npm - @jmruthers/pace-core - Versions diffs - 0.5.189 → 0.5.190 - Mend

@jmruthers/pace-core 0.5.189 → 0.5.190

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (420) hide show

package/core-usage-manifest.json +0 -4
package/dist/{AuthService-B-cd2MA4.d.ts → AuthService-CbP_utw2.d.ts} +7 -3
package/dist/{DataTable-GUFUNZ3N.js → DataTable-ON3IXISJ.js} +8 -8
package/dist/{PublicPageProvider-B8HaLe69.d.ts → PublicPageProvider-C4uxosp6.d.ts} +83 -24
package/dist/{UnifiedAuthProvider-BG0AL5eE.d.ts → UnifiedAuthProvider-BYA9qB-o.d.ts} +4 -3
package/dist/{UnifiedAuthProvider-643PUAIM.js → UnifiedAuthProvider-X5NXANVI.js} +4 -2
package/dist/{api-YP7XD5L6.js → api-I6UCQ5S6.js} +4 -2
package/dist/{chunk-DDM4CCYT.js → chunk-4QYC5L4K.js} +60 -35
package/dist/chunk-4QYC5L4K.js.map +1 -0
package/dist/{chunk-IM4QE42D.js → chunk-73HSNNOQ.js} +141 -326
package/dist/chunk-73HSNNOQ.js.map +1 -0
package/dist/{chunk-YHCN776L.js → chunk-DZWK57KZ.js} +2 -75
package/dist/chunk-DZWK57KZ.js.map +1 -0
package/dist/{chunk-3GOZZZYH.js → chunk-HQVPB5MZ.js} +238 -301
package/dist/chunk-HQVPB5MZ.js.map +1 -0
package/dist/{chunk-THRPYOFK.js → chunk-HW3OVDUF.js} +5 -5
package/dist/chunk-HW3OVDUF.js.map +1 -0
package/dist/{chunk-F2IMUDXZ.js → chunk-I7PSE6JW.js} +75 -2
package/dist/chunk-I7PSE6JW.js.map +1 -0
package/dist/{chunk-VGZZXKBR.js → chunk-J2XXC7R5.js} +280 -52
package/dist/chunk-J2XXC7R5.js.map +1 -0
package/dist/{chunk-UCQSRW7Z.js → chunk-NIU6J6OX.js} +425 -378
package/dist/chunk-NIU6J6OX.js.map +1 -0
package/dist/{chunk-HESYZWZW.js → chunk-QWWZ5CAQ.js} +2 -2
package/dist/{chunk-HEHYGYOX.js → chunk-RUYZKXOD.js} +401 -46
package/dist/chunk-RUYZKXOD.js.map +1 -0
package/dist/{chunk-2UUZZJFT.js → chunk-SDMHPX3X.js} +176 -160
package/dist/{chunk-2UUZZJFT.js.map → chunk-SDMHPX3X.js.map} +1 -1
package/dist/{chunk-MX64ZF6I.js → chunk-STYK4OH2.js} +11 -11
package/dist/chunk-STYK4OH2.js.map +1 -0
package/dist/{chunk-YGPFYGA6.js → chunk-VVBAW5A5.js} +822 -498
package/dist/chunk-VVBAW5A5.js.map +1 -0
package/dist/chunk-Y4BUBBHD.js +614 -0
package/dist/chunk-Y4BUBBHD.js.map +1 -0
package/dist/{chunk-SAUPYVLF.js → chunk-ZSAAAMVR.js} +1 -1
package/dist/chunk-ZSAAAMVR.js.map +1 -0
package/dist/components.d.ts +3 -4
package/dist/components.js +19 -19
package/dist/components.js.map +1 -1
package/dist/eslint-rules/pace-core-compliance.cjs +0 -2
package/dist/{file-reference-D037xOFK.d.ts → file-reference-BavO2eQj.d.ts} +13 -10
package/dist/hooks.d.ts +10 -5
package/dist/hooks.js +14 -8
package/dist/hooks.js.map +1 -1
package/dist/index.d.ts +13 -11
package/dist/index.js +79 -69
package/dist/index.js.map +1 -1
package/dist/providers.d.ts +3 -3
package/dist/providers.js +3 -1
package/dist/rbac/index.d.ts +76 -12
package/dist/rbac/index.js +12 -9
package/dist/types.d.ts +1 -1
package/dist/types.js +1 -1
package/dist/{usePublicRouteParams-CTDELQ7H.d.ts → usePublicRouteParams-DxIDS4bC.d.ts} +16 -9
package/dist/utils.js +16 -16
package/docs/README.md +2 -2
package/docs/api/classes/ColumnFactory.md +1 -1
package/docs/api/classes/ErrorBoundary.md +1 -1
package/docs/api/classes/InvalidScopeError.md +2 -2
package/docs/api/classes/Logger.md +1 -1
package/docs/api/classes/MissingUserContextError.md +2 -2
package/docs/api/classes/OrganisationContextRequiredError.md +1 -1
package/docs/api/classes/PermissionDeniedError.md +1 -1
package/docs/api/classes/RBACAuditManager.md +1 -1
package/docs/api/classes/RBACCache.md +1 -1
package/docs/api/classes/RBACEngine.md +4 -4
package/docs/api/classes/RBACError.md +1 -1
package/docs/api/classes/RBACNotInitializedError.md +2 -2
package/docs/api/classes/SecureSupabaseClient.md +21 -16
package/docs/api/classes/StorageUtils.md +7 -4
package/docs/api/enums/FileCategory.md +1 -1
package/docs/api/enums/LogLevel.md +1 -1
package/docs/api/enums/RBACErrorCode.md +1 -1
package/docs/api/enums/RPCFunction.md +1 -1
package/docs/api/interfaces/AddressFieldProps.md +1 -1
package/docs/api/interfaces/AddressFieldRef.md +1 -1
package/docs/api/interfaces/AggregateConfig.md +1 -1
package/docs/api/interfaces/AutocompleteOptions.md +1 -1
package/docs/api/interfaces/AvatarProps.md +1 -1
package/docs/api/interfaces/BadgeProps.md +1 -1
package/docs/api/interfaces/ButtonProps.md +1 -1
package/docs/api/interfaces/CalendarProps.md +20 -6
package/docs/api/interfaces/CardProps.md +1 -1
package/docs/api/interfaces/ColorPalette.md +1 -1
package/docs/api/interfaces/ColorShade.md +1 -1
package/docs/api/interfaces/ComplianceResult.md +1 -1
package/docs/api/interfaces/DataAccessRecord.md +9 -9
package/docs/api/interfaces/DataRecord.md +1 -1
package/docs/api/interfaces/DataTableAction.md +1 -1
package/docs/api/interfaces/DataTableColumn.md +1 -1
package/docs/api/interfaces/DataTableProps.md +1 -1
