npm - @jmruthers/pace-core - Versions diffs - 0.5.189 → 0.5.191 - Mend

@jmruthers/pace-core 0.5.189 → 0.5.191

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (438) hide show

package/core-usage-manifest.json +0 -4
package/dist/{AuthService-B-cd2MA4.d.ts → AuthService-CbP_utw2.d.ts} +7 -3
package/dist/{DataTable-IVYljGJ6.d.ts → DataTable-Be6dH_dR.d.ts} +1 -1
package/dist/{DataTable-GUFUNZ3N.js → DataTable-WKRZD47S.js} +8 -8
package/dist/{PublicPageProvider-B8HaLe69.d.ts → PublicPageProvider-ULXC_u6U.d.ts} +84 -25
package/dist/{UnifiedAuthProvider-BG0AL5eE.d.ts → UnifiedAuthProvider-BYA9qB-o.d.ts} +4 -3
package/dist/{UnifiedAuthProvider-643PUAIM.js → UnifiedAuthProvider-FTSG5XH7.js} +4 -2
package/dist/{api-YP7XD5L6.js → api-IHKALJZD.js} +4 -2
package/dist/{chunk-VGZZXKBR.js → chunk-6LTQQAT6.js} +351 -157
package/dist/chunk-6LTQQAT6.js.map +1 -0
package/dist/{chunk-MX64ZF6I.js → chunk-6TQDD426.js} +15 -15
package/dist/chunk-6TQDD426.js.map +1 -0
package/dist/{chunk-YHCN776L.js → chunk-G37KK66H.js} +2 -75
package/dist/chunk-G37KK66H.js.map +1 -0
package/dist/{chunk-THRPYOFK.js → chunk-HW3OVDUF.js} +5 -5
package/dist/chunk-HW3OVDUF.js.map +1 -0
package/dist/{chunk-F2IMUDXZ.js → chunk-I7PSE6JW.js} +75 -2
package/dist/chunk-I7PSE6JW.js.map +1 -0
package/dist/{chunk-IM4QE42D.js → chunk-LOMZXPSN.js} +141 -326
package/dist/chunk-LOMZXPSN.js.map +1 -0
package/dist/chunk-OETXORNB.js +614 -0
package/dist/chunk-OETXORNB.js.map +1 -0
package/dist/{chunk-HESYZWZW.js → chunk-QWWZ5CAQ.js} +2 -2
package/dist/{chunk-HEHYGYOX.js → chunk-ROXMHMY2.js} +403 -46
package/dist/chunk-ROXMHMY2.js.map +1 -0
package/dist/{chunk-2UUZZJFT.js → chunk-ULHIJK66.js} +228 -177
package/dist/{chunk-2UUZZJFT.js.map → chunk-ULHIJK66.js.map} +1 -1
package/dist/{chunk-YGPFYGA6.js → chunk-VKB2CO4Z.js} +838 -503
package/dist/chunk-VKB2CO4Z.js.map +1 -0
package/dist/{chunk-3GOZZZYH.js → chunk-VRGWKHDB.js} +238 -301
package/dist/chunk-VRGWKHDB.js.map +1 -0
package/dist/{chunk-UCQSRW7Z.js → chunk-XNYQOL3Z.js} +431 -384
package/dist/chunk-XNYQOL3Z.js.map +1 -0
package/dist/{chunk-DDM4CCYT.js → chunk-XYXSXPUK.js} +79 -59
package/dist/chunk-XYXSXPUK.js.map +1 -0
package/dist/{chunk-SAUPYVLF.js → chunk-ZSAAAMVR.js} +1 -1
package/dist/chunk-ZSAAAMVR.js.map +1 -0
package/dist/components.d.ts +5 -6
package/dist/components.js +19 -19
package/dist/components.js.map +1 -1
package/dist/{database.generated-DI89OQeI.d.ts → database.generated-CzIvgcPu.d.ts} +165 -201
package/dist/eslint-rules/pace-core-compliance.cjs +0 -2
package/dist/{file-reference-D037xOFK.d.ts → file-reference-BavO2eQj.d.ts} +13 -10
package/dist/hooks.d.ts +20 -15
package/dist/hooks.js +14 -8
package/dist/hooks.js.map +1 -1
package/dist/index.d.ts +17 -15
package/dist/index.js +86 -81
package/dist/index.js.map +1 -1
package/dist/providers.d.ts +3 -3
package/dist/providers.js +3 -1
package/dist/rbac/index.d.ts +77 -13
package/dist/rbac/index.js +12 -9
package/dist/{types-Bwgl--Xo.d.ts → types-CEpcvwwF.d.ts} +1 -1
package/dist/types.d.ts +3 -3
package/dist/types.js +1 -1
package/dist/{usePublicRouteParams-CTDELQ7H.d.ts → usePublicRouteParams-TZe0gy-4.d.ts} +17 -10
package/dist/utils.d.ts +8 -8
package/dist/utils.js +16 -16
package/docs/README.md +2 -2
package/docs/api/classes/ColumnFactory.md +1 -1
package/docs/api/classes/ErrorBoundary.md +1 -1
package/docs/api/classes/InvalidScopeError.md +2 -2
package/docs/api/classes/Logger.md +1 -1
package/docs/api/classes/MissingUserContextError.md +2 -2
package/docs/api/classes/OrganisationContextRequiredError.md +1 -1
package/docs/api/classes/PermissionDeniedError.md +1 -1
package/docs/api/classes/RBACAuditManager.md +2 -2
package/docs/api/classes/RBACCache.md +1 -1
package/docs/api/classes/RBACEngine.md +5 -5
package/docs/api/classes/RBACError.md +1 -1
package/docs/api/classes/RBACNotInitializedError.md +2 -2
package/docs/api/classes/SecureSupabaseClient.md +25 -20
package/docs/api/classes/StorageUtils.md +7 -4
package/docs/api/enums/FileCategory.md +1 -1
package/docs/api/enums/LogLevel.md +1 -1
package/docs/api/enums/RBACErrorCode.md +1 -1
package/docs/api/enums/RPCFunction.md +1 -1
package/docs/api/interfaces/AddressFieldProps.md +1 -1
package/docs/api/interfaces/AddressFieldRef.md +1 -1
package/docs/api/interfaces/AggregateConfig.md +1 -1
package/docs/api/interfaces/AutocompleteOptions.md +1 -1
package/docs/api/interfaces/AvatarProps.md +1 -1
package/docs/api/interfaces/BadgeProps.md +1 -1
package/docs/api/interfaces/ButtonProps.md +1 -1
package/docs/api/interfaces/CalendarProps.md +20 -6
package/docs/api/interfaces/CardProps.md +1 -1
package/docs/api/interfaces/ColorPalette.md +1 -1
package/docs/api/interfaces/ColorShade.md +1 -1
package/docs/api/interfaces/ComplianceResult.md +1 -1
package/docs/api/interfaces/DataAccessRecord.md +9 -9
package/docs/api/interfaces/DataRecord.md +1 -1
package/docs/api/interfaces/DataTableAction.md +1 -1
package/docs/api/interfaces/DataTableColumn.md +1 -1
package/docs/api/interfaces/DataTableProps.md +1 -1
package/docs/api/interfaces/DataTableToolbarButton.md +1 -1
package/docs/api/interfaces/DatabaseComplianceResult.md +1 -1
package/docs/api/interfaces/DatabaseIssue.md +1 -1
package/docs/api/interfaces/EmptyStateConfig.md +1 -1
package/docs/api/interfaces/EnhancedNavigationMenuProps.md +1 -1
package/docs/api/interfaces/EventAppRoleData.md +1 -1
package/docs/api/interfaces/ExportColumn.md +1 -1
package/docs/api/interfaces/ExportOptions.md +1 -1
package/docs/api/interfaces/FileDisplayProps.md +62 -16
package/docs/api/interfaces/FileMetadata.md +1 -1
package/docs/api/interfaces/FileReference.md +2 -2
package/docs/api/interfaces/FileSizeLimits.md +1 -1
package/docs/api/interfaces/FileUploadOptions.md +26 -12
package/docs/api/interfaces/FileUploadProps.md +30 -19
package/docs/api/interfaces/FooterProps.md +1 -1
package/docs/api/interfaces/FormFieldProps.md +1 -1
package/docs/api/interfaces/FormProps.md +1 -1
package/docs/api/interfaces/GrantEventAppRoleParams.md +1 -1
package/docs/api/interfaces/InactivityWarningModalProps.md +1 -1
package/docs/api/interfaces/InputProps.md +1 -1
package/docs/api/interfaces/LabelProps.md +1 -1
package/docs/api/interfaces/LoggerConfig.md +1 -1
package/docs/api/interfaces/LoginFormProps.md +1 -1
package/docs/api/interfaces/NavigationAccessRecord.md +10 -10
package/docs/api/interfaces/NavigationContextType.md +9 -9
package/docs/api/interfaces/NavigationGuardProps.md +1 -1
package/docs/api/interfaces/NavigationItem.md +1 -1
package/docs/api/interfaces/NavigationMenuProps.md +1 -1
package/docs/api/interfaces/NavigationProviderProps.md +7 -7
package/docs/api/interfaces/Organisation.md +1 -1
package/docs/api/interfaces/OrganisationContextType.md +1 -1
package/docs/api/interfaces/OrganisationMembership.md +1 -1
package/docs/api/interfaces/OrganisationProviderProps.md +1 -1
package/docs/api/interfaces/OrganisationSecurityError.md +1 -1
package/docs/api/interfaces/PaceAppLayoutProps.md +1 -1
package/docs/api/interfaces/PaceLoginPageProps.md +1 -1
package/docs/api/interfaces/PageAccessRecord.md +8 -8
package/docs/api/interfaces/PagePermissionContextType.md +8 -8
package/docs/api/interfaces/PagePermissionGuardProps.md +1 -1
package/docs/api/interfaces/PagePermissionProviderProps.md +7 -7
package/docs/api/interfaces/PaletteData.md +1 -1
package/docs/api/interfaces/ParsedAddress.md +2 -2
package/docs/api/interfaces/PermissionEnforcerProps.md +1 -1
