npm - @jmruthers/pace-core - Versions diffs - 0.5.189 → 0.5.191 - Mend

@jmruthers/pace-core 0.5.189 → 0.5.191

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (438) hide show

package/core-usage-manifest.json +0 -4
package/dist/{AuthService-B-cd2MA4.d.ts → AuthService-CbP_utw2.d.ts} +7 -3
package/dist/{DataTable-IVYljGJ6.d.ts → DataTable-Be6dH_dR.d.ts} +1 -1
package/dist/{DataTable-GUFUNZ3N.js → DataTable-WKRZD47S.js} +8 -8
package/dist/{PublicPageProvider-B8HaLe69.d.ts → PublicPageProvider-ULXC_u6U.d.ts} +84 -25
package/dist/{UnifiedAuthProvider-BG0AL5eE.d.ts → UnifiedAuthProvider-BYA9qB-o.d.ts} +4 -3
package/dist/{UnifiedAuthProvider-643PUAIM.js → UnifiedAuthProvider-FTSG5XH7.js} +4 -2
package/dist/{api-YP7XD5L6.js → api-IHKALJZD.js} +4 -2
package/dist/{chunk-VGZZXKBR.js → chunk-6LTQQAT6.js} +351 -157
package/dist/chunk-6LTQQAT6.js.map +1 -0
package/dist/{chunk-MX64ZF6I.js → chunk-6TQDD426.js} +15 -15
package/dist/chunk-6TQDD426.js.map +1 -0
package/dist/{chunk-YHCN776L.js → chunk-G37KK66H.js} +2 -75
package/dist/chunk-G37KK66H.js.map +1 -0
package/dist/{chunk-THRPYOFK.js → chunk-HW3OVDUF.js} +5 -5
package/dist/chunk-HW3OVDUF.js.map +1 -0
package/dist/{chunk-F2IMUDXZ.js → chunk-I7PSE6JW.js} +75 -2
package/dist/chunk-I7PSE6JW.js.map +1 -0
package/dist/{chunk-IM4QE42D.js → chunk-LOMZXPSN.js} +141 -326
package/dist/chunk-LOMZXPSN.js.map +1 -0
package/dist/chunk-OETXORNB.js +614 -0
package/dist/chunk-OETXORNB.js.map +1 -0
package/dist/{chunk-HESYZWZW.js → chunk-QWWZ5CAQ.js} +2 -2
package/dist/{chunk-HEHYGYOX.js → chunk-ROXMHMY2.js} +403 -46
package/dist/chunk-ROXMHMY2.js.map +1 -0
package/dist/{chunk-2UUZZJFT.js → chunk-ULHIJK66.js} +228 -177
package/dist/{chunk-2UUZZJFT.js.map → chunk-ULHIJK66.js.map} +1 -1
package/dist/{chunk-YGPFYGA6.js → chunk-VKB2CO4Z.js} +838 -503
package/dist/chunk-VKB2CO4Z.js.map +1 -0
package/dist/{chunk-3GOZZZYH.js → chunk-VRGWKHDB.js} +238 -301
package/dist/chunk-VRGWKHDB.js.map +1 -0
package/dist/{chunk-UCQSRW7Z.js → chunk-XNYQOL3Z.js} +431 -384
package/dist/chunk-XNYQOL3Z.js.map +1 -0
package/dist/{chunk-DDM4CCYT.js → chunk-XYXSXPUK.js} +79 -59
package/dist/chunk-XYXSXPUK.js.map +1 -0
package/dist/{chunk-SAUPYVLF.js → chunk-ZSAAAMVR.js} +1 -1
package/dist/chunk-ZSAAAMVR.js.map +1 -0
package/dist/components.d.ts +5 -6
package/dist/components.js +19 -19
package/dist/components.js.map +1 -1
package/dist/{database.generated-DI89OQeI.d.ts → database.generated-CzIvgcPu.d.ts} +165 -201
package/dist/eslint-rules/pace-core-compliance.cjs +0 -2
package/dist/{file-reference-D037xOFK.d.ts → file-reference-BavO2eQj.d.ts} +13 -10
package/dist/hooks.d.ts +20 -15
package/dist/hooks.js +14 -8
package/dist/hooks.js.map +1 -1
package/dist/index.d.ts +17 -15
package/dist/index.js +86 -81
package/dist/index.js.map +1 -1
package/dist/providers.d.ts +3 -3
package/dist/providers.js +3 -1
package/dist/rbac/index.d.ts +77 -13
package/dist/rbac/index.js +12 -9
package/dist/{types-Bwgl--Xo.d.ts → types-CEpcvwwF.d.ts} +1 -1
package/dist/types.d.ts +3 -3
package/dist/types.js +1 -1
package/dist/{usePublicRouteParams-CTDELQ7H.d.ts → usePublicRouteParams-TZe0gy-4.d.ts} +17 -10
package/dist/utils.d.ts +8 -8
package/dist/utils.js +16 -16
package/docs/README.md +2 -2
package/docs/api/classes/ColumnFactory.md +1 -1
package/docs/api/classes/ErrorBoundary.md +1 -1
package/docs/api/classes/InvalidScopeError.md +2 -2
package/docs/api/classes/Logger.md +1 -1
package/docs/api/classes/MissingUserContextError.md +2 -2
package/docs/api/classes/OrganisationContextRequiredError.md +1 -1
package/docs/api/classes/PermissionDeniedError.md +1 -1
package/docs/api/classes/RBACAuditManager.md +2 -2
package/docs/api/classes/RBACCache.md +1 -1
package/docs/api/classes/RBACEngine.md +5 -5
package/docs/api/classes/RBACError.md +1 -1
package/docs/api/classes/RBACNotInitializedError.md +2 -2
package/docs/api/classes/SecureSupabaseClient.md +25 -20
package/docs/api/classes/StorageUtils.md +7 -4
package/docs/api/enums/FileCategory.md +1 -1
package/docs/api/enums/LogLevel.md +1 -1
package/docs/api/enums/RBACErrorCode.md +1 -1
package/docs/api/enums/RPCFunction.md +1 -1
package/docs/api/interfaces/AddressFieldProps.md +1 -1
package/docs/api/interfaces/AddressFieldRef.md +1 -1
package/docs/api/interfaces/AggregateConfig.md +1 -1
package/docs/api/interfaces/AutocompleteOptions.md +1 -1
package/docs/api/interfaces/AvatarProps.md +1 -1
package/docs/api/interfaces/BadgeProps.md +1 -1
package/docs/api/interfaces/ButtonProps.md +1 -1
package/docs/api/interfaces/CalendarProps.md +20 -6