package/docs/api/interfaces/DataTableToolbarButton.md +1 -1
package/docs/api/interfaces/DatabaseComplianceResult.md +1 -1
package/docs/api/interfaces/DatabaseIssue.md +1 -1
package/docs/api/interfaces/EmptyStateConfig.md +1 -1
package/docs/api/interfaces/EnhancedNavigationMenuProps.md +1 -1
package/docs/api/interfaces/EventAppRoleData.md +1 -1
package/docs/api/interfaces/ExportColumn.md +1 -1
package/docs/api/interfaces/ExportOptions.md +1 -1
package/docs/api/interfaces/FileDisplayProps.md +62 -16
package/docs/api/interfaces/FileMetadata.md +1 -1
package/docs/api/interfaces/FileReference.md +2 -2
package/docs/api/interfaces/FileSizeLimits.md +1 -1
package/docs/api/interfaces/FileUploadOptions.md +26 -12
package/docs/api/interfaces/FileUploadProps.md +30 -19
package/docs/api/interfaces/FooterProps.md +1 -1
package/docs/api/interfaces/FormFieldProps.md +1 -1
package/docs/api/interfaces/FormProps.md +1 -1
package/docs/api/interfaces/GrantEventAppRoleParams.md +1 -1
package/docs/api/interfaces/InactivityWarningModalProps.md +1 -1
package/docs/api/interfaces/InputProps.md +1 -1
package/docs/api/interfaces/LabelProps.md +1 -1
package/docs/api/interfaces/LoggerConfig.md +1 -1
package/docs/api/interfaces/LoginFormProps.md +1 -1
package/docs/api/interfaces/NavigationAccessRecord.md +10 -10
package/docs/api/interfaces/NavigationContextType.md +9 -9
package/docs/api/interfaces/NavigationGuardProps.md +1 -1
package/docs/api/interfaces/NavigationItem.md +1 -1
package/docs/api/interfaces/NavigationMenuProps.md +1 -1
package/docs/api/interfaces/NavigationProviderProps.md +7 -7
package/docs/api/interfaces/Organisation.md +1 -1
package/docs/api/interfaces/OrganisationContextType.md +1 -1
package/docs/api/interfaces/OrganisationMembership.md +1 -1
package/docs/api/interfaces/OrganisationProviderProps.md +1 -1
package/docs/api/interfaces/OrganisationSecurityError.md +1 -1
package/docs/api/interfaces/PaceAppLayoutProps.md +1 -1
package/docs/api/interfaces/PaceLoginPageProps.md +1 -1
package/docs/api/interfaces/PageAccessRecord.md +8 -8
package/docs/api/interfaces/PagePermissionContextType.md +8 -8
package/docs/api/interfaces/PagePermissionGuardProps.md +1 -1
package/docs/api/interfaces/PagePermissionProviderProps.md +7 -7
package/docs/api/interfaces/PaletteData.md +1 -1
package/docs/api/interfaces/ParsedAddress.md +1 -1
package/docs/api/interfaces/PermissionEnforcerProps.md +1 -1
package/docs/api/interfaces/ProgressProps.md +3 -11
package/docs/api/interfaces/ProtectedRouteProps.md +1 -1
package/docs/api/interfaces/PublicPageFooterProps.md +1 -1
package/docs/api/interfaces/PublicPageHeaderProps.md +1 -1
package/docs/api/interfaces/PublicPageLayoutProps.md +1 -1
package/docs/api/interfaces/QuickFix.md +1 -1
package/docs/api/interfaces/RBACAccessValidateParams.md +1 -1
package/docs/api/interfaces/RBACAccessValidateResult.md +1 -1
package/docs/api/interfaces/RBACAuditLogParams.md +1 -1
package/docs/api/interfaces/RBACAuditLogResult.md +1 -1
package/docs/api/interfaces/RBACConfig.md +1 -1
package/docs/api/interfaces/RBACContext.md +1 -1
package/docs/api/interfaces/RBACLogger.md +1 -1
package/docs/api/interfaces/RBACPageAccessCheckParams.md +1 -1
package/docs/api/interfaces/RBACPerformanceMetrics.md +1 -1
package/docs/api/interfaces/RBACPermissionCheckParams.md +1 -1
package/docs/api/interfaces/RBACPermissionCheckResult.md +1 -1
package/docs/api/interfaces/RBACPermissionsGetParams.md +1 -1
package/docs/api/interfaces/RBACPermissionsGetResult.md +1 -1
package/docs/api/interfaces/RBACResult.md +1 -1
package/docs/api/interfaces/RBACRoleGrantParams.md +1 -1
package/docs/api/interfaces/RBACRoleGrantResult.md +1 -1
package/docs/api/interfaces/RBACRoleRevokeParams.md +1 -1
package/docs/api/interfaces/RBACRoleRevokeResult.md +1 -1
package/docs/api/interfaces/RBACRoleValidateParams.md +1 -1
package/docs/api/interfaces/RBACRoleValidateResult.md +1 -1
package/docs/api/interfaces/RBACRolesListParams.md +1 -1
package/docs/api/interfaces/RBACRolesListResult.md +1 -1
package/docs/api/interfaces/RBACSessionTrackParams.md +1 -1
package/docs/api/interfaces/RBACSessionTrackResult.md +1 -1
package/docs/api/interfaces/ResourcePermissions.md +1 -1
package/docs/api/interfaces/RevokeEventAppRoleParams.md +1 -1
package/docs/api/interfaces/RoleBasedRouterContextType.md +8 -8
package/docs/api/interfaces/RoleBasedRouterProps.md +10 -10
package/docs/api/interfaces/RoleManagementResult.md +1 -1
package/docs/api/interfaces/RouteAccessRecord.md +10 -10
package/docs/api/interfaces/RouteConfig.md +10 -10
package/docs/api/interfaces/RuntimeComplianceResult.md +1 -1
package/docs/api/interfaces/SecureDataContextType.md +9 -9
package/docs/api/interfaces/SecureDataProviderProps.md +8 -8
package/docs/api/interfaces/SessionRestorationLoaderProps.md +1 -1