package/docs/api/interfaces/ProgressProps.md +3 -11
package/docs/api/interfaces/ProtectedRouteProps.md +1 -1
package/docs/api/interfaces/PublicPageFooterProps.md +1 -1
package/docs/api/interfaces/PublicPageHeaderProps.md +1 -1
package/docs/api/interfaces/PublicPageLayoutProps.md +1 -1
package/docs/api/interfaces/QuickFix.md +1 -1
package/docs/api/interfaces/RBACAccessValidateParams.md +1 -1
package/docs/api/interfaces/RBACAccessValidateResult.md +1 -1
package/docs/api/interfaces/RBACAuditLogParams.md +1 -1
package/docs/api/interfaces/RBACAuditLogResult.md +1 -1
package/docs/api/interfaces/RBACConfig.md +2 -2
package/docs/api/interfaces/RBACContext.md +1 -1
package/docs/api/interfaces/RBACLogger.md +1 -1
package/docs/api/interfaces/RBACPageAccessCheckParams.md +1 -1
package/docs/api/interfaces/RBACPerformanceMetrics.md +1 -1
package/docs/api/interfaces/RBACPermissionCheckParams.md +1 -1
package/docs/api/interfaces/RBACPermissionCheckResult.md +1 -1
package/docs/api/interfaces/RBACPermissionsGetParams.md +1 -1
package/docs/api/interfaces/RBACPermissionsGetResult.md +1 -1
package/docs/api/interfaces/RBACResult.md +1 -1
package/docs/api/interfaces/RBACRoleGrantParams.md +1 -1
package/docs/api/interfaces/RBACRoleGrantResult.md +1 -1
package/docs/api/interfaces/RBACRoleRevokeParams.md +1 -1
package/docs/api/interfaces/RBACRoleRevokeResult.md +1 -1
package/docs/api/interfaces/RBACRoleValidateParams.md +1 -1
package/docs/api/interfaces/RBACRoleValidateResult.md +1 -1
package/docs/api/interfaces/RBACRolesListParams.md +1 -1
package/docs/api/interfaces/RBACRolesListResult.md +1 -1
package/docs/api/interfaces/RBACSessionTrackParams.md +1 -1
package/docs/api/interfaces/RBACSessionTrackResult.md +1 -1
package/docs/api/interfaces/ResourcePermissions.md +1 -1
package/docs/api/interfaces/RevokeEventAppRoleParams.md +1 -1
package/docs/api/interfaces/RoleBasedRouterContextType.md +8 -8
package/docs/api/interfaces/RoleBasedRouterProps.md +10 -10
package/docs/api/interfaces/RoleManagementResult.md +1 -1
package/docs/api/interfaces/RouteAccessRecord.md +10 -10
package/docs/api/interfaces/RouteConfig.md +10 -10
package/docs/api/interfaces/RuntimeComplianceResult.md +1 -1
package/docs/api/interfaces/SecureDataContextType.md +9 -9
package/docs/api/interfaces/SecureDataProviderProps.md +8 -8
package/docs/api/interfaces/SessionRestorationLoaderProps.md +1 -1
package/docs/api/interfaces/SetupIssue.md +1 -1
package/docs/api/interfaces/StorageConfig.md +4 -4
package/docs/api/interfaces/StorageFileInfo.md +7 -7
package/docs/api/interfaces/StorageFileMetadata.md +25 -14
package/docs/api/interfaces/StorageListOptions.md +22 -9
package/docs/api/interfaces/StorageListResult.md +4 -4
package/docs/api/interfaces/StorageUploadOptions.md +21 -8
package/docs/api/interfaces/StorageUploadResult.md +6 -6
package/docs/api/interfaces/StorageUrlOptions.md +19 -6
package/docs/api/interfaces/StyleImport.md +1 -1
package/docs/api/interfaces/SwitchProps.md +1 -1
package/docs/api/interfaces/TabsContentProps.md +1 -1
package/docs/api/interfaces/TabsListProps.md +1 -1
package/docs/api/interfaces/TabsProps.md +1 -1
package/docs/api/interfaces/TabsTriggerProps.md +1 -1
package/docs/api/interfaces/TextareaProps.md +1 -1
package/docs/api/interfaces/ToastActionElement.md +1 -1
package/docs/api/interfaces/ToastProps.md +1 -1
package/docs/api/interfaces/UnifiedAuthContextType.md +53 -53
package/docs/api/interfaces/UnifiedAuthProviderProps.md +13 -13
package/docs/api/interfaces/UseFormDialogOptions.md +1 -1
package/docs/api/interfaces/UseFormDialogReturn.md +1 -1
package/docs/api/interfaces/UseInactivityTrackerOptions.md +1 -1
package/docs/api/interfaces/UseInactivityTrackerReturn.md +1 -1
package/docs/api/interfaces/UsePublicEventLogoOptions.md +2 -2
package/docs/api/interfaces/UsePublicEventLogoReturn.md +1 -1
package/docs/api/interfaces/UsePublicEventOptions.md +1 -1
package/docs/api/interfaces/UsePublicEventReturn.md +1 -1
package/docs/api/interfaces/UsePublicFileDisplayOptions.md +2 -2
package/docs/api/interfaces/UsePublicFileDisplayReturn.md +1 -1
package/docs/api/interfaces/UsePublicRouteParamsReturn.md +1 -1
package/docs/api/interfaces/UseResolvedScopeOptions.md +5 -5
package/docs/api/interfaces/UseResolvedScopeReturn.md +4 -4
package/docs/api/interfaces/UseResourcePermissionsOptions.md +1 -1
package/docs/api/interfaces/UserEventAccess.md +11 -11
package/docs/api/interfaces/UserMenuProps.md +1 -1
package/docs/api/interfaces/UserProfile.md +1 -1
package/docs/api/modules.md +165 -106
package/docs/api-reference/components.md +15 -7
package/docs/api-reference/providers.md +2 -2
package/docs/api-reference/rpc-functions.md +1 -0
package/docs/best-practices/README.md +1 -1
package/docs/best-practices/deployment.md +8 -8
package/docs/getting-started/examples/README.md +2 -2
package/docs/getting-started/installation-guide.md +4 -4
package/docs/getting-started/quick-start.md +3 -3
package/docs/migration/MIGRATION_GUIDE.md +3 -3
package/docs/migration/README.md +18 -0
package/docs/migration/database-changes-december-2025.md +767 -0
package/docs/migration/person-scoped-profiles-migration-guide.md +472 -0
package/docs/rbac/compliance/compliance-guide.md +2 -2
package/docs/rbac/event-based-apps.md +2 -2
package/docs/rbac/getting-started.md +2 -2
package/docs/rbac/quick-start.md +2 -2
package/docs/security/README.md +4 -4
package/docs/standards/07-rbac-and-rls-standard.md +430 -7
package/docs/troubleshooting/README.md +2 -2
package/docs/troubleshooting/migration.md +3 -3
package/package.json +1 -3
package/scripts/check-pace-core-compliance.cjs +1 -1
package/scripts/check-pace-core-compliance.js +1 -1
package/src/__tests__/fixtures/supabase.ts +301 -0
package/src/__tests__/public-recipe-view.test.ts +19 -19
package/src/__tests__/rls-policies.test.ts +210 -74
package/src/components/AddressField/AddressField.test.tsx +42 -0
package/src/components/AddressField/AddressField.tsx +71 -60
package/src/components/AddressField/README.md +7 -6
package/src/components/Alert/Alert.test.tsx +50 -10
package/src/components/Alert/Alert.tsx +5 -3
package/src/components/Avatar/Avatar.test.tsx +95 -43
package/src/components/Avatar/Avatar.tsx +16 -16
package/src/components/Button/Button.test.tsx +2 -1
package/src/components/Button/Button.tsx +3 -3
package/src/components/Calendar/Calendar.test.tsx +53 -37
package/src/components/Calendar/Calendar.tsx +409 -82
package/src/components/Card/Card.test.tsx +7 -4
package/src/components/Card/Card.tsx +3 -6
package/src/components/Checkbox/Checkbox.tsx +2 -2
package/src/components/DataTable/components/ActionButtons.tsx +5 -5
package/src/components/DataTable/components/BulkOperationsDropdown.tsx +2 -2
package/src/components/DataTable/components/ColumnFilter.tsx +1 -1
package/src/components/DataTable/components/ColumnVisibilityDropdown.tsx +3 -3
package/src/components/DataTable/components/DataTableBody.tsx +12 -12
package/src/components/DataTable/components/DataTableCore.tsx +3 -3
package/src/components/DataTable/components/DataTableToolbar.tsx +5 -5
package/src/components/DataTable/components/DraggableColumnHeader.tsx +3 -3
package/src/components/DataTable/components/EditableRow.tsx +2 -2
package/src/components/DataTable/components/EmptyState.tsx +3 -3
package/src/components/DataTable/components/GroupHeader.tsx +2 -2
package/src/components/DataTable/components/GroupingDropdown.tsx +1 -1
