/engine.comprehensive.test.ts +12 -0
package/src/rbac/__tests__/rbac-engine-core-logic.test.ts +8 -0
package/src/rbac/__tests__/rbac-engine-simplified.test.ts +4 -0
package/src/rbac/api.ts +240 -36
package/src/rbac/cache-invalidation.ts +21 -7
package/src/rbac/compliance/quick-fix-suggestions.ts +1 -1
package/src/rbac/components/NavigationGuard.tsx +23 -63
package/src/rbac/components/NavigationProvider.test.tsx +52 -23
package/src/rbac/components/NavigationProvider.tsx +13 -11
package/src/rbac/components/PagePermissionGuard.tsx +77 -203
package/src/rbac/components/PagePermissionProvider.tsx +13 -11
package/src/rbac/components/PermissionEnforcer.tsx +24 -62
package/src/rbac/components/RoleBasedRouter.tsx +14 -12
package/src/rbac/components/SecureDataProvider.tsx +13 -11
package/src/rbac/components/__tests__/NavigationGuard.test.tsx +104 -41
package/src/rbac/components/__tests__/NavigationProvider.test.tsx +49 -12
package/src/rbac/components/__tests__/PagePermissionGuard.race-condition.test.tsx +22 -1
package/src/rbac/components/__tests__/PagePermissionGuard.test.tsx +161 -82
package/src/rbac/components/__tests__/PagePermissionGuard.verification.test.tsx +22 -1
package/src/rbac/components/__tests__/PermissionEnforcer.test.tsx +77 -30
package/src/rbac/components/__tests__/RoleBasedRouter.test.tsx +39 -5
package/src/rbac/components/__tests__/SecureDataProvider.test.tsx +47 -4
package/src/rbac/engine.ts +4 -2
package/src/rbac/hooks/__tests__/useSecureSupabase.test.ts +144 -52
package/src/rbac/hooks/index.ts +3 -0
package/src/rbac/hooks/useCan.test.ts +101 -53
package/src/rbac/hooks/usePermissions.ts +108 -41
package/src/rbac/hooks/useRBAC.test.ts +11 -3
package/src/rbac/hooks/useRBAC.ts +83 -40
package/src/rbac/hooks/useResolvedScope.test.ts +189 -63
package/src/rbac/hooks/useResolvedScope.ts +128 -70
package/src/rbac/hooks/useSecureSupabase.ts +36 -19
package/src/rbac/hooks/useSuperAdminBypass.ts +126 -0
package/src/rbac/request-deduplication.ts +1 -1
package/src/rbac/secureClient.ts +72 -12
package/src/rbac/security.ts +29 -23
package/src/rbac/types.ts +10 -0
package/src/rbac/utils/__tests__/contextValidator.test.ts +150 -0
package/src/rbac/utils/__tests__/deep-equal.test.ts +53 -0
package/src/rbac/utils/__tests__/eventContext.test.ts +6 -1
package/src/rbac/utils/contextValidator.ts +288 -0
package/src/rbac/utils/eventContext.ts +48 -2
package/src/services/EventService.ts +165 -21
package/src/services/OrganisationService.ts +37 -2
package/src/services/__tests__/EventService.test.ts +26 -21
package/src/types/file-reference.ts +13 -10
package/src/utils/app/appNameResolver.test.ts +346 -73
package/src/utils/context/superAdminOverride.ts +58 -0
package/src/utils/file-reference/index.ts +61 -33
package/src/utils/google-places/googlePlacesUtils.test.ts +98 -0
package/src/utils/google-places/loadGoogleMapsScript.test.ts +83 -0
package/src/utils/storage/helpers.test.ts +1 -1
package/src/utils/storage/helpers.ts +38 -19
package/src/utils/storage/types.ts +15 -8
package/src/utils/validation/__tests__/csrf.test.ts +105 -0
package/src/utils/validation/__tests__/sqlInjectionProtection.test.ts +92 -0
package/src/vite-env.d.ts +2 -2
package/dist/chunk-3GOZZZYH.js.map +0 -1
package/dist/chunk-DDM4CCYT.js.map +0 -1
package/dist/chunk-E7UAOUMY.js +0 -75
package/dist/chunk-E7UAOUMY.js.map +0 -1
package/dist/chunk-EFCLXK7F.js.map +0 -1
package/dist/chunk-F2IMUDXZ.js.map +0 -1
package/dist/chunk-HEHYGYOX.js.map +0 -1
package/dist/chunk-IM4QE42D.js.map +0 -1
package/dist/chunk-IPCH26AG.js.map +0 -1
package/dist/chunk-SAUPYVLF.js.map +0 -1
package/dist/chunk-THRPYOFK.js.map +0 -1
package/dist/chunk-UNOTYLQF.js.map +0 -1
package/dist/chunk-VGZZXKBR.js.map +0 -1
package/dist/chunk-YHCN776L.js.map +0 -1
package/src/hooks/__tests__/usePermissionCache.simple.test.ts +0 -192
package/src/hooks/__tests__/usePermissionCache.unit.test.ts +0 -741
package/src/hooks/__tests__/usePublicEvent.simple.test.ts +0 -703
package/src/rbac/hooks/useRBAC.simple.test.ts +0 -95
package/src/rbac/utils/__tests__/eventContext.unit.test.ts +0 -428