package/docs/api/interfaces/SetupIssue.md +1 -1
package/docs/api/interfaces/StorageConfig.md +4 -4
package/docs/api/interfaces/StorageFileInfo.md +7 -7
package/docs/api/interfaces/StorageFileMetadata.md +25 -14
package/docs/api/interfaces/StorageListOptions.md +22 -9
package/docs/api/interfaces/StorageListResult.md +4 -4
package/docs/api/interfaces/StorageUploadOptions.md +21 -8
package/docs/api/interfaces/StorageUploadResult.md +6 -6
package/docs/api/interfaces/StorageUrlOptions.md +19 -6
package/docs/api/interfaces/StyleImport.md +1 -1
package/docs/api/interfaces/SwitchProps.md +1 -1
package/docs/api/interfaces/TabsContentProps.md +1 -1
package/docs/api/interfaces/TabsListProps.md +1 -1
package/docs/api/interfaces/TabsProps.md +1 -1
package/docs/api/interfaces/TabsTriggerProps.md +1 -1
package/docs/api/interfaces/TextareaProps.md +1 -1
package/docs/api/interfaces/ToastActionElement.md +1 -1
package/docs/api/interfaces/ToastProps.md +1 -1
package/docs/api/interfaces/UnifiedAuthContextType.md +53 -53
package/docs/api/interfaces/UnifiedAuthProviderProps.md +13 -13
package/docs/api/interfaces/UseFormDialogOptions.md +1 -1
package/docs/api/interfaces/UseFormDialogReturn.md +1 -1
package/docs/api/interfaces/UseInactivityTrackerOptions.md +1 -1
package/docs/api/interfaces/UseInactivityTrackerReturn.md +1 -1
package/docs/api/interfaces/UsePublicEventLogoOptions.md +1 -1
package/docs/api/interfaces/UsePublicEventLogoReturn.md +1 -1
package/docs/api/interfaces/UsePublicEventOptions.md +1 -1
package/docs/api/interfaces/UsePublicEventReturn.md +1 -1
package/docs/api/interfaces/UsePublicFileDisplayOptions.md +1 -1
package/docs/api/interfaces/UsePublicFileDisplayReturn.md +1 -1
package/docs/api/interfaces/UsePublicRouteParamsReturn.md +1 -1
package/docs/api/interfaces/UseResolvedScopeOptions.md +4 -4
package/docs/api/interfaces/UseResolvedScopeReturn.md +4 -4
package/docs/api/interfaces/UseResourcePermissionsOptions.md +1 -1
package/docs/api/interfaces/UserEventAccess.md +11 -11
package/docs/api/interfaces/UserMenuProps.md +1 -1
package/docs/api/interfaces/UserProfile.md +1 -1
package/docs/api/modules.md +151 -92
package/docs/api-reference/components.md +15 -7
package/docs/api-reference/providers.md +2 -2
package/docs/api-reference/rpc-functions.md +1 -0
package/docs/best-practices/README.md +1 -1
package/docs/best-practices/deployment.md +8 -8
package/docs/getting-started/examples/README.md +2 -2
package/docs/getting-started/installation-guide.md +4 -4
package/docs/getting-started/quick-start.md +3 -3
package/docs/migration/MIGRATION_GUIDE.md +3 -3
package/docs/rbac/compliance/compliance-guide.md +2 -2
package/docs/rbac/event-based-apps.md +2 -2
package/docs/rbac/getting-started.md +2 -2
package/docs/rbac/quick-start.md +2 -2
package/docs/security/README.md +4 -4
package/docs/standards/07-rbac-and-rls-standard.md +430 -7
package/docs/troubleshooting/README.md +2 -2
package/docs/troubleshooting/migration.md +3 -3
package/package.json +1 -3
package/scripts/check-pace-core-compliance.cjs +1 -1
package/scripts/check-pace-core-compliance.js +1 -1
package/src/__tests__/fixtures/supabase.ts +301 -0
package/src/__tests__/public-recipe-view.test.ts +9 -9
package/src/__tests__/rls-policies.test.ts +197 -61
package/src/components/AddressField/AddressField.test.tsx +42 -0
package/src/components/AddressField/AddressField.tsx +71 -60
package/src/components/AddressField/README.md +1 -0
package/src/components/Alert/Alert.test.tsx +50 -10
package/src/components/Alert/Alert.tsx +5 -3
package/src/components/Avatar/Avatar.test.tsx +95 -43
package/src/components/Avatar/Avatar.tsx +16 -16
package/src/components/Button/Button.test.tsx +2 -1
package/src/components/Button/Button.tsx +3 -3
package/src/components/Calendar/Calendar.test.tsx +53 -37
package/src/components/Calendar/Calendar.tsx +409 -82
package/src/components/Card/Card.test.tsx +7 -4
package/src/components/Card/Card.tsx +3 -6
package/src/components/Checkbox/Checkbox.tsx +2 -2
package/src/components/DataTable/components/ActionButtons.tsx +5 -5
package/src/components/DataTable/components/BulkOperationsDropdown.tsx +2 -2
package/src/components/DataTable/components/ColumnFilter.tsx +1 -1
package/src/components/DataTable/components/ColumnVisibilityDropdown.tsx +3 -3
package/src/components/DataTable/components/DataTableBody.tsx +12 -12
package/src/components/DataTable/components/DataTableCore.tsx +3 -3
package/src/components/DataTable/components/DataTableToolbar.tsx +5 -5
package/src/components/DataTable/components/DraggableColumnHeader.tsx +3 -3
package/src/components/DataTable/components/EditableRow.tsx +2 -2
package/src/components/DataTable/components/EmptyState.tsx +3 -3