package/src/components/DataTable/components/ImportModal.tsx +4 -4
package/src/components/DataTable/components/LoadingState.tsx +1 -1
package/src/components/DataTable/components/PaginationControls.tsx +11 -11
package/src/components/DataTable/components/UnifiedTableBody.tsx +9 -9
package/src/components/DataTable/components/ViewRowModal.tsx +2 -2
package/src/components/DataTable/components/__tests__/AccessDeniedPage.test.tsx +11 -37
package/src/components/DataTable/components/__tests__/DataTableToolbar.test.tsx +157 -0
package/src/components/DataTable/components/__tests__/LoadingState.test.tsx +2 -1
package/src/components/DataTable/components/__tests__/VirtualizedDataTable.test.tsx +128 -0
package/src/components/DataTable/core/__tests__/ActionManager.test.ts +19 -0
package/src/components/DataTable/core/__tests__/ColumnFactory.test.ts +51 -0
package/src/components/DataTable/core/__tests__/ColumnManager.test.ts +84 -0
package/src/components/DataTable/core/__tests__/DataManager.test.ts +14 -0
package/src/components/DataTable/core/__tests__/DataTableContext.test.tsx +136 -0
package/src/components/DataTable/core/__tests__/LocalDataAdapter.test.ts +16 -0
package/src/components/DataTable/core/__tests__/PluginRegistry.test.ts +18 -0
package/src/components/DataTable/hooks/useDataTablePermissions.ts +28 -7
package/src/components/DataTable/utils/__tests__/hierarchicalUtils.test.ts +30 -1
package/src/components/DataTable/utils/hierarchicalUtils.ts +38 -10
package/src/components/DatePickerWithTimezone/DatePickerWithTimezone.test.tsx +8 -3
package/src/components/DatePickerWithTimezone/DatePickerWithTimezone.tsx +4 -4
package/src/components/Dialog/Dialog.tsx +2 -2
package/src/components/EventSelector/EventSelector.tsx +7 -7
package/src/components/FileDisplay/FileDisplay.tsx +291 -179
package/src/components/FileUpload/FileUpload.tsx +7 -4
package/src/components/Header/Header.test.tsx +28 -0
package/src/components/Header/Header.tsx +22 -9
package/src/components/InactivityWarningModal/InactivityWarningModal.tsx +2 -2
package/src/components/LoadingSpinner/LoadingSpinner.test.tsx +19 -14
package/src/components/LoadingSpinner/LoadingSpinner.tsx +5 -5
package/src/components/NavigationMenu/NavigationMenu.test.tsx +127 -1
package/src/components/OrganisationSelector/OrganisationSelector.tsx +42 -22
package/src/components/PaceAppLayout/PaceAppLayout.integration.test.tsx +4 -0
package/src/components/PaceAppLayout/PaceAppLayout.performance.test.tsx +3 -0
package/src/components/PaceAppLayout/PaceAppLayout.security.test.tsx +3 -0
package/src/components/PaceAppLayout/PaceAppLayout.test.tsx +16 -6
package/src/components/PaceAppLayout/PaceAppLayout.tsx +37 -3
package/src/components/PaceAppLayout/test-setup.tsx +1 -0
package/src/components/PaceLoginPage/PaceLoginPage.test.tsx +66 -45
package/src/components/PaceLoginPage/PaceLoginPage.tsx +6 -4
package/src/components/Progress/Progress.test.tsx +18 -19
package/src/components/Progress/Progress.tsx +31 -32
package/src/components/PublicLayout/PublicLayout.test.tsx +6 -6
package/src/components/PublicLayout/PublicPageProvider.tsx +5 -3
package/src/components/Select/Select.test.tsx +4 -1
package/src/components/Select/Select.tsx +65 -20
package/src/components/Switch/Switch.test.tsx +2 -1
package/src/components/Switch/Switch.tsx +1 -1
package/src/components/Toast/Toast.tsx +1 -1
package/src/components/Tooltip/Tooltip.test.tsx +8 -2
package/src/components/UserMenu/UserMenu.tsx +3 -3
package/src/eslint-rules/pace-core-compliance.cjs +0 -2
package/src/eslint-rules/pace-core-compliance.js +0 -2
package/src/hooks/__tests__/hooks.integration.test.tsx +4 -1
package/src/hooks/__tests__/useAppConfig.unit.test.ts +76 -5
package/src/hooks/__tests__/useDataTableState.test.ts +76 -0
package/src/hooks/__tests__/useFileUrl.unit.test.ts +25 -69
package/src/hooks/__tests__/useFileUrlCache.test.ts +129 -0
package/src/hooks/__tests__/usePreventTabReload.test.ts +88 -0
package/src/hooks/__tests__/usePublicEvent.simple.test.ts +1 -1
package/src/hooks/__tests__/usePublicEvent.test.ts +608 -0
package/src/hooks/__tests__/useQueryCache.test.ts +144 -0
package/src/hooks/__tests__/useSecureDataAccess.unit.test.tsx +67 -24
package/src/hooks/index.ts +1 -1
package/src/hooks/public/usePublicEvent.ts +10 -10
package/src/hooks/public/usePublicFileDisplay.ts +173 -87
package/src/hooks/useAppConfig.ts +24 -5
package/src/hooks/useFileDisplay.ts +298 -36
package/src/hooks/useFileReference.ts +56 -11
package/src/hooks/useFileUrl.ts +1 -1
package/src/hooks/useInactivityTracker.ts +16 -7
package/src/hooks/usePermissionCache.test.ts +85 -8
package/src/hooks/useQueryCache.ts +27 -6
package/src/hooks/useSecureDataAccess.test.ts +87 -42
package/src/hooks/useSecureDataAccess.ts +95 -48
package/src/providers/__tests__/OrganisationProvider.test.tsx +27 -21
package/src/providers/services/EventServiceProvider.tsx +37 -17
package/src/providers/services/InactivityServiceProvider.tsx +4 -4
package/src/providers/services/OrganisationServiceProvider.tsx +8 -1
package/src/providers/services/UnifiedAuthProvider.tsx +115 -29
package/src/rbac/__tests__/auth-rbac.e2e.test.tsx +451 -0
package/src/rbac/__tests__/engine.comprehensive.test.ts +12 -0
package/src/rbac/__tests__/rbac-engine-core-logic.test.ts +8 -0
package/src/rbac/__tests__/rbac-engine-simplified.test.ts +4 -0
package/src/rbac/api.ts +240 -36
package/src/rbac/cache-invalidation.ts +21 -7
package/src/rbac/compliance/quick-fix-suggestions.ts +1 -1
package/src/rbac/components/NavigationGuard.tsx +23 -63
package/src/rbac/components/NavigationProvider.test.tsx +52 -23
package/src/rbac/components/NavigationProvider.tsx +13 -11
package/src/rbac/components/PagePermissionGuard.tsx +77 -203
package/src/rbac/components/PagePermissionProvider.tsx +13 -11
package/src/rbac/components/PermissionEnforcer.tsx +24 -62
package/src/rbac/components/RoleBasedRouter.tsx +14 -12
package/src/rbac/components/SecureDataProvider.tsx +13 -11
package/src/rbac/components/__tests__/NavigationGuard.test.tsx +104 -41
package/src/rbac/components/__tests__/NavigationProvider.test.tsx +49 -12
package/src/rbac/components/__tests__/PagePermissionGuard.race-condition.test.tsx +22 -1
package/src/rbac/components/__tests__/PagePermissionGuard.test.tsx +161 -82
package/src/rbac/components/__tests__/PagePermissionGuard.verification.test.tsx +22 -1
package/src/rbac/components/__tests__/PermissionEnforcer.test.tsx +77 -30
package/src/rbac/components/__tests__/RoleBasedRouter.test.tsx +39 -5
package/src/rbac/components/__tests__/SecureDataProvider.test.tsx +47 -4
package/src/rbac/engine.ts +4 -2
package/src/rbac/hooks/__tests__/useSecureSupabase.test.ts +144 -52
package/src/rbac/hooks/index.ts +3 -0
package/src/rbac/hooks/useCan.test.ts +101 -53
package/src/rbac/hooks/usePermissions.ts +108 -41
package/src/rbac/hooks/useRBAC.test.ts +11 -3
package/src/rbac/hooks/useRBAC.ts +83 -40
package/src/rbac/hooks/useResolvedScope.test.ts +189 -63
package/src/rbac/hooks/useResolvedScope.ts +128 -70
package/src/rbac/hooks/useSecureSupabase.ts +36 -19
package/src/rbac/hooks/useSuperAdminBypass.ts +126 -0
package/src/rbac/request-deduplication.ts +1 -1
package/src/rbac/secureClient.ts +72 -12
package/src/rbac/security.ts +29 -23
package/src/rbac/types.ts +10 -0
package/src/rbac/utils/__tests__/contextValidator.test.ts +150 -0
package/src/rbac/utils/__tests__/deep-equal.test.ts +53 -0