package/docs/api/interfaces/CardProps.md +1 -1
package/docs/api/interfaces/ColorPalette.md +1 -1
package/docs/api/interfaces/ColorShade.md +1 -1
package/docs/api/interfaces/ComplianceResult.md +1 -1
package/docs/api/interfaces/DataAccessRecord.md +9 -9
package/docs/api/interfaces/DataRecord.md +1 -1
package/docs/api/interfaces/DataTableAction.md +1 -1
package/docs/api/interfaces/DataTableColumn.md +1 -1
package/docs/api/interfaces/DataTableProps.md +1 -1
package/docs/api/interfaces/DataTableToolbarButton.md +1 -1
package/docs/api/interfaces/DatabaseComplianceResult.md +1 -1
package/docs/api/interfaces/DatabaseIssue.md +1 -1
package/docs/api/interfaces/EmptyStateConfig.md +1 -1
package/docs/api/interfaces/EnhancedNavigationMenuProps.md +1 -1
package/docs/api/interfaces/EventAppRoleData.md +1 -1
package/docs/api/interfaces/ExportColumn.md +1 -1
package/docs/api/interfaces/ExportOptions.md +1 -1
package/docs/api/interfaces/FileDisplayProps.md +62 -16
package/docs/api/interfaces/FileMetadata.md +1 -1
package/docs/api/interfaces/FileReference.md +2 -2
package/docs/api/interfaces/FileSizeLimits.md +1 -1
package/docs/api/interfaces/FileUploadOptions.md +26 -12
package/docs/api/interfaces/FileUploadProps.md +30 -19
package/docs/api/interfaces/FooterProps.md +1 -1
package/docs/api/interfaces/FormFieldProps.md +1 -1
package/docs/api/interfaces/FormProps.md +1 -1
package/docs/api/interfaces/GrantEventAppRoleParams.md +1 -1
package/docs/api/interfaces/InactivityWarningModalProps.md +1 -1
package/docs/api/interfaces/InputProps.md +1 -1
package/docs/api/interfaces/LabelProps.md +1 -1
package/docs/api/interfaces/LoggerConfig.md +1 -1
package/docs/api/interfaces/LoginFormProps.md +1 -1
package/docs/api/interfaces/NavigationAccessRecord.md +10 -10
package/docs/api/interfaces/NavigationContextType.md +9 -9
package/docs/api/interfaces/NavigationGuardProps.md +1 -1
package/docs/api/interfaces/NavigationItem.md +1 -1
package/docs/api/interfaces/NavigationMenuProps.md +1 -1
package/docs/api/interfaces/NavigationProviderProps.md +7 -7
package/docs/api/interfaces/Organisation.md +1 -1
package/docs/api/interfaces/OrganisationContextType.md +1 -1
package/docs/api/interfaces/OrganisationMembership.md +1 -1
package/docs/api/interfaces/OrganisationProviderProps.md +1 -1
package/docs/api/interfaces/OrganisationSecurityError.md +1 -1
package/docs/api/interfaces/PaceAppLayoutProps.md +1 -1
package/docs/api/interfaces/PaceLoginPageProps.md +1 -1
package/docs/api/interfaces/PageAccessRecord.md +8 -8
package/docs/api/interfaces/PagePermissionContextType.md +8 -8
package/docs/api/interfaces/PagePermissionGuardProps.md +1 -1
package/docs/api/interfaces/PagePermissionProviderProps.md +7 -7
package/docs/api/interfaces/PaletteData.md +1 -1
package/docs/api/interfaces/ParsedAddress.md +2 -2
package/docs/api/interfaces/PermissionEnforcerProps.md +1 -1
package/docs/api/interfaces/ProgressProps.md +3 -11
package/docs/api/interfaces/ProtectedRouteProps.md +1 -1
package/docs/api/interfaces/PublicPageFooterProps.md +1 -1
package/docs/api/interfaces/PublicPageHeaderProps.md +1 -1
package/docs/api/interfaces/PublicPageLayoutProps.md +1 -1
package/docs/api/interfaces/QuickFix.md +1 -1
package/docs/api/interfaces/RBACAccessValidateParams.md +1 -1
package/docs/api/interfaces/RBACAccessValidateResult.md +1 -1
package/docs/api/interfaces/RBACAuditLogParams.md +1 -1
package/docs/api/interfaces/RBACAuditLogResult.md +1 -1
package/docs/api/interfaces/RBACConfig.md +2 -2
package/docs/api/interfaces/RBACContext.md +1 -1
package/docs/api/interfaces/RBACLogger.md +1 -1
package/docs/api/interfaces/RBACPageAccessCheckParams.md +1 -1
package/docs/api/interfaces/RBACPerformanceMetrics.md +1 -1
package/docs/api/interfaces/RBACPermissionCheckParams.md +1 -1
package/docs/api/interfaces/RBACPermissionCheckResult.md +1 -1
package/docs/api/interfaces/RBACPermissionsGetParams.md +1 -1
package/docs/api/interfaces/RBACPermissionsGetResult.md +1 -1
package/docs/api/interfaces/RBACResult.md +1 -1
package/docs/api/interfaces/RBACRoleGrantParams.md +1 -1
package/docs/api/interfaces/RBACRoleGrantResult.md +1 -1
package/docs/api/interfaces/RBACRoleRevokeParams.md +1 -1
package/docs/api/interfaces/RBACRoleRevokeResult.md +1 -1
package/docs/api/interfaces/RBACRoleValidateParams.md +1 -1
package/docs/api/interfaces/RBACRoleValidateResult.md +1 -1
package/docs/api/interfaces/RBACRolesListParams.md +1 -1
package/docs/api/interfaces/RBACRolesListResult.md +1 -1
package/docs/api/interfaces/RBACSessionTrackParams.md +1 -1
package/docs/api/interfaces/RBACSessionTrackResult.md +1 -1