package/src/components/DataTable/components/GroupHeader.tsx +2 -2
package/src/components/DataTable/components/GroupingDropdown.tsx +1 -1
package/src/components/DataTable/components/ImportModal.tsx +4 -4
package/src/components/DataTable/components/LoadingState.tsx +1 -1
package/src/components/DataTable/components/PaginationControls.tsx +11 -11
package/src/components/DataTable/components/UnifiedTableBody.tsx +9 -9
package/src/components/DataTable/components/ViewRowModal.tsx +2 -2
package/src/components/DataTable/components/__tests__/AccessDeniedPage.test.tsx +11 -37
package/src/components/DataTable/components/__tests__/DataTableToolbar.test.tsx +157 -0
package/src/components/DataTable/components/__tests__/LoadingState.test.tsx +2 -1
package/src/components/DataTable/components/__tests__/VirtualizedDataTable.test.tsx +128 -0
package/src/components/DataTable/core/__tests__/ActionManager.test.ts +19 -0
package/src/components/DataTable/core/__tests__/ColumnFactory.test.ts +51 -0
package/src/components/DataTable/core/__tests__/ColumnManager.test.ts +84 -0
package/src/components/DataTable/core/__tests__/DataManager.test.ts +14 -0
package/src/components/DataTable/core/__tests__/DataTableContext.test.tsx +136 -0
package/src/components/DataTable/core/__tests__/LocalDataAdapter.test.ts +16 -0
package/src/components/DataTable/core/__tests__/PluginRegistry.test.ts +18 -0
package/src/components/DataTable/hooks/useDataTablePermissions.ts +28 -7
package/src/components/DataTable/utils/__tests__/hierarchicalUtils.test.ts +30 -1
package/src/components/DataTable/utils/hierarchicalUtils.ts +38 -10
package/src/components/DatePickerWithTimezone/DatePickerWithTimezone.test.tsx +8 -3
package/src/components/DatePickerWithTimezone/DatePickerWithTimezone.tsx +4 -4
package/src/components/Dialog/Dialog.tsx +2 -2
package/src/components/EventSelector/EventSelector.tsx +7 -7
package/src/components/FileDisplay/FileDisplay.tsx +291 -179
package/src/components/FileUpload/FileUpload.tsx +7 -4
package/src/components/Header/Header.test.tsx +28 -0
package/src/components/Header/Header.tsx +22 -9
package/src/components/InactivityWarningModal/InactivityWarningModal.tsx +2 -2
package/src/components/LoadingSpinner/LoadingSpinner.test.tsx +19 -14
package/src/components/LoadingSpinner/LoadingSpinner.tsx +5 -5
package/src/components/NavigationMenu/NavigationMenu.test.tsx +127 -1
package/src/components/OrganisationSelector/OrganisationSelector.tsx +8 -8
package/src/components/PaceAppLayout/PaceAppLayout.integration.test.tsx +4 -0
package/src/components/PaceAppLayout/PaceAppLayout.performance.test.tsx +3 -0
package/src/components/PaceAppLayout/PaceAppLayout.security.test.tsx +3 -0
package/src/components/PaceAppLayout/PaceAppLayout.test.tsx +16 -6
package/src/components/PaceAppLayout/PaceAppLayout.tsx +37 -3
package/src/components/PaceAppLayout/test-setup.tsx +1 -0
package/src/components/PaceLoginPage/PaceLoginPage.test.tsx +66 -45
package/src/components/PaceLoginPage/PaceLoginPage.tsx +6 -4
package/src/components/Progress/Progress.test.tsx +18 -19
package/src/components/Progress/Progress.tsx +31 -32
package/src/components/PublicLayout/PublicLayout.test.tsx +6 -6
package/src/components/PublicLayout/PublicPageProvider.tsx +5 -3
package/src/components/Select/Select.tsx +5 -5
package/src/components/Switch/Switch.test.tsx +2 -1
package/src/components/Switch/Switch.tsx +1 -1
package/src/components/Toast/Toast.tsx +1 -1
package/src/components/Tooltip/Tooltip.test.tsx +8 -2
package/src/components/UserMenu/UserMenu.tsx +3 -3
package/src/eslint-rules/pace-core-compliance.cjs +0 -2
package/src/eslint-rules/pace-core-compliance.js +0 -2
package/src/hooks/__tests__/hooks.integration.test.tsx +4 -1
package/src/hooks/__tests__/useAppConfig.unit.test.ts +76 -5
package/src/hooks/__tests__/useDataTableState.test.ts +76 -0
package/src/hooks/__tests__/useFileUrl.unit.test.ts +25 -69
package/src/hooks/__tests__/useFileUrlCache.test.ts +129 -0
package/src/hooks/__tests__/usePreventTabReload.test.ts +88 -0
package/src/hooks/__tests__/{usePublicEvent.unit.test.ts → usePublicEvent.test.ts} +28 -1
package/src/hooks/__tests__/useQueryCache.test.ts +144 -0
package/src/hooks/__tests__/useSecureDataAccess.unit.test.tsx +58 -16
package/src/hooks/index.ts +1 -1
package/src/hooks/public/usePublicEvent.ts +2 -2
package/src/hooks/public/usePublicFileDisplay.ts +173 -87
package/src/hooks/useAppConfig.ts +24 -5
package/src/hooks/useFileDisplay.ts +297 -34
package/src/hooks/useFileReference.ts +56 -11
package/src/hooks/useFileUrl.ts +1 -1
package/src/hooks/useInactivityTracker.ts +16 -7
package/src/hooks/usePermissionCache.test.ts +85 -8
package/src/hooks/useQueryCache.ts +21 -0
package/src/hooks/useSecureDataAccess.test.ts +80 -35
package/src/hooks/useSecureDataAccess.ts +80 -37