package/src/rbac/utils/__tests__/eventContext.test.ts +8 -3
package/src/rbac/utils/__tests__/eventContext.unit.test.ts +74 -12
package/src/rbac/utils/contextValidator.ts +288 -0
package/src/rbac/utils/eventContext.ts +52 -3
package/src/services/AuthService.ts +37 -8
package/src/services/EventService.ts +165 -21
package/src/services/OrganisationService.ts +125 -137
package/src/services/__tests__/EventService.test.ts +26 -21
package/src/services/__tests__/OrganisationService.pagination.test.ts +34 -8
package/src/services/__tests__/OrganisationService.test.ts +218 -86
package/src/types/database.generated.ts +166 -201
package/src/types/file-reference.ts +13 -10
package/src/types/supabase.ts +2 -2
package/src/utils/__tests__/secureDataAccess.unit.test.ts +3 -2
package/src/utils/app/appNameResolver.test.ts +346 -73
package/src/utils/context/superAdminOverride.ts +58 -0
package/src/utils/file-reference/index.ts +65 -37
package/src/utils/google-places/googlePlacesUtils.test.ts +98 -0
package/src/utils/google-places/googlePlacesUtils.ts +1 -1
package/src/utils/google-places/loadGoogleMapsScript.test.ts +83 -0
package/src/utils/google-places/types.ts +1 -1
package/src/utils/request-deduplication.ts +4 -4
package/src/utils/security/secureDataAccess.test.ts +1 -1
package/src/utils/security/secureDataAccess.ts +7 -4
package/src/utils/storage/README.md +1 -1
package/src/utils/storage/helpers.test.ts +1 -1
package/src/utils/storage/helpers.ts +38 -19
package/src/utils/storage/types.ts +15 -8
package/src/utils/validation/__tests__/csrf.test.ts +105 -0
package/src/utils/validation/__tests__/sqlInjectionProtection.test.ts +92 -0
package/src/vite-env.d.ts +2 -2
package/dist/chunk-3GOZZZYH.js.map +0 -1
package/dist/chunk-DDM4CCYT.js.map +0 -1
package/dist/chunk-E7UAOUMY.js +0 -75
package/dist/chunk-E7UAOUMY.js.map +0 -1
package/dist/chunk-F2IMUDXZ.js.map +0 -1
package/dist/chunk-HEHYGYOX.js.map +0 -1
package/dist/chunk-IM4QE42D.js.map +0 -1
package/dist/chunk-MX64ZF6I.js.map +0 -1
package/dist/chunk-SAUPYVLF.js.map +0 -1
package/dist/chunk-THRPYOFK.js.map +0 -1
package/dist/chunk-UCQSRW7Z.js.map +0 -1
package/dist/chunk-VGZZXKBR.js.map +0 -1
package/dist/chunk-YGPFYGA6.js.map +0 -1
package/dist/chunk-YHCN776L.js.map +0 -1
/package/dist/{DataTable-GUFUNZ3N.js.map → DataTable-WKRZD47S.js.map} +0 -0
/package/dist/{UnifiedAuthProvider-643PUAIM.js.map → UnifiedAuthProvider-FTSG5XH7.js.map} +0 -0
/package/dist/{api-YP7XD5L6.js.map → api-IHKALJZD.js.map} +0 -0
/package/dist/{chunk-HESYZWZW.js.map → chunk-QWWZ5CAQ.js.map} +0 -0

package/dist/{chunk-VGZZXKBR.js → chunk-6LTQQAT6.js} RENAMED Viewed

@@ -1,3 +1,7 @@
+import {
+  getAppConfigByName,
+  isSuperAdmin
+} from "./chunk-ROXMHMY2.js";
 import {
   assertOrganisationId,
   assertUserId
@@ -315,6 +319,8 @@ var AuthService = class extends BaseService {
   // Lifecycle methods
   async initialize() {
     await super.initialize();
+    this.authLoading = true;
+    this.notify();
     await this.setupAuthStateListener();
     await this.restoreSession();
   }
@@ -420,13 +426,15 @@ var AuthService = class extends BaseService {
                 const hasTimeoutError = this.sessionRestorationState.restorationError?.name === "SessionRestorationTimeoutError";
                 if (this.sessionRestorationState.isRestoring || this.sessionRestorationState.restorationError || hasTimeoutError && session) {
                   this.finishSessionRestoration();
-                  return;
+                }
+              } else {
+                if (this.sessionRestorationState.isRestoring) {
+                  this.finishSessionRestoration();
                 }
               }
-              if (this.sessionRestorationState.isRestoring) {
-                this.finishSessionRestoration();
-                return;
-              }
+              this.authLoading = false;
+              this.notify();
+              return;
             }
             this.authLoading = false;
             this.notify();
@@ -487,7 +495,12 @@ var AuthService = class extends BaseService {
         this.user = null;
         this.authError = null;
       }
-      this.finishSessionRestoration();
+      setTimeout(() => {
+        if (this.sessionRestorationState.isRestoring && !this.sessionRestorationState.restorationComplete) {
+          logger.debug("AuthService", "INITIAL_SESSION event did not fire, finishing restoration");
+          this.finishSessionRestoration();
+        }
+      }, 100);
     } catch (error) {
       const restorationError = error instanceof Error ? error : new Error("Unknown error during auth initialization");
       logger.error("AuthService", "Error during auth initialization:", restorationError);
@@ -653,6 +666,17 @@ var OrganisationService = class extends BaseService {
   }
   // Additional methods for testing
   setSelectedOrganisation(organisation) {
+    if (organisation && this._organisations.length > 0) {
+      const isValidOrg = this._organisations.some((org) => org.id === organisation.id);
+      if (!isValidOrg) {
+        logger.warn("OrganisationService", "Attempted to set invalid organisation - not in user's accessible organisations", {
+          organisationId: organisation.id,
+          organisationName: organisation.name,
+          accessibleOrgIds: this._organisations.map((o) => o.id)
+        });
+        return;
+      }
+    }
     this._selectedOrganisation = organisation;
     if (organisation) {
       localStorage.setItem("pace-core-selected-organisation", JSON.stringify(organisation));
@@ -844,118 +868,80 @@ var OrganisationService = class extends BaseService {
     this._error = null;
     this.notify();
     try {
-      let memberships, membershipError;
+      let memberships, membershipError, organisations = [];
       try {
-        const timeoutPromise = new Promise((_, reject) => {
-          const timeoutId = setTimeout(() => reject(new Error("RPC call timeout after 10 seconds")), 1e4);
-          abortSignal.addEventListener("abort", () => {
-            clearTimeout(timeoutId);
-            reject(new Error("Request aborted"));
-          });
-        });
-        const rpcPromise = this.supabaseClient.rpc("data_user_organisation_roles_get", {
-          p_user_id: this.user.id,
-          p_organisation_id: null
-        });
         if (abortSignal.aborted) {
           throw new Error("Request aborted");
         }
-        const result = await Promise.race([rpcPromise, timeoutPromise]);
-        memberships = result.data?.filter(
-          (role) => ["org_admin", "leader", "member", "supporter"].includes(role.role)
-        ).map((m) => ({
+        const { data: rolesData, error: rolesError } = await this.supabaseClient.from("rbac_organisation_roles").select(`
+            id,
+            user_id,
+            organisation_id,
+            role,
+            status,
+            granted_at,
+            granted_by,
+            revoked_at,
+            revoked_by,
+            notes,
+            created_at,
+            updated_at,
+            core_organisations!inner(
+              id,
+              name,
+              display_name,
+              subscription_tier,
+              settings,
+              is_active,
+              parent_id,
+              created_at,
+              updated_at
+            )