package/docs/api/interfaces/ResourcePermissions.md +1 -1
package/docs/api/interfaces/RevokeEventAppRoleParams.md +1 -1
package/docs/api/interfaces/RoleBasedRouterContextType.md +8 -8
package/docs/api/interfaces/RoleBasedRouterProps.md +10 -10
package/docs/api/interfaces/RoleManagementResult.md +1 -1
package/docs/api/interfaces/RouteAccessRecord.md +10 -10
package/docs/api/interfaces/RouteConfig.md +10 -10
package/docs/api/interfaces/RuntimeComplianceResult.md +1 -1
package/docs/api/interfaces/SecureDataContextType.md +9 -9
package/docs/api/interfaces/SecureDataProviderProps.md +8 -8
package/docs/api/interfaces/SessionRestorationLoaderProps.md +1 -1
package/docs/api/interfaces/SetupIssue.md +1 -1
package/docs/api/interfaces/StorageConfig.md +4 -4
package/docs/api/interfaces/StorageFileInfo.md +7 -7
package/docs/api/interfaces/StorageFileMetadata.md +25 -14
package/docs/api/interfaces/StorageListOptions.md +22 -9
package/docs/api/interfaces/StorageListResult.md +4 -4
package/docs/api/interfaces/StorageUploadOptions.md +21 -8
package/docs/api/interfaces/StorageUploadResult.md +6 -6
package/docs/api/interfaces/StorageUrlOptions.md +19 -6
package/docs/api/interfaces/StyleImport.md +1 -1
package/docs/api/interfaces/SwitchProps.md +1 -1
package/docs/api/interfaces/TabsContentProps.md +1 -1
package/docs/api/interfaces/TabsListProps.md +1 -1
package/docs/api/interfaces/TabsProps.md +1 -1
package/docs/api/interfaces/TabsTriggerProps.md +1 -1
package/docs/api/interfaces/TextareaProps.md +1 -1
package/docs/api/interfaces/ToastActionElement.md +1 -1
package/docs/api/interfaces/ToastProps.md +1 -1
package/docs/api/interfaces/UnifiedAuthContextType.md +53 -53
package/docs/api/interfaces/UnifiedAuthProviderProps.md +13 -13
package/docs/api/interfaces/UseFormDialogOptions.md +1 -1
package/docs/api/interfaces/UseFormDialogReturn.md +1 -1
package/docs/api/interfaces/UseInactivityTrackerOptions.md +1 -1
package/docs/api/interfaces/UseInactivityTrackerReturn.md +1 -1
package/docs/api/interfaces/UsePublicEventLogoOptions.md +2 -2
package/docs/api/interfaces/UsePublicEventLogoReturn.md +1 -1
package/docs/api/interfaces/UsePublicEventOptions.md +1 -1
package/docs/api/interfaces/UsePublicEventReturn.md +1 -1
package/docs/api/interfaces/UsePublicFileDisplayOptions.md +2 -2
package/docs/api/interfaces/UsePublicFileDisplayReturn.md +1 -1
package/docs/api/interfaces/UsePublicRouteParamsReturn.md +1 -1
package/docs/api/interfaces/UseResolvedScopeOptions.md +5 -5
package/docs/api/interfaces/UseResolvedScopeReturn.md +4 -4
package/docs/api/interfaces/UseResourcePermissionsOptions.md +1 -1
package/docs/api/interfaces/UserEventAccess.md +11 -11
package/docs/api/interfaces/UserMenuProps.md +1 -1
package/docs/api/interfaces/UserProfile.md +1 -1
package/docs/api/modules.md +165 -106
package/docs/api-reference/components.md +15 -7
package/docs/api-reference/providers.md +2 -2
package/docs/api-reference/rpc-functions.md +1 -0
package/docs/best-practices/README.md +1 -1
package/docs/best-practices/deployment.md +8 -8
package/docs/getting-started/examples/README.md +2 -2
package/docs/getting-started/installation-guide.md +4 -4
package/docs/getting-started/quick-start.md +3 -3
package/docs/migration/MIGRATION_GUIDE.md +3 -3
package/docs/migration/README.md +18 -0
package/docs/migration/database-changes-december-2025.md +767 -0
package/docs/migration/person-scoped-profiles-migration-guide.md +472 -0
package/docs/rbac/compliance/compliance-guide.md +2 -2
package/docs/rbac/event-based-apps.md +2 -2
package/docs/rbac/getting-started.md +2 -2
package/docs/rbac/quick-start.md +2 -2
package/docs/security/README.md +4 -4
package/docs/standards/07-rbac-and-rls-standard.md +430 -7
package/docs/troubleshooting/README.md +2 -2
package/docs/troubleshooting/migration.md +3 -3
package/package.json +1 -3
package/scripts/check-pace-core-compliance.cjs +1 -1
package/scripts/check-pace-core-compliance.js +1 -1
package/src/__tests__/fixtures/supabase.ts +301 -0
package/src/__tests__/public-recipe-view.test.ts +19 -19
package/src/__tests__/rls-policies.test.ts +210 -74
package/src/components/AddressField/AddressField.test.tsx +42 -0
package/src/components/AddressField/AddressField.tsx +71 -60
package/src/components/AddressField/README.md +7 -6
package/src/components/Alert/Alert.test.tsx +50 -10
package/src/components/Alert/Alert.tsx +5 -3
package/src/components/Avatar/Avatar.test.tsx +95 -43
package/src/components/Avatar/Avatar.tsx +16 -16
package/src/components/Button/Button.test.tsx +2 -1