package/src/providers/services/EventServiceProvider.tsx +37 -17
package/src/providers/services/InactivityServiceProvider.tsx +4 -4
package/src/providers/services/OrganisationServiceProvider.tsx +8 -1
package/src/providers/services/UnifiedAuthProvider.tsx +115 -29
package/src/rbac/__tests__/auth-rbac.e2e.test.tsx +451 -0
package/src/rbac/__tests__/engine.comprehensive.test.ts +12 -0
package/src/rbac/__tests__/rbac-engine-core-logic.test.ts +8 -0
package/src/rbac/__tests__/rbac-engine-simplified.test.ts +4 -0
package/src/rbac/api.ts +240 -36
package/src/rbac/cache-invalidation.ts +21 -7
package/src/rbac/compliance/quick-fix-suggestions.ts +1 -1
package/src/rbac/components/NavigationGuard.tsx +23 -63
package/src/rbac/components/NavigationProvider.test.tsx +52 -23
package/src/rbac/components/NavigationProvider.tsx +13 -11
package/src/rbac/components/PagePermissionGuard.tsx +77 -203
package/src/rbac/components/PagePermissionProvider.tsx +13 -11
package/src/rbac/components/PermissionEnforcer.tsx +24 -62
package/src/rbac/components/RoleBasedRouter.tsx +14 -12
package/src/rbac/components/SecureDataProvider.tsx +13 -11
package/src/rbac/components/__tests__/NavigationGuard.test.tsx +104 -41
package/src/rbac/components/__tests__/NavigationProvider.test.tsx +49 -12
package/src/rbac/components/__tests__/PagePermissionGuard.race-condition.test.tsx +22 -1
package/src/rbac/components/__tests__/PagePermissionGuard.test.tsx +161 -82
package/src/rbac/components/__tests__/PagePermissionGuard.verification.test.tsx +22 -1
package/src/rbac/components/__tests__/PermissionEnforcer.test.tsx +77 -30
package/src/rbac/components/__tests__/RoleBasedRouter.test.tsx +39 -5
package/src/rbac/components/__tests__/SecureDataProvider.test.tsx +47 -4
package/src/rbac/engine.ts +4 -2
package/src/rbac/hooks/__tests__/useSecureSupabase.test.ts +144 -52
package/src/rbac/hooks/index.ts +3 -0
package/src/rbac/hooks/useCan.test.ts +101 -53
package/src/rbac/hooks/usePermissions.ts +108 -41
package/src/rbac/hooks/useRBAC.test.ts +11 -3
package/src/rbac/hooks/useRBAC.ts +83 -40
package/src/rbac/hooks/useResolvedScope.test.ts +189 -63
package/src/rbac/hooks/useResolvedScope.ts +128 -70
package/src/rbac/hooks/useSecureSupabase.ts +36 -19
package/src/rbac/hooks/useSuperAdminBypass.ts +126 -0
package/src/rbac/request-deduplication.ts +1 -1
package/src/rbac/secureClient.ts +72 -12
package/src/rbac/security.ts +29 -23
package/src/rbac/types.ts +10 -0
package/src/rbac/utils/__tests__/contextValidator.test.ts +150 -0
package/src/rbac/utils/__tests__/deep-equal.test.ts +53 -0
package/src/rbac/utils/__tests__/eventContext.test.ts +6 -1
package/src/rbac/utils/contextValidator.ts +288 -0
package/src/rbac/utils/eventContext.ts +48 -2
package/src/services/EventService.ts +165 -21
package/src/services/OrganisationService.ts +37 -2
package/src/services/__tests__/EventService.test.ts +26 -21
package/src/types/file-reference.ts +13 -10
package/src/utils/app/appNameResolver.test.ts +346 -73
package/src/utils/context/superAdminOverride.ts +58 -0
package/src/utils/file-reference/index.ts +61 -33
package/src/utils/google-places/googlePlacesUtils.test.ts +98 -0
package/src/utils/google-places/loadGoogleMapsScript.test.ts +83 -0
package/src/utils/storage/helpers.test.ts +1 -1
package/src/utils/storage/helpers.ts +38 -19
package/src/utils/storage/types.ts +15 -8
package/src/utils/validation/__tests__/csrf.test.ts +105 -0
package/src/utils/validation/__tests__/sqlInjectionProtection.test.ts +92 -0
package/src/vite-env.d.ts +2 -2
package/dist/chunk-3GOZZZYH.js.map +0 -1
package/dist/chunk-DDM4CCYT.js.map +0 -1
package/dist/chunk-E7UAOUMY.js +0 -75
package/dist/chunk-E7UAOUMY.js.map +0 -1
package/dist/chunk-F2IMUDXZ.js.map +0 -1
package/dist/chunk-HEHYGYOX.js.map +0 -1
package/dist/chunk-IM4QE42D.js.map +0 -1
package/dist/chunk-MX64ZF6I.js.map +0 -1
package/dist/chunk-SAUPYVLF.js.map +0 -1
package/dist/chunk-THRPYOFK.js.map +0 -1
package/dist/chunk-UCQSRW7Z.js.map +0 -1
package/dist/chunk-VGZZXKBR.js.map +0 -1
package/dist/chunk-YGPFYGA6.js.map +0 -1
package/dist/chunk-YHCN776L.js.map +0 -1
package/src/hooks/__tests__/usePermissionCache.simple.test.ts +0 -192
package/src/hooks/__tests__/usePermissionCache.unit.test.ts +0 -741
package/src/hooks/__tests__/usePublicEvent.simple.test.ts +0 -703
package/src/rbac/hooks/useRBAC.simple.test.ts +0 -95
package/src/rbac/utils/__tests__/eventContext.unit.test.ts +0 -428
/package/dist/{DataTable-GUFUNZ3N.js.map → DataTable-ON3IXISJ.js.map} +0 -0
/package/dist/{UnifiedAuthProvider-643PUAIM.js.map → UnifiedAuthProvider-X5NXANVI.js.map} +0 -0
/package/dist/{api-YP7XD5L6.js.map → api-I6UCQ5S6.js.map} +0 -0
/package/dist/{chunk-HESYZWZW.js.map → chunk-QWWZ5CAQ.js.map} +0 -0