/package/dist/{DataTable-GUFUNZ3N.js.map → DataTable-ON3IXISJ.js.map} +0 -0
/package/dist/{UnifiedAuthProvider-643PUAIM.js.map → UnifiedAuthProvider-X5NXANVI.js.map} +0 -0
/package/dist/{api-YP7XD5L6.js.map → api-I6UCQ5S6.js.map} +0 -0
/package/dist/{chunk-HESYZWZW.js.map → chunk-QWWZ5CAQ.js.map} +0 -0

package/dist/{chunk-VGZZXKBR.js → chunk-J2XXC7R5.js} RENAMED Viewed

@@ -1,3 +1,7 @@
+import {
+  getAppConfigByName,
+  isSuperAdmin
+} from "./chunk-RUYZKXOD.js";
 import {
   assertOrganisationId,
   assertUserId
@@ -653,6 +657,17 @@ var OrganisationService = class extends BaseService {
   }
   // Additional methods for testing
   setSelectedOrganisation(organisation) {
+    if (organisation && this._organisations.length > 0) {
+      const isValidOrg = this._organisations.some((org) => org.id === organisation.id);
+      if (!isValidOrg) {
+        logger.warn("OrganisationService", "Attempted to set invalid organisation - not in user's accessible organisations", {
+          organisationId: organisation.id,
+          organisationName: organisation.name,
+          accessibleOrgIds: this._organisations.map((o) => o.id)
+        });
+        return;
+      }
+    }
     this._selectedOrganisation = organisation;
     if (organisation) {
       localStorage.setItem("pace-core-selected-organisation", JSON.stringify(organisation));
@@ -1009,17 +1024,31 @@ var OrganisationService = class extends BaseService {
       if (!initialOrg) {
         throw new Error("No valid organisation found for user");
       }
+      const currentSelectedOrg = this._selectedOrganisation;
+      if (currentSelectedOrg && !activeOrgs.some((org) => org.id === currentSelectedOrg.id)) {
+        logger.warn("OrganisationService", "Current selected organisation is no longer valid, resetting", {
+          invalidOrgId: currentSelectedOrg.id,
+          validOrgIds: activeOrgs.map((o) => o.id)
+        });
+        this._selectedOrganisation = null;
+      }
       this._selectedOrganisation = initialOrg;
       localStorage.setItem("pace-core-selected-organisation", JSON.stringify(initialOrg));
       await this.setDatabaseOrganisationContext(initialOrg);
       this.retryCount = 0;
       this.hasFailedRef = false;
     } catch (err) {
-      logger.error("OrganisationService", "Failed to load organisations:", err);
-      this._error = err;
+      const error = err;
+      if (error.message === "User has no access to active organisations") {
+        logger.warn("OrganisationService", "User has no active organisations (this is expected for users without organisation access):", error);
+      } else {
+        logger.error("OrganisationService", "Failed to load organisations:", err);
+      }
+      this._error = error;
       this.retryCount = this.retryCount + 1;
       this.hasFailedRef = true;
       this.clearAllCachedData();
+      this._isContextReady = true;
     } finally {
       this.isLoadingRef = false;
       this._isLoading = false;
@@ -1058,7 +1087,12 @@ function OrganisationServiceProvider({
     let isMounted = true;
     organisationService.initialize().catch((error) => {
       if (isMounted) {
-        logger.error("OrganisationServiceProvider", "Failed to initialize organisation service:", error);
+        const errorMessage = error instanceof Error ? error.message : String(error);
+        if (errorMessage === "User has no access to active organisations") {
+          logger.warn("OrganisationServiceProvider", "User has no active organisations (this is expected for users without organisation access):", error);
+        } else {
+          logger.error("OrganisationServiceProvider", "Failed to initialize organisation service:", error);
+        }
       }
     });
     return () => {
@@ -1095,6 +1129,10 @@ var EventService = class extends BaseService {
     this.appName = "";
     this.selectedOrganisation = null;
     this.setSelectedEventId = null;
+    this.isSuperAdmin = false;
+    // Track super admin status for conditional validation
+    this.appConfig = null;