package/src/components/Button/Button.tsx +3 -3
package/src/components/Calendar/Calendar.test.tsx +53 -37
package/src/components/Calendar/Calendar.tsx +409 -82
package/src/components/Card/Card.test.tsx +7 -4
package/src/components/Card/Card.tsx +3 -6
package/src/components/Checkbox/Checkbox.tsx +2 -2
package/src/components/DataTable/components/ActionButtons.tsx +5 -5
package/src/components/DataTable/components/BulkOperationsDropdown.tsx +2 -2
package/src/components/DataTable/components/ColumnFilter.tsx +1 -1
package/src/components/DataTable/components/ColumnVisibilityDropdown.tsx +3 -3
package/src/components/DataTable/components/DataTableBody.tsx +12 -12
package/src/components/DataTable/components/DataTableCore.tsx +3 -3
package/src/components/DataTable/components/DataTableToolbar.tsx +5 -5
package/src/components/DataTable/components/DraggableColumnHeader.tsx +3 -3
package/src/components/DataTable/components/EditableRow.tsx +2 -2
package/src/components/DataTable/components/EmptyState.tsx +3 -3
package/src/components/DataTable/components/GroupHeader.tsx +2 -2
package/src/components/DataTable/components/GroupingDropdown.tsx +1 -1
package/src/components/DataTable/components/ImportModal.tsx +4 -4
package/src/components/DataTable/components/LoadingState.tsx +1 -1
package/src/components/DataTable/components/PaginationControls.tsx +11 -11
package/src/components/DataTable/components/UnifiedTableBody.tsx +9 -9
package/src/components/DataTable/components/ViewRowModal.tsx +2 -2
package/src/components/DataTable/components/__tests__/AccessDeniedPage.test.tsx +11 -37
package/src/components/DataTable/components/__tests__/DataTableToolbar.test.tsx +157 -0
package/src/components/DataTable/components/__tests__/LoadingState.test.tsx +2 -1
package/src/components/DataTable/components/__tests__/VirtualizedDataTable.test.tsx +128 -0
package/src/components/DataTable/core/__tests__/ActionManager.test.ts +19 -0
package/src/components/DataTable/core/__tests__/ColumnFactory.test.ts +51 -0
package/src/components/DataTable/core/__tests__/ColumnManager.test.ts +84 -0
package/src/components/DataTable/core/__tests__/DataManager.test.ts +14 -0
package/src/components/DataTable/core/__tests__/DataTableContext.test.tsx +136 -0
package/src/components/DataTable/core/__tests__/LocalDataAdapter.test.ts +16 -0
package/src/components/DataTable/core/__tests__/PluginRegistry.test.ts +18 -0
package/src/components/DataTable/hooks/useDataTablePermissions.ts +28 -7
package/src/components/DataTable/utils/__tests__/hierarchicalUtils.test.ts +30 -1
package/src/components/DataTable/utils/hierarchicalUtils.ts +38 -10
package/src/components/DatePickerWithTimezone/DatePickerWithTimezone.test.tsx +8 -3
package/src/components/DatePickerWithTimezone/DatePickerWithTimezone.tsx +4 -4
package/src/components/Dialog/Dialog.tsx +2 -2
package/src/components/EventSelector/EventSelector.tsx +7 -7
package/src/components/FileDisplay/FileDisplay.tsx +291 -179
package/src/components/FileUpload/FileUpload.tsx +7 -4
package/src/components/Header/Header.test.tsx +28 -0
package/src/components/Header/Header.tsx +22 -9
package/src/components/InactivityWarningModal/InactivityWarningModal.tsx +2 -2
package/src/components/LoadingSpinner/LoadingSpinner.test.tsx +19 -14
package/src/components/LoadingSpinner/LoadingSpinner.tsx +5 -5
package/src/components/NavigationMenu/NavigationMenu.test.tsx +127 -1
package/src/components/OrganisationSelector/OrganisationSelector.tsx +42 -22
package/src/components/PaceAppLayout/PaceAppLayout.integration.test.tsx +4 -0
package/src/components/PaceAppLayout/PaceAppLayout.performance.test.tsx +3 -0
package/src/components/PaceAppLayout/PaceAppLayout.security.test.tsx +3 -0
package/src/components/PaceAppLayout/PaceAppLayout.test.tsx +16 -6
package/src/components/PaceAppLayout/PaceAppLayout.tsx +37 -3
package/src/components/PaceAppLayout/test-setup.tsx +1 -0
package/src/components/PaceLoginPage/PaceLoginPage.test.tsx +66 -45
package/src/components/PaceLoginPage/PaceLoginPage.tsx +6 -4
package/src/components/Progress/Progress.test.tsx +18 -19
package/src/components/Progress/Progress.tsx +31 -32
package/src/components/PublicLayout/PublicLayout.test.tsx +6 -6
package/src/components/PublicLayout/PublicPageProvider.tsx +5 -3
package/src/components/Select/Select.test.tsx +4 -1
package/src/components/Select/Select.tsx +65 -20
package/src/components/Switch/Switch.test.tsx +2 -1
package/src/components/Switch/Switch.tsx +1 -1
package/src/components/Toast/Toast.tsx +1 -1
package/src/components/Tooltip/Tooltip.test.tsx +8 -2