package/src/rbac/hooks/useRBAC.simple.test.ts DELETED Viewed

@@ -1,95 +0,0 @@
-/**
- * @file useRBAC Hook Simple Tests
- * @package @jmruthers/pace-core
- * @module RBAC/Hooks/useRBAC
- * @since 0.3.0
- *
- * Simple tests for the useRBAC hook to verify basic functionality.
- */
-import { renderHook } from '@testing-library/react';
-import { vi, describe, it, expect, beforeEach } from 'vitest';
-// Mock the providers with simple mocks
-vi.mock('../../providers/UnifiedAuthProvider', () => ({
-  useUnifiedAuth: vi.fn(() => ({
-    user: { id: 'user-123' },
-    session: { access_token: 'mock-token' },
-    supabase: {
-      // Ensure realtime init is skipped
-      channel: undefined,
-      from: vi.fn(() => ({
-        select: vi.fn(() => ({
-          eq: vi.fn(() => ({
-            eq: vi.fn(() => ({
-              single: vi.fn().mockResolvedValue({
-                data: { global_role: 'user' },
-                error: null
-              })
-            }))
-          }))
-        }))
-      }))
-    },
-    appName: 'test-app'
-  }))
-}));
-vi.mock('../../providers/OrganisationProvider', () => ({
-  useOrganisations: vi.fn(() => ({
-    selectedOrganisation: { id: 'org-123', name: 'Test Org' }
-  }))
-}));
-vi.mock('../../providers/EventProvider', () => ({
-  useEvents: vi.fn(() => ({
-    selectedEvent: { event_id: 'event-123', name: 'Test Event' }
-  }))
-}));
-// Import after mocking
-vi.mock('./useRBAC', () => ({
-  useRBAC: () => ({
-    isLoading: false,
-    isAuthenticated: true,
-    globalRole: 'user',
-    organisationRole: 'member',
-    eventAppRole: 'participant',
-    isSuperAdmin: false,
-    isOrgAdmin: false,
-    hasGlobalPermission: () => true,
-    error: null,
-  }),
-}));
-import { useRBAC } from './useRBAC';
-describe('useRBAC Hook - Simple Tests', () => {
-    it('renders without crashing', () => {
-    const { result } = renderHook(() => useRBAC());
-    expect(result.current).toBeDefined();
-    expect(result.current.globalRole).toBeDefined();
-    expect(result.current.organisationRole).toBeDefined();
-    expect(result.current.eventAppRole).toBeDefined();
-  });
-  it('has required properties', () => {
-    const { result } = renderHook(() => useRBAC());
-    expect(result.current).toHaveProperty('globalRole');
-    expect(result.current).toHaveProperty('organisationRole');
-    expect(result.current).toHaveProperty('eventAppRole');
-    expect(result.current).toHaveProperty('hasGlobalPermission');
-    expect(result.current).toHaveProperty('isSuperAdmin');
-    expect(result.current).toHaveProperty('isOrgAdmin');
-    expect(result.current).toHaveProperty('isLoading');
-    expect(result.current).toHaveProperty('error');
-    // Note: hasPermission was removed - use useCan() hook instead
-  });
-  it('hasGlobalPermission is a function', () => {
-    const { result } = renderHook(() => useRBAC());
-    expect(typeof result.current.hasGlobalPermission).toBe('function');
-  });
-});