+          `).eq("user_id", this.user.id).eq("status", "active").is("revoked_at", null);
+        if (rolesError) {
+          logger.error("OrganisationService", "Error loading organisation roles:", rolesError);
+          throw rolesError;
+        }
+        memberships = rolesData?.map((m) => ({
           ...m,
           user_id: assertUserId(m.user_id),
           organisation_id: assertOrganisationId(m.organisation_id)
         })) || [];
-        membershipError = result.error;
-      } catch (queryError) {
-        membershipError = queryError instanceof Error ? queryError : new Error(String(queryError));
-      }
-      if (membershipError) {
-        logger.error("OrganisationService", "Error loading memberships:", membershipError);
-        if (membershipError.message?.includes("timeout")) {
-          try {
-            if (abortSignal.aborted) {
-              throw new Error("Request aborted");
-            }
-            const { data: fallbackData, error: fallbackError } = await this.supabaseClient.from("rbac_organisation_roles").select(`
-                id,
-                user_id,
-                organisation_id,
-                role,
-                status,
-                granted_at,
-                granted_by,
-                revoked_at,
-                revoked_by,
-                notes,
-                created_at,
-                updated_at,
-                organisations!inner(
-                  id,
-                  name,
-                  display_name,
-                  subscription_tier,
-                  settings,
-                  is_active,
-                  parent_id,
-                  created_at,
-                  updated_at
-                )
-              `).eq("user_id", this.user.id).eq("status", "active").is("revoked_at", null).in("role", ["org_admin", "leader", "member", "supporter"]);
-            if (fallbackError) {
-              logger.error("OrganisationService", "Fallback query also failed:", fallbackError);
-              throw membershipError;
-            }
-            memberships = fallbackData?.map((m) => ({
-              ...m,
-              user_id: assertUserId(m.user_id),
-              organisation_id: assertOrganisationId(m.organisation_id)
-            })) || [];
-            membershipError = null;
-          } catch (fallbackErr) {
-            logger.error("OrganisationService", "Fallback query failed:", fallbackErr);
-            throw membershipError;
+        const organisationsMap = /* @__PURE__ */ new Map();
+        rolesData?.forEach((role) => {
+          const orgData = role.core_organisations;
+          if (orgData && role.organisation_id && !organisationsMap.has(role.organisation_id)) {
+            organisationsMap.set(role.organisation_id, {
+              id: orgData.id,
+              name: orgData.name,
+              display_name: orgData.display_name,
+              subscription_tier: orgData.subscription_tier,
+              settings: orgData.settings,
+              is_active: orgData.is_active,
+              parent_id: orgData.parent_id,
+              created_at: orgData.created_at,
+              updated_at: orgData.updated_at
+            });
           }
+        });
+        organisations = Array.from(organisationsMap.values());
+      } catch (queryError) {
+        if (queryError instanceof Error) {
+          membershipError = queryError;
+        } else if (queryError && typeof queryError === "object" && "message" in queryError) {
+          membershipError = new Error(String(queryError.message));
         } else {
-          throw membershipError;
+          membershipError = new Error(String(queryError));
         }
+        logger.error("OrganisationService", "Error loading organisation roles:", membershipError);
+        throw membershipError;
       }
       if (!memberships || memberships.length === 0) {
         throw new Error("User has no active organisation memberships");
       }
-      const organisationIds = memberships.map((m) => m.organisation_id).filter((id) => {
-        if (!id || typeof id !== "string") {
-          logger.warn("OrganisationService", "Invalid organisation ID (not string):", id);
-          return false;
-        }
-        const trimmedId = id.trim();
-        if (trimmedId === "") {
-          logger.warn("OrganisationService", "Empty organisation ID found");
-          return false;
-        }
-        const isValidUuid = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i.test(trimmedId);
-        if (!isValidUuid) {
-          logger.warn("OrganisationService", "Invalid UUID format:", trimmedId);
-        }
-        return isValidUuid;
-      });
-      if (organisationIds.length === 0) {
-        logger.warn("OrganisationService", "No valid organisation IDs found in memberships:", memberships);
-        throw new Error("No valid organisation IDs found in memberships");
-      }
-      if (abortSignal.aborted) {
-        throw new Error("Request aborted");
-      }
-      const { data: allOrganisations, error: orgError } = await this.supabaseClient.from("organisations").select("id, name, display_name, subscription_tier, settings, is_active, parent_id, created_at, updated_at");
-      if (orgError) {
-        logger.error("OrganisationService", "Error loading organisations:", orgError);
-        throw orgError;
+      if (!organisations || organisations.length === 0) {
+        throw new Error("No organisations found in role data");
       }
-      const organisations = allOrganisations?.filter(
-        (org) => organisationIds.includes(org.id)
-      ) || [];
       const roleMap = /* @__PURE__ */ new Map();
       memberships?.forEach((membership) => {
         roleMap.set(membership.organisation_id, membership.role);
@@ -980,16 +966,13 @@ var OrganisationService = class extends BaseService {
               initialOrg = validPersistedOrg;
               selectionMethod = "persisted";
             } else {
-              logger.warn("OrganisationService", "Persisted organisation not found in active orgs, clearing cache");
               localStorage.removeItem("pace-core-selected-organisation");
             }
           } else {
-            logger.warn("OrganisationService", "Invalid persisted organisation ID, clearing cache");
             localStorage.removeItem("pace-core-selected-organisation");
           }
         }
       } catch (storageError) {
-        logger.warn("OrganisationService", "Failed to restore persisted organisation:", storageError);
         localStorage.removeItem("pace-core-selected-organisation");
       }
       if (!initialOrg) {
@@ -1009,17 +992,29 @@ var OrganisationService = class extends BaseService {
       if (!initialOrg) {
         throw new Error("No valid organisation found for user");
       }
+      const currentSelectedOrg = this._selectedOrganisation;
+      if (currentSelectedOrg && !activeOrgs.some((org) => org.id === currentSelectedOrg.id)) {
+        logger.warn("OrganisationService", "Current selected organisation is no longer valid, resetting", {
+          invalidOrgId: currentSelectedOrg.id,
+          validOrgIds: activeOrgs.map((o) => o.id)
+        });
+        this._selectedOrganisation = null;
+      }
       this._selectedOrganisation = initialOrg;
       localStorage.setItem("pace-core-selected-organisation", JSON.stringify(initialOrg));