package/src/components/UserMenu/UserMenu.tsx +3 -3
package/src/eslint-rules/pace-core-compliance.cjs +0 -2
package/src/eslint-rules/pace-core-compliance.js +0 -2
package/src/hooks/__tests__/hooks.integration.test.tsx +4 -1
package/src/hooks/__tests__/useAppConfig.unit.test.ts +76 -5
package/src/hooks/__tests__/useDataTableState.test.ts +76 -0
package/src/hooks/__tests__/useFileUrl.unit.test.ts +25 -69
package/src/hooks/__tests__/useFileUrlCache.test.ts +129 -0
package/src/hooks/__tests__/usePreventTabReload.test.ts +88 -0
package/src/hooks/__tests__/usePublicEvent.simple.test.ts +1 -1
package/src/hooks/__tests__/usePublicEvent.test.ts +608 -0
package/src/hooks/__tests__/useQueryCache.test.ts +144 -0
package/src/hooks/__tests__/useSecureDataAccess.unit.test.tsx +67 -24
package/src/hooks/index.ts +1 -1
package/src/hooks/public/usePublicEvent.ts +10 -10
package/src/hooks/public/usePublicFileDisplay.ts +173 -87
package/src/hooks/useAppConfig.ts +24 -5
package/src/hooks/useFileDisplay.ts +298 -36
package/src/hooks/useFileReference.ts +56 -11
package/src/hooks/useFileUrl.ts +1 -1
package/src/hooks/useInactivityTracker.ts +16 -7
package/src/hooks/usePermissionCache.test.ts +85 -8
package/src/hooks/useQueryCache.ts +27 -6
package/src/hooks/useSecureDataAccess.test.ts +87 -42
package/src/hooks/useSecureDataAccess.ts +95 -48
package/src/providers/__tests__/OrganisationProvider.test.tsx +27 -21
package/src/providers/services/EventServiceProvider.tsx +37 -17
package/src/providers/services/InactivityServiceProvider.tsx +4 -4
package/src/providers/services/OrganisationServiceProvider.tsx +8 -1
package/src/providers/services/UnifiedAuthProvider.tsx +115 -29
package/src/rbac/__tests__/auth-rbac.e2e.test.tsx +451 -0
package/src/rbac/__tests__/engine.comprehensive.test.ts +12 -0
package/src/rbac/__tests__/rbac-engine-core-logic.test.ts +8 -0
package/src/rbac/__tests__/rbac-engine-simplified.test.ts +4 -0
package/src/rbac/api.ts +240 -36
package/src/rbac/cache-invalidation.ts +21 -7
package/src/rbac/compliance/quick-fix-suggestions.ts +1 -1
package/src/rbac/components/NavigationGuard.tsx +23 -63
package/src/rbac/components/NavigationProvider.test.tsx +52 -23
package/src/rbac/components/NavigationProvider.tsx +13 -11
package/src/rbac/components/PagePermissionGuard.tsx +77 -203
package/src/rbac/components/PagePermissionProvider.tsx +13 -11
package/src/rbac/components/PermissionEnforcer.tsx +24 -62
package/src/rbac/components/RoleBasedRouter.tsx +14 -12
package/src/rbac/components/SecureDataProvider.tsx +13 -11
package/src/rbac/components/__tests__/NavigationGuard.test.tsx +104 -41
package/src/rbac/components/__tests__/NavigationProvider.test.tsx +49 -12
package/src/rbac/components/__tests__/PagePermissionGuard.race-condition.test.tsx +22 -1
package/src/rbac/components/__tests__/PagePermissionGuard.test.tsx +161 -82
package/src/rbac/components/__tests__/PagePermissionGuard.verification.test.tsx +22 -1
package/src/rbac/components/__tests__/PermissionEnforcer.test.tsx +77 -30
package/src/rbac/components/__tests__/RoleBasedRouter.test.tsx +39 -5
package/src/rbac/components/__tests__/SecureDataProvider.test.tsx +47 -4
package/src/rbac/engine.ts +4 -2
package/src/rbac/hooks/__tests__/useSecureSupabase.test.ts +144 -52
package/src/rbac/hooks/index.ts +3 -0
package/src/rbac/hooks/useCan.test.ts +101 -53
package/src/rbac/hooks/usePermissions.ts +108 -41
package/src/rbac/hooks/useRBAC.test.ts +11 -3
package/src/rbac/hooks/useRBAC.ts +83 -40
package/src/rbac/hooks/useResolvedScope.test.ts +189 -63
package/src/rbac/hooks/useResolvedScope.ts +128 -70
package/src/rbac/hooks/useSecureSupabase.ts +36 -19
package/src/rbac/hooks/useSuperAdminBypass.ts +126 -0
package/src/rbac/request-deduplication.ts +1 -1
package/src/rbac/secureClient.ts +72 -12
package/src/rbac/security.ts +29 -23
package/src/rbac/types.ts +10 -0
package/src/rbac/utils/__tests__/contextValidator.test.ts +150 -0
package/src/rbac/utils/__tests__/deep-equal.test.ts +53 -0
package/src/rbac/utils/__tests__/eventContext.test.ts +8 -3
package/src/rbac/utils/__tests__/eventContext.unit.test.ts +74 -12
package/src/rbac/utils/contextValidator.ts +288 -0
package/src/rbac/utils/eventContext.ts +52 -3
package/src/services/AuthService.ts +37 -8
package/src/services/EventService.ts +165 -21
package/src/services/OrganisationService.ts +125 -137
package/src/services/__tests__/EventService.test.ts +26 -21
package/src/services/__tests__/OrganisationService.pagination.test.ts +34 -8
package/src/services/__tests__/OrganisationService.test.ts +218 -86
package/src/types/database.generated.ts +166 -201