package/src/rbac/utils/__tests__/eventContext.unit.test.ts DELETED Viewed

@@ -1,428 +0,0 @@
-/**
- * @file Event Context Utilities Tests
- * @package @jmruthers/pace-core
- * @module RBAC/EventContext/Tests
- * @since 1.0.0
- *
- * Comprehensive tests for event context utilities in the RBAC system.
- */
-import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
-import { SupabaseClient } from '@supabase/supabase-js';
-import { Database } from '../../../types/database';
-import { UUID, Scope } from '../../types';
-import {
-  getOrganisationFromEvent,
-  createScopeFromEvent,
-  isEventBasedScope,
-  isValidEventBasedScope
-} from '../eventContext';
-// Mock Supabase client
-const createMockSupabaseClient = () => {
-  const mockQuery = {
-    select: vi.fn().mockReturnThis(),
-    eq: vi.fn().mockReturnThis(),
-    single: vi.fn()
-  };
-  return {
-    from: vi.fn().mockReturnValue(mockQuery),
-    query: mockQuery
-  } as unknown as SupabaseClient<Database>;
-};
-describe('Event Context Utilities', () => {
-  let mockSupabase: SupabaseClient<Database>;
-  let mockQuery: any;
-  beforeEach(() => {
-    mockSupabase = createMockSupabaseClient();
-    mockQuery = mockSupabase.from('event');
-  });
-  afterEach(() => {
-    vi.clearAllMocks();
-  });
-  describe('getOrganisationFromEvent', () => {
-    it('should return organisation ID when event exists', async () => {
-      const eventId = 'event-123';
-      const organisationId = 'org-456';
-      mockQuery.single.mockResolvedValue({
-        data: { organisation_id: organisationId },
-        error: null
-      });
-      const result = await getOrganisationFromEvent(mockSupabase, eventId);
-      expect(result).toBe(organisationId);
-      expect(mockSupabase.from).toHaveBeenCalledWith('event');
-      expect(mockQuery.select).toHaveBeenCalledWith('organisation_id');
-      expect(mockQuery.eq).toHaveBeenCalledWith('event_id', eventId);
-      expect(mockQuery.single).toHaveBeenCalled();
-    });
-    it('should return null when event does not exist', async () => {
-      const eventId = 'nonexistent-event';
-      mockQuery.single.mockResolvedValue({
-        data: null,
-        error: { message: 'Event not found' }
-      });
-      const result = await getOrganisationFromEvent(mockSupabase, eventId);
-      expect(result).toBeNull();
-    });
-    it('should return null when data is null', async () => {
-      const eventId = 'event-123';
-      mockQuery.single.mockResolvedValue({
-        data: null,
-        error: null
-      });
-      const result = await getOrganisationFromEvent(mockSupabase, eventId);
-      expect(result).toBeNull();
-    });
-    it('should handle database errors gracefully', async () => {
-      const eventId = 'event-123';
-      const dbError = new Error('Database connection failed');
-      mockQuery.single.mockRejectedValue(dbError);
-      await expect(getOrganisationFromEvent(mockSupabase, eventId))
-        .rejects.toThrow('Database connection failed');
-    });
-    it('should handle empty organisation_id', async () => {
-      const eventId = 'event-123';
-      mockQuery.single.mockResolvedValue({
-        data: { organisation_id: null },
-        error: null
-      });
-      const result = await getOrganisationFromEvent(mockSupabase, eventId);
-      expect(result).toBeNull();
-    });
-  });
-  describe('createScopeFromEvent', () => {
-    it('should create complete scope when event exists', async () => {
-      const eventId = 'event-123';
-      const organisationId = 'org-456';
-      const appId = 'app-789';
-      mockQuery.single.mockResolvedValue({
-        data: { organisation_id: organisationId },
-        error: null
-      });
-      const result = await createScopeFromEvent(mockSupabase, eventId, appId);
-      expect(result).toEqual({
-        organisationId,
-        eventId,
-        appId
-      });
-    });
-    it('should create scope without appId when not provided', async () => {
-      const eventId = 'event-123';
-      const organisationId = 'org-456';
-      mockQuery.single.mockResolvedValue({
-        data: { organisation_id: organisationId },
-        error: null
-      });
-      const result = await createScopeFromEvent(mockSupabase, eventId);
-      expect(result).toEqual({
-        organisationId,
-        eventId,
-        appId: undefined
-      });
-    });
-    it('should return null when event does not exist', async () => {
-      const eventId = 'nonexistent-event';
-      mockQuery.single.mockResolvedValue({
-        data: null,
-        error: { message: 'Event not found' }
-      });
-      const result = await createScopeFromEvent(mockSupabase, eventId);
-      expect(result).toBeNull();
-    });
-    it('should return null when organisation lookup fails', async () => {
-      const eventId = 'event-123';
-      mockQuery.single.mockResolvedValue({
-        data: { organisation_id: null },
-        error: null
-      });
-      const result = await createScopeFromEvent(mockSupabase, eventId);
-      expect(result).toBeNull();
-    });
-    it('should handle database errors gracefully', async () => {
-      const eventId = 'event-123';
-      const dbError = new Error('Database connection failed');
-      mockQuery.single.mockRejectedValue(dbError);
-      await expect(createScopeFromEvent(mockSupabase, eventId))
-        .rejects.toThrow('Database connection failed');
-    });
-  });
-  describe('isEventBasedScope', () => {
-    it('should return true for event-based scope (no organisationId, has eventId)', () => {
-      const scope: Scope = {
-        eventId: 'event-123',
-        appId: 'app-456'
-      };
-      expect(isEventBasedScope(scope)).toBe(true);
-    });
-    it('should return false when organisationId is present', () => {
-      const scope: Scope = {
-        organisationId: 'org-123',
-        eventId: 'event-123',
-        appId: 'app-456'
-      };
-      expect(isEventBasedScope(scope)).toBe(false);
-    });
-    it('should return false when eventId is missing', () => {
-      const scope: Scope = {
-        appId: 'app-456'
-      };
-      expect(isEventBasedScope(scope)).toBe(false);
-    });
-    it('should return false when both organisationId and eventId are missing', () => {