       await this.setDatabaseOrganisationContext(initialOrg);
       this.retryCount = 0;
       this.hasFailedRef = false;
     } catch (err) {
-      logger.error("OrganisationService", "Failed to load organisations:", err);
-      this._error = err;
+      const error = err;
+      if (error.message !== "User has no access to active organisations") {
+        logger.error("OrganisationService", "Failed to load organisations:", err);
+      }
+      this._error = error;
       this.retryCount = this.retryCount + 1;
       this.hasFailedRef = true;
       this.clearAllCachedData();
+      this._isContextReady = true;
     } finally {
       this.isLoadingRef = false;
       this._isLoading = false;
@@ -1058,7 +1053,12 @@ function OrganisationServiceProvider({
     let isMounted = true;
     organisationService.initialize().catch((error) => {
       if (isMounted) {
-        logger.error("OrganisationServiceProvider", "Failed to initialize organisation service:", error);
+        const errorMessage = error instanceof Error ? error.message : String(error);
+        if (errorMessage === "User has no access to active organisations") {
+          logger.warn("OrganisationServiceProvider", "User has no active organisations (this is expected for users without organisation access):", error);
+        } else {
+          logger.error("OrganisationServiceProvider", "Failed to initialize organisation service:", error);
+        }
       }
     });
     return () => {
@@ -1095,6 +1095,10 @@ var EventService = class extends BaseService {
     this.appName = "";
     this.selectedOrganisation = null;
     this.setSelectedEventId = null;
+    this.isSuperAdmin = false;
+    // Track super admin status for conditional validation
+    this.appConfig = null;
+    // Cache app config to avoid repeated lookups
     // Internal state management
     this.isInitializedRef = false;
     this.isFetchingRef = false;
@@ -1120,6 +1124,7 @@ var EventService = class extends BaseService {
     const newOrgId = selectedOrganisation?.id;
     const previousUserId = this.user?.id || null;
     const newUserId = user?.id || null;
+    const previousAppName = this.appName;
     if (previousUserId !== newUserId) {
       if (previousUserId !== null) {
         await this.clearEventSelectionForUser(previousUserId);
@@ -1128,6 +1133,9 @@ var EventService = class extends BaseService {
         this.selectedEvent = null;
         this.setSelectedEventId?.(null);
       }
+      this.resetInitialization();
+      this.isInitializedRef = false;
+      this.isFetchingRef = false;
     }
     this.supabaseClient = supabaseClient;
     this.user = user;
@@ -1135,6 +1143,23 @@ var EventService = class extends BaseService {
     this.appName = appName;
     this.selectedOrganisation = selectedOrganisation;
     this.setSelectedEventId = setSelectedEventId;
+    if (previousAppName !== appName) {
+      this.appConfig = null;
+    }
+    if (user?.id) {
+      try {
+        this.isSuperAdmin = await isSuperAdmin(user.id);
+        logger.debug("EventService", "Updated super admin status", {
+          userId: user.id,
+          isSuperAdmin: this.isSuperAdmin
+        });
+      } catch (error) {
+        logger.warn("EventService", "Failed to check super admin status", { error });
+        this.isSuperAdmin = false;
+      }
+    } else {
+      this.isSuperAdmin = false;
+    }
     if (previousOrgId !== newOrgId) {
       this.resetInitialization();
       this.isInitializedRef = false;
@@ -1165,18 +1190,6 @@ var EventService = class extends BaseService {
   // Event methods
   setSelectedEvent(event) {
     if (event) {
-      try {
-        if (this.selectedOrganisation && event.organisation_id !== this.selectedOrganisation.id) {
-          logger.error("EventService", "Event organisation_id does not match selected organisation", {
-            eventOrganisationId: event.organisation_id,
-            selectedOrganisationId: this.selectedOrganisation.id,
-            eventName: event.event_name
-          });
-          return;
-        }
-      } catch (error) {
-        logger.error("EventService", "Error during event validation:", error);
-      }
       this.selectedEvent = event;
       this.setSelectedEventId?.(event.event_id);
       this.persistEventSelection(event.event_id).catch((error) => {
@@ -1273,16 +1286,31 @@ var EventService = class extends BaseService {
   }
   // Lifecycle methods
   async initialize() {
+    logger.debug("EventService", "initialize() called", {
+      isInitializedRef: this.isInitializedRef,
+      hasUser: !!this.user,
+      hasSession: !!this.session,
+      appName: this.appName
+    });
     await super.initialize();
   }
   cleanup() {
     super.cleanup();
   }
   async doInitialize() {
+    logger.debug("EventService", "doInitialize() called", {
+      isInitializedRef: this.isInitializedRef,
+      isFetchingRef: this.isFetchingRef,
+      hasUser: !!this.user,
+      hasSession: !!this.session,
+      appName: this.appName
+    });
     if (this.isInitializedRef) {
+      logger.debug("EventService", "Skipping initialization - already initialized");
       return;
     }
     if (this.isFetchingRef) {
+      logger.debug("EventService", "Skipping initialization - already fetching");
       return;
     }
     try {
@@ -1292,31 +1320,107 @@ var EventService = class extends BaseService {
     } catch (error) {
       logger.warn("EventService", "Failed to clean up old storage keys:", error);
     }
-    if (!this.user || !this.selectedOrganisation) {
+    if (!this.user) {
+      logger.debug("EventService", "Skipping initialization - missing user");
       return;
     }
+    logger.debug("EventService", "Initializing - fetching events", {
+      userId: this.user.id,
+      organisationId: this.selectedOrganisation?.id || "derived-from-event",
+      appName: this.appName
+    });
     await this.fetchEvents(false);
+    this.isInitializedRef = true;
   }
   doCleanup() {
   }
   async fetchEvents(skipLoadPersisted = false) {
-    if (!this.user || !this.session || !this.supabaseClient || !this.appName || !this.selectedOrganisation) {
+    if (!this.user || !this.session || !this.supabaseClient || !this.appName) {
+      logger.debug("EventService", "Skipping fetchEvents - missing dependencies", {
+        hasUser: !!this.user,
+        hasSession: !!this.session,
+        hasSupabaseClient: !!this.supabaseClient,
+        appName: this.appName
+      });
       this.notify();
       return;
     }
     this._isLoading = true;
     this.notify();
     if (this.isFetchingRef) {
+      logger.debug("EventService", "Skipping fetchEvents - already fetching");
       return;
     }
     this.isFetchingRef = true;
     let isMounted = true;
     try {
-      const { data, error: rpcError } = await this.supabaseClient.rpc("data_user_events_get", {
+      if (!this.appConfig && this.appName) {
+        try {
+          this.appConfig = await getAppConfigByName(this.appName);
+        } catch (configError) {
+          logger.warn("EventService", "Failed to load app config, defaulting to event-required", {
+            error: configError
+          });
+          this.appConfig = { requires_event: true };
+        }
+      }
+      let organisationIdForRpc = null;
+      let userIsSuperAdmin = false;
+      try {