+    // Cache app config to avoid repeated lookups
     // Internal state management
     this.isInitializedRef = false;
     this.isFetchingRef = false;
@@ -1120,6 +1158,7 @@ var EventService = class extends BaseService {
     const newOrgId = selectedOrganisation?.id;
     const previousUserId = this.user?.id || null;
     const newUserId = user?.id || null;
+    const previousAppName = this.appName;
     if (previousUserId !== newUserId) {
       if (previousUserId !== null) {
         await this.clearEventSelectionForUser(previousUserId);
@@ -1128,6 +1167,9 @@ var EventService = class extends BaseService {
         this.selectedEvent = null;
         this.setSelectedEventId?.(null);
       }
+      this.resetInitialization();
+      this.isInitializedRef = false;
+      this.isFetchingRef = false;
     }
     this.supabaseClient = supabaseClient;
     this.user = user;
@@ -1135,6 +1177,23 @@ var EventService = class extends BaseService {
     this.appName = appName;
     this.selectedOrganisation = selectedOrganisation;
     this.setSelectedEventId = setSelectedEventId;
+    if (previousAppName !== appName) {
+      this.appConfig = null;
+    }
+    if (user?.id) {
+      try {
+        this.isSuperAdmin = await isSuperAdmin(user.id);
+        logger.debug("EventService", "Updated super admin status", {
+          userId: user.id,
+          isSuperAdmin: this.isSuperAdmin
+        });
+      } catch (error) {
+        logger.warn("EventService", "Failed to check super admin status", { error });
+        this.isSuperAdmin = false;
+      }
+    } else {
+      this.isSuperAdmin = false;
+    }
     if (previousOrgId !== newOrgId) {
       this.resetInitialization();
       this.isInitializedRef = false;
@@ -1165,18 +1224,6 @@ var EventService = class extends BaseService {
   // Event methods
   setSelectedEvent(event) {
     if (event) {
-      try {
-        if (this.selectedOrganisation && event.organisation_id !== this.selectedOrganisation.id) {
-          logger.error("EventService", "Event organisation_id does not match selected organisation", {
-            eventOrganisationId: event.organisation_id,
-            selectedOrganisationId: this.selectedOrganisation.id,
-            eventName: event.event_name
-          });
-          return;
-        }
-      } catch (error) {
-        logger.error("EventService", "Error during event validation:", error);
-      }
       this.selectedEvent = event;
       this.setSelectedEventId?.(event.event_id);
       this.persistEventSelection(event.event_id).catch((error) => {
@@ -1273,16 +1320,31 @@ var EventService = class extends BaseService {
   }
   // Lifecycle methods
   async initialize() {
+    logger.debug("EventService", "initialize() called", {
+      isInitializedRef: this.isInitializedRef,
+      hasUser: !!this.user,
+      hasSession: !!this.session,
+      appName: this.appName
+    });
     await super.initialize();
   }
   cleanup() {
     super.cleanup();
   }
   async doInitialize() {
+    logger.debug("EventService", "doInitialize() called", {
+      isInitializedRef: this.isInitializedRef,
+      isFetchingRef: this.isFetchingRef,
+      hasUser: !!this.user,
+      hasSession: !!this.session,
+      appName: this.appName
+    });
     if (this.isInitializedRef) {
+      logger.debug("EventService", "Skipping initialization - already initialized");
       return;
     }
     if (this.isFetchingRef) {
+      logger.debug("EventService", "Skipping initialization - already fetching");
       return;
     }
     try {
@@ -1292,31 +1354,107 @@ var EventService = class extends BaseService {
     } catch (error) {
       logger.warn("EventService", "Failed to clean up old storage keys:", error);
     }
-    if (!this.user || !this.selectedOrganisation) {
+    if (!this.user) {
+      logger.debug("EventService", "Skipping initialization - missing user");
       return;
     }
+    logger.debug("EventService", "Initializing - fetching events", {
+      userId: this.user.id,
+      organisationId: this.selectedOrganisation?.id || "derived-from-event",