package/src/types/file-reference.ts +13 -10
package/src/types/supabase.ts +2 -2
package/src/utils/__tests__/secureDataAccess.unit.test.ts +3 -2
package/src/utils/app/appNameResolver.test.ts +346 -73
package/src/utils/context/superAdminOverride.ts +58 -0
package/src/utils/file-reference/index.ts +65 -37
package/src/utils/google-places/googlePlacesUtils.test.ts +98 -0
package/src/utils/google-places/googlePlacesUtils.ts +1 -1
package/src/utils/google-places/loadGoogleMapsScript.test.ts +83 -0
package/src/utils/google-places/types.ts +1 -1
package/src/utils/request-deduplication.ts +4 -4
package/src/utils/security/secureDataAccess.test.ts +1 -1
package/src/utils/security/secureDataAccess.ts +7 -4
package/src/utils/storage/README.md +1 -1
package/src/utils/storage/helpers.test.ts +1 -1
package/src/utils/storage/helpers.ts +38 -19
package/src/utils/storage/types.ts +15 -8
package/src/utils/validation/__tests__/csrf.test.ts +105 -0
package/src/utils/validation/__tests__/sqlInjectionProtection.test.ts +92 -0
package/src/vite-env.d.ts +2 -2
package/dist/chunk-3GOZZZYH.js.map +0 -1
package/dist/chunk-DDM4CCYT.js.map +0 -1
package/dist/chunk-E7UAOUMY.js +0 -75
package/dist/chunk-E7UAOUMY.js.map +0 -1
package/dist/chunk-F2IMUDXZ.js.map +0 -1
package/dist/chunk-HEHYGYOX.js.map +0 -1
package/dist/chunk-IM4QE42D.js.map +0 -1
package/dist/chunk-MX64ZF6I.js.map +0 -1
package/dist/chunk-SAUPYVLF.js.map +0 -1
package/dist/chunk-THRPYOFK.js.map +0 -1
package/dist/chunk-UCQSRW7Z.js.map +0 -1
package/dist/chunk-VGZZXKBR.js.map +0 -1
package/dist/chunk-YGPFYGA6.js.map +0 -1
package/dist/chunk-YHCN776L.js.map +0 -1
/package/dist/{DataTable-GUFUNZ3N.js.map → DataTable-WKRZD47S.js.map} +0 -0
/package/dist/{UnifiedAuthProvider-643PUAIM.js.map → UnifiedAuthProvider-FTSG5XH7.js.map} +0 -0
/package/dist/{api-YP7XD5L6.js.map → api-IHKALJZD.js.map} +0 -0
/package/dist/{chunk-HESYZWZW.js.map → chunk-QWWZ5CAQ.js.map} +0 -0

package/src/hooks/__tests__/useQueryCache.test.ts ADDED Viewed

@@ -0,0 +1,144 @@
+import { renderHook, act } from '@testing-library/react';
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import { SupabaseClient } from '@supabase/supabase-js';
+import { useQueryCache, queryCacheHelpers } from '../useQueryCache';
+vi.mock('../../utils/core/logger', () => ({
+  createLogger: () => ({
+    debug: vi.fn(),
+    error: vi.fn(),
+  }),
+}));
+describe('useQueryCache', () => {
+  beforeEach(() => {
+    vi.useFakeTimers();
+    vi.setSystemTime(0);
+  });
+  afterEach(() => {
+    vi.useRealTimers();
+    vi.clearAllMocks();
+  });
+  const supabase = {} as SupabaseClient<any>;
+  it('caches query results and returns cached data', async () => {
+    const fetchFn = vi.fn().mockResolvedValue({ id: 1 });
+    const { result } = renderHook(() => useQueryCache(supabase));
+    const first = await result.current.getCachedQuery('table', 'id', '1', fetchFn, { ttl: 5 });
+    const second = await result.current.getCachedQuery('table', 'id', '1', fetchFn, { ttl: 5 });
+    expect(first).toEqual({ id: 1 });
+    expect(second).toEqual(first);
+    expect(fetchFn).toHaveBeenCalledTimes(1);
+    act(() => {
+      result.current.clearCache();
+    });
+  });
+  it('invalidates cache entries explicitly', async () => {
+    const fetchFn = vi.fn().mockResolvedValue({ id: 2 });
+    const { result } = renderHook(() => useQueryCache());
+    await result.current.getCachedQuery('table', 'id', '2', fetchFn);
+    act(() => {
+      result.current.invalidateQuery('table', 'id', '2');
+    });
+    await result.current.getCachedQuery('table', 'id', '2', fetchFn);
+    expect(fetchFn).toHaveBeenCalledTimes(2);
+    act(() => {
+      result.current.clearCache();
+    });
+  });
+  it('expires cache entries after ttl', async () => {
+    const fetchFn = vi.fn().mockResolvedValue('value');
+    const { result } = renderHook(() => useQueryCache());
+    await result.current.getCachedQuery('table', 'key', 'val', fetchFn, { ttl: 1 });
+    vi.setSystemTime(2000); // advance past ttl
+    await result.current.getCachedQuery('table', 'key', 'val', fetchFn, { ttl: 1 });
+    expect(fetchFn).toHaveBeenCalledTimes(2);
+    act(() => {
+      result.current.clearCache();
+    });
+  });
+  it('deduplicates in-flight requests', async () => {
+    let resolveFn: (value: string) => void;
+    const fetchPromise = new Promise<string>(resolve => {
+      resolveFn = resolve;
+    });
+    const fetchFn = vi.fn(() => fetchPromise);
+    const { result } = renderHook(() => useQueryCache());