+        userIsSuperAdmin = await isSuperAdmin(this.user.id);
+        if (userIsSuperAdmin) {
+          organisationIdForRpc = null;
+          logger.debug("EventService", "Super admin detected - fetching all events", {
+            userId: this.user.id
+          });
+        } else {
+          if (this.selectedEvent) {
+            organisationIdForRpc = this.selectedEvent.organisation_id;
+          } else if (this.appConfig?.requires_event === true) {
+            organisationIdForRpc = null;
+            logger.debug("EventService", "Event-required app: fetching all accessible events (no event selected yet)", {
+              userId: this.user.id,
+              appName: this.appName
+            });
+          } else if (this.selectedOrganisation) {
+            organisationIdForRpc = this.selectedOrganisation.id;
+          } else {
+            logger.warn("EventService", "No organisation context available for event fetch", {
+              hasSelectedEvent: !!this.selectedEvent,
+              hasSelectedOrganisation: !!this.selectedOrganisation,
+              appRequiresEvent: this.appConfig?.requires_event
+            });
+            organisationIdForRpc = null;
+          }
+        }
+      } catch (superAdminCheckError) {
+        logger.warn("EventService", "Failed to check super admin status, using organisation-scoped query", {
+          error: superAdminCheckError
+        });
+        if (this.selectedEvent) {
+          organisationIdForRpc = this.selectedEvent.organisation_id;
+        } else if (this.appConfig?.requires_event === true) {
+          organisationIdForRpc = null;
+        } else if (this.selectedOrganisation) {
+          organisationIdForRpc = this.selectedOrganisation.id;
+        }
+      }
+      logger.debug("EventService", "Fetching events via RPC", {
+        userId: this.user.id,
+        organisationId: organisationIdForRpc,
+        appName: this.appName
+      });
+      let { data, error: rpcError } = await this.supabaseClient.rpc("data_user_events_get", {
         p_user_id: this.user.id,
-        p_organisation_id: this.selectedOrganisation.id,
+        p_organisation_id: organisationIdForRpc,
         p_app_name: this.appName
       });
+      logger.debug("EventService", "RPC response received", {
+        hasData: !!data,
+        dataLength: Array.isArray(data) ? data.length : "not array",
+        hasError: !!rpcError,
+        error: rpcError
+      });
       if (rpcError) {
         logger.error("EventService", "RPC error fetching events:", rpcError);
         throw new Error(rpcError.message || "Failed to fetch events");
@@ -1428,24 +1532,41 @@ function EventServiceProvider({
   setSelectedEventId
 }) {
   const eventServiceRef = useRef2(null);
+  const initializingRef = useRef2(false);
   if (!eventServiceRef.current) {
     eventServiceRef.current = new EventService(supabaseClient, user, session, appName, selectedOrganisation, setSelectedEventId);
   }
   const eventService = eventServiceRef.current;
   useEffect3(() => {
     let isMounted = true;
+    if (initializingRef.current) {
+      return;
+    }
     const updateAndInitialize = async () => {
-      await eventService.updateDependencies(supabaseClient, user, session, appName, selectedOrganisation, setSelectedEventId);
-      if (!isMounted) return;
-      await eventService.initialize().catch((error) => {
-        if (isMounted) {
-          logger.error("EventServiceProvider", "Failed to initialize event service:", error);
-        }
-      });
+      initializingRef.current = true;
+      try {
+        logger.debug("EventServiceProvider", "Updating dependencies and initializing", {
+          hasUser: !!user,
+          hasSession: !!session,
+          appName,
+          hasSelectedOrganisation: !!selectedOrganisation,
+          organisationId: selectedOrganisation?.id
+        });
+        await eventService.updateDependencies(supabaseClient, user, session, appName, selectedOrganisation, setSelectedEventId);
+        if (!isMounted) return;
+        await eventService.initialize().catch((error) => {
+          if (isMounted) {
+            logger.error("EventServiceProvider", "Failed to initialize event service:", error);
+          }
+        });
+      } finally {
+        initializingRef.current = false;
+      }
     };
     updateAndInitialize();
     return () => {
       isMounted = false;
+      initializingRef.current = false;
     };
   }, [supabaseClient, user, session, appName, selectedOrganisation, setSelectedEventId]);
   useEffect3(() => {
@@ -1750,8 +1871,10 @@ function InactivityServiceProvider({
   supabaseClient,
   user,
   session,
-  idleTimeoutMs = 30 * 60 * 1e3,
-  warnBeforeMs = 60 * 1e3,
+  idleTimeoutMs,
+  // REQUIRED: No default - must be explicitly provided
+  warnBeforeMs,
+  // REQUIRED: No default - must be explicitly provided
   onIdleLogout
 }) {
   const inactivityServiceRef = useRef3(null);
@@ -1810,6 +1933,29 @@ function useOrganisationService() {
   return context.organisationService;
 }
+// src/hooks/useOrganisations.ts
+function useOrganisations() {
+  const organisationService = useOrganisationService();
+  const selectedOrg = organisationService.getSelectedOrganisation();
+  return {
+    selectedOrganisation: selectedOrg,
+    organisations: organisationService.getOrganisations(),
+    userMemberships: organisationService.getUserMemberships(),
+    isLoading: organisationService.isLoading(),
+    error: organisationService.getError(),
+    hasValidOrganisationContext: organisationService.hasValidOrganisationContext(),
+    isContextReady: organisationService.isContextReady(),
+    setSelectedOrganisation: (org) => organisationService.setSelectedOrganisation(org),
+    switchOrganisation: (orgId) => organisationService.switchOrganisation(orgId),
+    getUserRole: (orgId) => organisationService.getUserRole(orgId),
+    validateOrganisationAccess: (orgId) => organisationService.validateOrganisationAccess(orgId),
+    refreshOrganisations: () => organisationService.refreshOrganisations(),
+    ensureOrganisationContext: () => organisationService.ensureOrganisationContext(),
+    isOrganisationSecure: () => organisationService.isOrganisationSecure(),
+    getPrimaryOrganisation: () => organisationService.getPrimaryOrganisation()
+  };
+}
 // src/hooks/services/useEventService.ts
 import { useContext as useContext3, useReducer as useReducer3, useEffect as useEffect7 } from "react";
 function useEventService() {
@@ -1893,6 +2039,7 @@ function UnifiedAuthContextProvider({
   appName,
   appConfig = { requires_event: true },
   // Default to requiring events
+  supabaseClient: supabaseClientProp,
   ...props
 }) {
   const authService = useAuthService();
@@ -1932,15 +2079,31 @@ function UnifiedAuthContextProvider({
   const currentUser = authService.getUser();
   const currentSession = authService.getSession();
   const isAuth = !!(currentUser && currentSession);
-  const supabase = authService.getSupabaseClient();
+  const supabase = useMemo6(() => supabaseClientProp, [supabaseClientProp]);
   const [appId, setAppId] = useState3(void 0);
   const isResolvingAppIdRef = useRef4(false);
+  const resolvedAppIdRef = useRef4(void 0);
+  const resolvedUserIdRef = useRef4(void 0);
   useEffect10(() => {
-    if (isAuth && currentUser?.id && supabase && appName && !appId && !isResolvingAppIdRef.current) {