+      appName: this.appName
+    });
     await this.fetchEvents(false);
+    this.isInitializedRef = true;
   }
   doCleanup() {
   }
   async fetchEvents(skipLoadPersisted = false) {
-    if (!this.user || !this.session || !this.supabaseClient || !this.appName || !this.selectedOrganisation) {
+    if (!this.user || !this.session || !this.supabaseClient || !this.appName) {
+      logger.debug("EventService", "Skipping fetchEvents - missing dependencies", {
+        hasUser: !!this.user,
+        hasSession: !!this.session,
+        hasSupabaseClient: !!this.supabaseClient,
+        appName: this.appName
+      });
       this.notify();
       return;
     }
     this._isLoading = true;
     this.notify();
     if (this.isFetchingRef) {
+      logger.debug("EventService", "Skipping fetchEvents - already fetching");
       return;
     }
     this.isFetchingRef = true;
     let isMounted = true;
     try {
-      const { data, error: rpcError } = await this.supabaseClient.rpc("data_user_events_get", {
+      if (!this.appConfig && this.appName) {
+        try {
+          this.appConfig = await getAppConfigByName(this.appName);
+        } catch (configError) {
+          logger.warn("EventService", "Failed to load app config, defaulting to event-required", {
+            error: configError
+          });
+          this.appConfig = { requires_event: true };
+        }
+      }
+      let organisationIdForRpc = null;
+      let userIsSuperAdmin = false;
+      try {
+        userIsSuperAdmin = await isSuperAdmin(this.user.id);
+        if (userIsSuperAdmin) {
+          organisationIdForRpc = null;
+          logger.debug("EventService", "Super admin detected - fetching all events", {
+            userId: this.user.id
+          });
+        } else {
+          if (this.selectedEvent) {
+            organisationIdForRpc = this.selectedEvent.organisation_id;
+          } else if (this.appConfig?.requires_event === true) {
+            organisationIdForRpc = null;
+            logger.debug("EventService", "Event-required app: fetching all accessible events (no event selected yet)", {
+              userId: this.user.id,
+              appName: this.appName
+            });
+          } else if (this.selectedOrganisation) {
+            organisationIdForRpc = this.selectedOrganisation.id;
+          } else {
+            logger.warn("EventService", "No organisation context available for event fetch", {
+              hasSelectedEvent: !!this.selectedEvent,
+              hasSelectedOrganisation: !!this.selectedOrganisation,
+              appRequiresEvent: this.appConfig?.requires_event
+            });
+            organisationIdForRpc = null;
+          }
+        }
+      } catch (superAdminCheckError) {
+        logger.warn("EventService", "Failed to check super admin status, using organisation-scoped query", {
+          error: superAdminCheckError
+        });
+        if (this.selectedEvent) {
+          organisationIdForRpc = this.selectedEvent.organisation_id;
+        } else if (this.appConfig?.requires_event === true) {
+          organisationIdForRpc = null;
+        } else if (this.selectedOrganisation) {
+          organisationIdForRpc = this.selectedOrganisation.id;
+        }
+      }
+      logger.debug("EventService", "Fetching events via RPC", {
+        userId: this.user.id,
+        organisationId: organisationIdForRpc,
+        appName: this.appName
+      });
+      let { data, error: rpcError } = await this.supabaseClient.rpc("data_user_events_get", {
         p_user_id: this.user.id,
-        p_organisation_id: this.selectedOrganisation.id,
+        p_organisation_id: organisationIdForRpc,
         p_app_name: this.appName
       });
+      logger.debug("EventService", "RPC response received", {
+        hasData: !!data,
+        dataLength: Array.isArray(data) ? data.length : "not array",
+        hasError: !!rpcError,
+        error: rpcError
+      });
       if (rpcError) {
         logger.error("EventService", "RPC error fetching events:", rpcError);