-      const scope: Scope = {
-        appId: 'app-456'
-      };
-      expect(isEventBasedScope(scope)).toBe(false);
-    });
-    it('should return false when eventId is null', () => {
-      const scope: Scope = {
-        eventId: null,
-        appId: 'app-456'
-      };
-      expect(isEventBasedScope(scope)).toBe(false);
-    });
-    it('should return false when eventId is undefined', () => {
-      const scope: Scope = {
-        eventId: undefined,
-        appId: 'app-456'
-      };
-      expect(isEventBasedScope(scope)).toBe(false);
-    });
-  });
-  describe('isValidEventBasedScope', () => {
-    it('should return true for valid event-based scope', () => {
-      const scope: Scope = {
-        eventId: 'event-123',
-        appId: 'app-456'
-      };
-      expect(isValidEventBasedScope(scope)).toBe(true);
-    });
-    it('should return false when eventId is missing', () => {
-      const scope: Scope = {
-        appId: 'app-456'
-      };
-      expect(isValidEventBasedScope(scope)).toBe(false);
-    });
-    it('should return false when eventId is null', () => {
-      const scope: Scope = {
-        eventId: null,
-        appId: 'app-456'
-      };
-      expect(isValidEventBasedScope(scope)).toBe(false);
-    });
-    it('should return false when eventId is undefined', () => {
-      const scope: Scope = {
-        eventId: undefined,
-        appId: 'app-456'
-      };
-      expect(isValidEventBasedScope(scope)).toBe(false);
-    });
-    it('should return false when organisationId is present (not event-based)', () => {
-      const scope: Scope = {
-        organisationId: 'org-123',
-        eventId: 'event-123',
-        appId: 'app-456'
-      };
-      expect(isValidEventBasedScope(scope)).toBe(false);
-    });
-    it('should return true for event-based scope without appId', () => {
-      const scope: Scope = {
-        eventId: 'event-123'
-      };
-      expect(isValidEventBasedScope(scope)).toBe(true);
-    });
-  });
-  describe('Edge Cases and Error Handling', () => {
-    it('should handle malformed event IDs', async () => {
-      const malformedEventId = '';
-      mockQuery.single.mockResolvedValue({
-        data: null,
-        error: { message: 'Invalid event ID' }
-      });
-      const result = await getOrganisationFromEvent(mockSupabase, malformedEventId);
-      expect(result).toBeNull();
-    });
-    it('should handle very long event IDs', async () => {
-      const longEventId = 'a'.repeat(1000);
-      const organisationId = 'org-456';
-      mockQuery.single.mockResolvedValue({
-        data: { organisation_id: organisationId },
-        error: null
-      });
-      const result = await getOrganisationFromEvent(mockSupabase, longEventId);
-      expect(result).toBe(organisationId);
-      expect(mockQuery.eq).toHaveBeenCalledWith('event_id', longEventId);
-    });
-    it('should handle special characters in event IDs', async () => {
-      const specialEventId = 'event-123!@#$%^&*()';
-      const organisationId = 'org-456';
-      mockQuery.single.mockResolvedValue({
-        data: { organisation_id: organisationId },
-        error: null
-      });
-      const result = await getOrganisationFromEvent(mockSupabase, specialEventId);
-      expect(result).toBe(organisationId);
-      expect(mockQuery.eq).toHaveBeenCalledWith('event_id', specialEventId);
-    });
-    it('should handle concurrent calls to getOrganisationFromEvent', async () => {
-      const eventId1 = 'event-123';
-      const eventId2 = 'event-456';
-      const organisationId1 = 'org-123';
-      const organisationId2 = 'org-456';
-      mockQuery.single
-        .mockResolvedValueOnce({
-          data: { organisation_id: organisationId1 },
-          error: null
-        })
-        .mockResolvedValueOnce({
-          data: { organisation_id: organisationId2 },
-          error: null
-        });
-      const [result1, result2] = await Promise.all([
-        getOrganisationFromEvent(mockSupabase, eventId1),
-        getOrganisationFromEvent(mockSupabase, eventId2)
-      ]);
-      expect(result1).toBe(organisationId1);
-      expect(result2).toBe(organisationId2);
-    });
-    it('should handle concurrent calls to createScopeFromEvent', async () => {
-      const eventId1 = 'event-123';
-      const eventId2 = 'event-456';
-      const organisationId1 = 'org-123';
-      const organisationId2 = 'org-456';
-      const appId1 = 'app-123';
-      const appId2 = 'app-456';
-      mockQuery.single
-        .mockResolvedValueOnce({
-          data: { organisation_id: organisationId1 },
-          error: null
-        })
-        .mockResolvedValueOnce({
-          data: { organisation_id: organisationId2 },
-          error: null
-        });
-      const [result1, result2] = await Promise.all([
-        createScopeFromEvent(mockSupabase, eventId1, appId1),
-        createScopeFromEvent(mockSupabase, eventId2, appId2)
-      ]);
-      expect(result1).toEqual({
-        organisationId: organisationId1,
-        eventId: eventId1,
-        appId: appId1
-      });
-      expect(result2).toEqual({
-        organisationId: organisationId2,
-        eventId: eventId2,
-        appId: appId2
-      });
-    });
-  });
-  describe('Type Safety', () => {
-    it('should handle UUID types correctly', () => {
-      const validUUID = '123e4567-e89b-12d3-a456-426614174000';
-      const scope: Scope = {
-        eventId: validUUID,
-        appId: validUUID
-      };
-      expect(isValidEventBasedScope(scope)).toBe(true);
-    });
-    it('should handle string types correctly', () => {
-      const stringId = 'event-123';
-      const scope: Scope = {
-        eventId: stringId,
-        appId: 'app-456'
-      };
-      expect(isValidEventBasedScope(scope)).toBe(true);
-    });
-  });
-});

/package/dist/{DataTable-GUFUNZ3N.js.map → DataTable-ON3IXISJ.js.map} RENAMED Viewed

File without changes

/package/dist/{UnifiedAuthProvider-643PUAIM.js.map → UnifiedAuthProvider-X5NXANVI.js.map} RENAMED Viewed

File without changes

/package/dist/{api-YP7XD5L6.js.map → api-I6UCQ5S6.js.map} RENAMED Viewed

File without changes

/package/dist/{chunk-HESYZWZW.js.map → chunk-QWWZ5CAQ.js.map} RENAMED Viewed

File without changes