+    if (!isAuth) {
+      resolvedAppIdRef.current = void 0;
+      resolvedUserIdRef.current = void 0;
+      setAppId(void 0);
+      return;
+    }
+    if (currentUser?.id && resolvedUserIdRef.current && resolvedUserIdRef.current !== currentUser.id) {
+      resolvedAppIdRef.current = void 0;
+      resolvedUserIdRef.current = void 0;
+      setAppId(void 0);
+    }
+    const currentUserId = currentUser?.id;
+    if (isAuth && currentUserId && supabase && appName && resolvedUserIdRef.current !== currentUserId && // Haven't resolved for this user yet
+    !isResolvingAppIdRef.current) {
       isResolvingAppIdRef.current = true;
-      const userId = currentUser.id;
+      resolvedUserIdRef.current = currentUserId;
+      const userId = currentUserId;
       const appNameValue = appName;
-      import("./api-YP7XD5L6.js").then(async ({ resolveAppContext, setupRBAC }) => {
+      import("./api-IHKALJZD.js").then(async ({ resolveAppContext, setupRBAC }) => {
         try {
           setupRBAC(supabase);
           const result = await resolveAppContext({
@@ -1948,11 +2111,14 @@ function UnifiedAuthContextProvider({
             appName: appNameValue
           });
           if (result?.appId) {
+            resolvedAppIdRef.current = result.appId;
             setAppId(result.appId);
             logger.debug("UnifiedAuthProvider", "appId resolved on login", {
               appId: result.appId,
               appName: appNameValue
             });
+          } else {
+            resolvedUserIdRef.current = void 0;
           }
         } catch (error) {
           logger.error("UnifiedAuthProvider", "Failed to resolve appId on login", {
@@ -1960,41 +2126,64 @@ function UnifiedAuthContextProvider({
             appName: appNameValue,
             userId
           });
+          resolvedUserIdRef.current = void 0;
         } finally {
           isResolvingAppIdRef.current = false;
         }
       }).catch((importError) => {
         logger.error("UnifiedAuthProvider", "Failed to import RBAC API", importError);
         isResolvingAppIdRef.current = false;
+        resolvedUserIdRef.current = void 0;
       });
     }
-    if (!isAuth) {
-      setAppId(void 0);
-    }
-  }, [isAuth, currentUser?.id, supabase, appName, appId]);
+  }, [isAuth, currentUser?.id, supabase, appName]);
   const [, forceUpdate] = useReducer5((x) => x + 1, 0);
+  const forceUpdateTimeoutRef = useRef4(null);
+  const debouncedForceUpdate = useCallback(() => {
+    if (forceUpdateTimeoutRef.current) {
+      clearTimeout(forceUpdateTimeoutRef.current);
+    }
+    forceUpdateTimeoutRef.current = setTimeout(() => {
+      forceUpdate();
+      forceUpdateTimeoutRef.current = null;
+    }, 0);
+  }, [forceUpdate]);
+  const authServiceRef = useRef4(authService);
+  const organisationServiceRef = useRef4(organisationService);
+  const eventServiceRef = useRef4(eventService);
+  const inactivityServiceRef = useRef4(inactivityService);
   useEffect10(() => {
-    const unsubscribeAuth = authService.subscribe(() => forceUpdate());
-    const unsubscribeOrg = organisationService.subscribe(() => forceUpdate());
-    const unsubscribeEvent = eventService.subscribe(() => forceUpdate());
-    const unsubscribeInactivity = inactivityService.subscribe(() => forceUpdate());
+    authServiceRef.current = authService;
+    organisationServiceRef.current = organisationService;
+    eventServiceRef.current = eventService;
+    inactivityServiceRef.current = inactivityService;
+  }, [authService, organisationService, eventService, inactivityService]);
+  useEffect10(() => {
+    const unsubscribeAuth = authServiceRef.current.subscribe(debouncedForceUpdate);
+    const unsubscribeOrg = organisationServiceRef.current.subscribe(debouncedForceUpdate);
+    const unsubscribeEvent = eventServiceRef.current.subscribe(debouncedForceUpdate);
+    const unsubscribeInactivity = inactivityServiceRef.current.subscribe(debouncedForceUpdate);
     return () => {
       unsubscribeAuth();
       unsubscribeOrg();
       unsubscribeEvent();
       unsubscribeInactivity();
+      if (forceUpdateTimeoutRef.current) {
+        clearTimeout(forceUpdateTimeoutRef.current);
+      }
     };
-  }, [authService, organisationService, eventService, inactivityService]);
+  }, [debouncedForceUpdate]);
   const authLoading = authService.isLoading();
   const orgLoading = organisationService.isLoading();
   const eventLoading = eventService.isLoading();
   const restorationLoading = sessionRestoration.isRestoring && !sessionRestorationTimedOut && !sessionRestoration.restorationError;
   const totalLoading = restorationLoading || authLoading || orgLoading || eventLoading;
   const authError = authService.getError();
-  const selectedOrganisation = organisationService.getSelectedOrganisation();
+  const rawSelectedOrganisation = organisationService.getSelectedOrganisation();
   const organisations = organisationService.getOrganisations();
   const userMemberships = organisationService.getUserMemberships();
   const organisationError = organisationService.getError();
+  const selectedOrganisation = appConfig?.requires_event ? null : rawSelectedOrganisation;
   const hasValidOrganisationContext = organisationService.hasValidOrganisationContext();
   const isContextReady = organisationService.isContextReady();
   const events = eventService.getEvents();
@@ -2170,10 +2359,13 @@ function EventServiceProviderWrapper({
   supabaseClient,
   user,
   session,
-  appName
+  appName,
+  appConfig
 }) {
-  const organisationService = useOrganisationService();
-  const selectedOrganisation = organisationService.getSelectedOrganisation();
+  const { selectedOrganisation: rawSelectedOrganisation } = useOrganisations();
+  const selectedOrganisation = appConfig?.requires_event ? null : rawSelectedOrganisation;
+  const setSelectedEventId = useCallback(() => {
+  }, []);
   return /* @__PURE__ */ jsx5(
     EventServiceProvider,
     {
@@ -2182,8 +2374,7 @@ function EventServiceProviderWrapper({
       session,
       appName,
       selectedOrganisation,
-      setSelectedEventId: () => {
-      },
+      setSelectedEventId,
       children
     }
   );
@@ -2216,6 +2407,7 @@ function ServiceAwareProviders({
           user: authService.getUser(),
           session: authService.getSession(),
           appName,
+          appConfig,
           children: /* @__PURE__ */ jsx5(
             InactivityServiceProvider,
             {
@@ -2258,11 +2450,12 @@ function UnifiedAuthProvider({
   persistState = true,
   enablePersistence,
   requireOrganisationContext = true,
-  idleTimeoutMs = 30 * 60 * 1e3,
-  // 30 minutes
-  warnBeforeMs = 60 * 1e3,
-  // 60 seconds
+  idleTimeoutMs,
+  // REQUIRED: No default - must be explicitly provided
+  warnBeforeMs,
+  // REQUIRED: No default - must be explicitly provided
   onIdleLogout,
+  // REQUIRED: No default - must be explicitly provided
   renderInactivityWarning,
   dangerouslyDisableInactivity = false
 }) {
@@ -2307,6 +2500,7 @@ export {
   InactivityServiceProvider,
   useAuthService,
   useOrganisationService,
+  useOrganisations,
   useEventService,
   useInactivityService,
   useSessionRestoration,
@@ -2314,4 +2508,4 @@ export {
   useUnifiedAuth,
   UnifiedAuthProvider
 };
-//# sourceMappingURL=chunk-VGZZXKBR.js.map
+//# sourceMappingURL=chunk-6LTQQAT6.js.map