         throw new Error(rpcError.message || "Failed to fetch events");
@@ -1428,24 +1566,41 @@ function EventServiceProvider({
   setSelectedEventId
 }) {
   const eventServiceRef = useRef2(null);
+  const initializingRef = useRef2(false);
   if (!eventServiceRef.current) {
     eventServiceRef.current = new EventService(supabaseClient, user, session, appName, selectedOrganisation, setSelectedEventId);
   }
   const eventService = eventServiceRef.current;
   useEffect3(() => {
     let isMounted = true;
+    if (initializingRef.current) {
+      return;
+    }
     const updateAndInitialize = async () => {
-      await eventService.updateDependencies(supabaseClient, user, session, appName, selectedOrganisation, setSelectedEventId);
-      if (!isMounted) return;
-      await eventService.initialize().catch((error) => {
-        if (isMounted) {
-          logger.error("EventServiceProvider", "Failed to initialize event service:", error);
-        }
-      });
+      initializingRef.current = true;
+      try {
+        logger.debug("EventServiceProvider", "Updating dependencies and initializing", {
+          hasUser: !!user,
+          hasSession: !!session,
+          appName,
+          hasSelectedOrganisation: !!selectedOrganisation,
+          organisationId: selectedOrganisation?.id
+        });
+        await eventService.updateDependencies(supabaseClient, user, session, appName, selectedOrganisation, setSelectedEventId);
+        if (!isMounted) return;
+        await eventService.initialize().catch((error) => {
+          if (isMounted) {
+            logger.error("EventServiceProvider", "Failed to initialize event service:", error);
+          }
+        });
+      } finally {
+        initializingRef.current = false;
+      }
     };
     updateAndInitialize();
     return () => {
       isMounted = false;
+      initializingRef.current = false;
     };
   }, [supabaseClient, user, session, appName, selectedOrganisation, setSelectedEventId]);
   useEffect3(() => {
@@ -1750,8 +1905,10 @@ function InactivityServiceProvider({
   supabaseClient,
   user,
   session,
-  idleTimeoutMs = 30 * 60 * 1e3,
-  warnBeforeMs = 60 * 1e3,
+  idleTimeoutMs,
+  // REQUIRED: No default - must be explicitly provided
+  warnBeforeMs,
+  // REQUIRED: No default - must be explicitly provided
   onIdleLogout
 }) {
   const inactivityServiceRef = useRef3(null);
@@ -1810,6 +1967,29 @@ function useOrganisationService() {
   return context.organisationService;
 }
+// src/hooks/useOrganisations.ts
+function useOrganisations() {
+  const organisationService = useOrganisationService();
+  const selectedOrg = organisationService.getSelectedOrganisation();
+  return {
+    selectedOrganisation: selectedOrg,
+    organisations: organisationService.getOrganisations(),
+    userMemberships: organisationService.getUserMemberships(),
+    isLoading: organisationService.isLoading(),
+    error: organisationService.getError(),
+    hasValidOrganisationContext: organisationService.hasValidOrganisationContext(),
+    isContextReady: organisationService.isContextReady(),
+    setSelectedOrganisation: (org) => organisationService.setSelectedOrganisation(org),
+    switchOrganisation: (orgId) => organisationService.switchOrganisation(orgId),
+    getUserRole: (orgId) => organisationService.getUserRole(orgId),
+    validateOrganisationAccess: (orgId) => organisationService.validateOrganisationAccess(orgId),
+    refreshOrganisations: () => organisationService.refreshOrganisations(),
+    ensureOrganisationContext: () => organisationService.ensureOrganisationContext(),
+    isOrganisationSecure: () => organisationService.isOrganisationSecure(),
+    getPrimaryOrganisation: () => organisationService.getPrimaryOrganisation()
+  };
+}
 // src/hooks/services/useEventService.ts
 import { useContext as useContext3, useReducer as useReducer3, useEffect as useEffect7 } from "react";
 function useEventService() {
@@ -1893,6 +2073,7 @@ function UnifiedAuthContextProvider({
   appName,
   appConfig = { requires_event: true },
   // Default to requiring events