+    const firstPromise = result.current.getCachedQuery('table', 'id', '3', fetchFn);
+    const secondPromise = result.current.getCachedQuery('table', 'id', '3', fetchFn);
+    expect(fetchFn).toHaveBeenCalledTimes(1);
+    resolveFn!('done');
+    await expect(firstPromise).resolves.toBe('done');
+    await expect(secondPromise).resolves.toBe('done');
+    act(() => {
+      result.current.clearCache();
+    });
+  });
+  it('bypasses cache when disabled', async () => {
+    const fetchFn = vi.fn().mockResolvedValue('fresh');
+    const { result } = renderHook(() => useQueryCache());
+    await result.current.getCachedQuery('table', 'id', '4', fetchFn, { enabled: false });
+    await result.current.getCachedQuery('table', 'id', '4', fetchFn, { enabled: false });
+    expect(fetchFn).toHaveBeenCalledTimes(2);
+  });
+});
+describe('queryCacheHelpers', () => {
+  beforeEach(() => {
+    vi.useFakeTimers();
+    vi.setSystemTime(0);
+  });
+  afterEach(() => {
+    vi.useRealTimers();
+    vi.clearAllMocks();
+  });
+  it('caches helper queries and reuses promises for in-flight requests', async () => {
+    let resolveFn: (value: string) => void;
+    const promise = new Promise<string>(resolve => {
+      resolveFn = resolve;
+    });
+    const fetchFn = vi.fn(() => promise);
+    const supabase = {} as SupabaseClient<any>;
+    const firstPromise = queryCacheHelpers.pacePersonByUserId(supabase, 'user', fetchFn);
+    const secondPromise = queryCacheHelpers.pacePersonByUserId(supabase, 'user', fetchFn);
+    expect(fetchFn).toHaveBeenCalledTimes(1);
+    resolveFn!('person');
+    await expect(firstPromise).resolves.toBe('person');
+    await expect(secondPromise).resolves.toBe('person');
+    // Subsequent call should return cached data immediately
+    const cached = await queryCacheHelpers.pacePersonByUserId(supabase, 'user', fetchFn);
+    expect(cached).toBe('person');
+    expect(fetchFn).toHaveBeenCalledTimes(1);
+  });
+});

package/src/hooks/__tests__/useSecureDataAccess.unit.test.tsx CHANGED Viewed

@@ -4,6 +4,8 @@ import { useSecureDataAccess } from '../useSecureDataAccess';
 import { useUnifiedAuth } from '../../providers';
 import { useOrganisations } from '../../hooks/useOrganisations';
 import { testDataGenerators } from '../../__tests__/helpers/test-utils';
+import { useResolvedScope } from '../../rbac/hooks/useResolvedScope';
+import { useSuperAdminBypass } from '../../rbac/hooks/useSuperAdminBypass';
 // Mock dependencies
 vi.mock('../../providers', () => ({
@@ -22,10 +24,20 @@ vi.mock('../../utils/context/organisationContext', () => ({
   setOrganisationContext: vi.fn().mockResolvedValue(undefined),
 }));
+vi.mock('../../rbac/hooks/useResolvedScope', () => ({
+  useResolvedScope: vi.fn(),
+}));
+vi.mock('../../rbac/hooks/useSuperAdminBypass', () => ({
+  useSuperAdminBypass: vi.fn(),
+}));
 const mockUseUnifiedAuth = {
   user: null,
   session: null,
-  supabase: null
+  supabase: null,
+  selectedOrganisation: null,
+  selectedEvent: null,
 };
 const mockUseOrganisations = vi.fn(() => ({
@@ -54,7 +66,8 @@ const createAuthenticatedContext = (supabase = { auth: {} }, org = { id: 'org-12
     ...mockUseUnifiedAuth,
     user: mockUser,
     session: mockSession,
-    supabase
+    supabase,
+    selectedOrganisation: org,
   } as any);
   // Create a fresh mock with ensureOrganisationContext that returns the org
@@ -76,6 +89,17 @@ const createAuthenticatedContext = (supabase = { auth: {} }, org = { id: 'org-12
   };
   vi.mocked(useOrganisations).mockReturnValue(mockOrgs as any);
+  // Mock resolved scope with organisationId
+  vi.mocked(useResolvedScope).mockReturnValue({
+    resolvedScope: {
+      organisationId: org.id,
+      eventId: undefined,
+      appId: undefined,
+    },
+    isLoading: false,
+    error: null,
+  });
 };
 describe('useSecureDataAccess', () => {
@@ -84,6 +108,16 @@ describe('useSecureDataAccess', () => {
     vi.mocked(useUnifiedAuth).mockReturnValue(mockUseUnifiedAuth as any);
     // Set up useOrganisations to return the default mock (which throws for org context)
     vi.mocked(useOrganisations).mockReturnValue(mockUseOrganisations() as any);
+    // Default mock for useResolvedScope - returns null scope (no context)
+    vi.mocked(useResolvedScope).mockReturnValue({
+      resolvedScope: null,
+      isLoading: false,
+      error: null,
+    });
+    // Default mock for useSuperAdminBypass - not super admin
+    vi.mocked(useSuperAdminBypass).mockReturnValue({
+      isSuperAdmin: false,
+    });
   });