+  supabaseClient: supabaseClientProp,
   ...props
 }) {
   const authService = useAuthService();
@@ -1932,15 +2113,31 @@ function UnifiedAuthContextProvider({
   const currentUser = authService.getUser();
   const currentSession = authService.getSession();
   const isAuth = !!(currentUser && currentSession);
-  const supabase = authService.getSupabaseClient();
+  const supabase = useMemo6(() => supabaseClientProp, [supabaseClientProp]);
   const [appId, setAppId] = useState3(void 0);
   const isResolvingAppIdRef = useRef4(false);
+  const resolvedAppIdRef = useRef4(void 0);
+  const resolvedUserIdRef = useRef4(void 0);
   useEffect10(() => {
-    if (isAuth && currentUser?.id && supabase && appName && !appId && !isResolvingAppIdRef.current) {
+    if (!isAuth) {
+      resolvedAppIdRef.current = void 0;
+      resolvedUserIdRef.current = void 0;
+      setAppId(void 0);
+      return;
+    }
+    if (currentUser?.id && resolvedUserIdRef.current && resolvedUserIdRef.current !== currentUser.id) {
+      resolvedAppIdRef.current = void 0;
+      resolvedUserIdRef.current = void 0;
+      setAppId(void 0);
+    }
+    const currentUserId = currentUser?.id;
+    if (isAuth && currentUserId && supabase && appName && resolvedUserIdRef.current !== currentUserId && // Haven't resolved for this user yet
+    !isResolvingAppIdRef.current) {
       isResolvingAppIdRef.current = true;
-      const userId = currentUser.id;
+      resolvedUserIdRef.current = currentUserId;
+      const userId = currentUserId;
       const appNameValue = appName;
-      import("./api-YP7XD5L6.js").then(async ({ resolveAppContext, setupRBAC }) => {
+      import("./api-I6UCQ5S6.js").then(async ({ resolveAppContext, setupRBAC }) => {
         try {
           setupRBAC(supabase);
           const result = await resolveAppContext({
@@ -1948,11 +2145,14 @@ function UnifiedAuthContextProvider({
             appName: appNameValue
           });
           if (result?.appId) {
+            resolvedAppIdRef.current = result.appId;
             setAppId(result.appId);
             logger.debug("UnifiedAuthProvider", "appId resolved on login", {
               appId: result.appId,
               appName: appNameValue
             });
+          } else {
+            resolvedUserIdRef.current = void 0;
           }
         } catch (error) {
           logger.error("UnifiedAuthProvider", "Failed to resolve appId on login", {
@@ -1960,41 +2160,64 @@ function UnifiedAuthContextProvider({
             appName: appNameValue,
             userId
           });
+          resolvedUserIdRef.current = void 0;
         } finally {
           isResolvingAppIdRef.current = false;
         }
       }).catch((importError) => {
         logger.error("UnifiedAuthProvider", "Failed to import RBAC API", importError);
         isResolvingAppIdRef.current = false;
+        resolvedUserIdRef.current = void 0;
       });
     }
-    if (!isAuth) {
-      setAppId(void 0);
-    }
-  }, [isAuth, currentUser?.id, supabase, appName, appId]);
+  }, [isAuth, currentUser?.id, supabase, appName]);
   const [, forceUpdate] = useReducer5((x) => x + 1, 0);
+  const forceUpdateTimeoutRef = useRef4(null);
+  const debouncedForceUpdate = useCallback(() => {
+    if (forceUpdateTimeoutRef.current) {
+      clearTimeout(forceUpdateTimeoutRef.current);
+    }
+    forceUpdateTimeoutRef.current = setTimeout(() => {
+      forceUpdate();
+      forceUpdateTimeoutRef.current = null;
+    }, 0);
+  }, [forceUpdate]);
+  const authServiceRef = useRef4(authService);
+  const organisationServiceRef = useRef4(organisationService);
+  const eventServiceRef = useRef4(eventService);
+  const inactivityServiceRef = useRef4(inactivityService);
+  useEffect10(() => {
+    authServiceRef.current = authService;
+    organisationServiceRef.current = organisationService;
+    eventServiceRef.current = eventService;
+    inactivityServiceRef.current = inactivityService;
+  }, [authService, organisationService, eventService, inactivityService]);
   useEffect10(() => {
-    const unsubscribeAuth = authService.subscribe(() => forceUpdate());
-    const unsubscribeOrg = organisationService.subscribe(() => forceUpdate());
-    const unsubscribeEvent = eventService.subscribe(() => forceUpdate());
-    const unsubscribeInactivity = inactivityService.subscribe(() => forceUpdate());
+    const unsubscribeAuth = authServiceRef.current.subscribe(debouncedForceUpdate);
+    const unsubscribeOrg = organisationServiceRef.current.subscribe(debouncedForceUpdate);
+    const unsubscribeEvent = eventServiceRef.current.subscribe(debouncedForceUpdate);
+    const unsubscribeInactivity = inactivityServiceRef.current.subscribe(debouncedForceUpdate);
     return () => {
       unsubscribeAuth();
       unsubscribeOrg();
       unsubscribeEvent();
       unsubscribeInactivity();
+      if (forceUpdateTimeoutRef.current) {
+        clearTimeout(forceUpdateTimeoutRef.current);
+      }
     };
-  }, [authService, organisationService, eventService, inactivityService]);
+  }, [debouncedForceUpdate]);
   const authLoading = authService.isLoading();
   const orgLoading = organisationService.isLoading();
   const eventLoading = eventService.isLoading();
   const restorationLoading = sessionRestoration.isRestoring && !sessionRestorationTimedOut && !sessionRestoration.restorationError;
   const totalLoading = restorationLoading || authLoading || orgLoading || eventLoading;
   const authError = authService.getError();
-  const selectedOrganisation = organisationService.getSelectedOrganisation();
+  const rawSelectedOrganisation = organisationService.getSelectedOrganisation();
   const organisations = organisationService.getOrganisations();
   const userMemberships = organisationService.getUserMemberships();
   const organisationError = organisationService.getError();
+  const selectedOrganisation = appConfig?.requires_event ? null : rawSelectedOrganisation;
   const hasValidOrganisationContext = organisationService.hasValidOrganisationContext();
   const isContextReady = organisationService.isContextReady();
   const events = eventService.getEvents();
@@ -2170,10 +2393,13 @@ function EventServiceProviderWrapper({
   supabaseClient,
   user,
   session,
-  appName
+  appName,
+  appConfig
 }) {
-  const organisationService = useOrganisationService();
-  const selectedOrganisation = organisationService.getSelectedOrganisation();
+  const { selectedOrganisation: rawSelectedOrganisation } = useOrganisations();
+  const selectedOrganisation = appConfig?.requires_event ? null : rawSelectedOrganisation;
+  const setSelectedEventId = useCallback(() => {
+  }, []);
   return /* @__PURE__ */ jsx5(
     EventServiceProvider,
     {
@@ -2182,8 +2408,7 @@ function EventServiceProviderWrapper({
       session,
       appName,
       selectedOrganisation,
-      setSelectedEventId: () => {
-      },
+      setSelectedEventId,
       children
     }
   );
@@ -2216,6 +2441,7 @@ function ServiceAwareProviders({
           user: authService.getUser(),
           session: authService.getSession(),
           appName,
+          appConfig,
           children: /* @__PURE__ */ jsx5(
             InactivityServiceProvider,
             {
@@ -2258,11 +2484,12 @@ function UnifiedAuthProvider({
   persistState = true,
   enablePersistence,
   requireOrganisationContext = true,
-  idleTimeoutMs = 30 * 60 * 1e3,
-  // 30 minutes
-  warnBeforeMs = 60 * 1e3,
-  // 60 seconds
+  idleTimeoutMs,
+  // REQUIRED: No default - must be explicitly provided
+  warnBeforeMs,
+  // REQUIRED: No default - must be explicitly provided
   onIdleLogout,
+  // REQUIRED: No default - must be explicitly provided
   renderInactivityWarning,
   dangerouslyDisableInactivity = false
 }) {
@@ -2307,6 +2534,7 @@ export {
   InactivityServiceProvider,
   useAuthService,
   useOrganisationService,
+  useOrganisations,
   useEventService,
   useInactivityService,
   useSessionRestoration,
@@ -2314,4 +2542,4 @@ export {
   useUnifiedAuth,
   UnifiedAuthProvider
 };
-//# sourceMappingURL=chunk-VGZZXKBR.js.map
+//# sourceMappingURL=chunk-J2XXC7R5.js.map