   describe('validateContext', () => {
@@ -129,21 +163,23 @@ describe('useSecureDataAccess', () => {
         user: mockUser,
         session: mockSession,
         supabase: mockSupabase,
+        selectedOrganisation: { id: 'org-123' },
       } as any);
-      const mockOrg = { id: 'org-123' };
-      const ensureOrgContextMock = vi.fn(() => mockOrg);
-      const mockOrgs = {
-        ...mockUseOrganisations(),
-        ensureOrganisationContext: ensureOrgContextMock,
-      };
-      vi.mocked(useOrganisations).mockReturnValue(mockOrgs as any);
+      // Mock useResolvedScope to return resolved scope with organisationId
+      vi.mocked(useResolvedScope).mockReturnValue({
+        resolvedScope: {
+          organisationId: 'org-123',
+          eventId: undefined,
+          appId: undefined,
+        },
+        isLoading: false,
+        error: null,
+      });
       const { result } = renderHook(() => useSecureDataAccess());
       expect(() => result.current.validateContext()).not.toThrow();
-      expect(ensureOrgContextMock).toHaveBeenCalled();
     });
   });
@@ -158,13 +194,19 @@ describe('useSecureDataAccess', () => {
         user: mockUser,
         session: mockSession,
         supabase: mockSupabase,
+        selectedOrganisation: { id: 'org-123' },
       } as any);
-      const mockOrgs = {
-        ...mockUseOrganisations(),
-        ensureOrganisationContext: vi.fn().mockReturnValue({ id: 'org-123' }),
-      };
-      vi.mocked(useOrganisations).mockReturnValue(mockOrgs as any);
+      // Mock resolved scope with organisationId
+      vi.mocked(useResolvedScope).mockReturnValue({
+        resolvedScope: {
+          organisationId: 'org-123',
+          eventId: undefined,
+          appId: undefined,
+        },
+        isLoading: false,
+        error: null,
+      });
       const { result } = renderHook(() => useSecureDataAccess());
@@ -358,7 +400,7 @@ describe('useSecureDataAccess', () => {
       const { result } = renderHook(() => useSecureDataAccess());
-      const data = await result.current.secureUpdate('event', { name: 'Updated' }, { id: 1 });
+      const data = await result.current.secureUpdate('core_events', { name: 'Updated' }, { id: 1 });
       expect(data).toEqual([{ id: 1, name: 'Updated', organisation_id: 'org-123' }]);
     });
@@ -379,7 +421,7 @@ describe('useSecureDataAccess', () => {
       const { result } = renderHook(() => useSecureDataAccess());
-      await expect(result.current.secureUpdate('event', { name: 'Updated' }, { id: 1 })).rejects.toThrow('Update failed');
+      await expect(result.current.secureUpdate('core_events', { name: 'Updated' }, { id: 1 })).rejects.toThrow('Update failed');
     });
     it('should return empty array when no data updated', async () => {
@@ -398,7 +440,7 @@ describe('useSecureDataAccess', () => {
       const { result } = renderHook(() => useSecureDataAccess());
-      const data = await result.current.secureUpdate('event', { name: 'Updated' }, { id: 1 });
+      const data = await result.current.secureUpdate('core_events', { name: 'Updated' }, { id: 1 });
       expect(data).toEqual([]);
     });
@@ -419,9 +461,9 @@ describe('useSecureDataAccess', () => {
       const { result } = renderHook(() => useSecureDataAccess());
-      await result.current.secureDelete('event', { id: 1 });
+      await result.current.secureDelete('core_events', { id: 1 });
-      expect(mockSupabase.from).toHaveBeenCalledWith('event');
+      expect(mockSupabase.from).toHaveBeenCalledWith('core_events');
     });
     it('should handle delete errors', async () => {
@@ -438,7 +480,8 @@ describe('useSecureDataAccess', () => {
       const { result } = renderHook(() => useSecureDataAccess());
-      await expect(result.current.secureDelete('event', { id: 1 })).rejects.toThrow('Delete failed');
+      // The implementation throws the error, so the promise should reject
+      await expect(result.current.secureDelete('core_events', { id: 1 })).rejects.toThrow('Delete failed');
     });
   });
@@ -563,12 +606,12 @@ describe('useSecureDataAccess', () => {
       const { result } = renderHook(() => useSecureDataAccess());
       // Verify the actual behavior: secure update works correctly
-      const updateResult = await result.current.secureUpdate('event', { name: 'Updated' }, { id: 1 });
+      const updateResult = await result.current.secureUpdate('core_events', { name: 'Updated' }, { id: 1 });
       // Test the actual functionality: update executes and returns results
       expect(updateResult).toEqual([{ id: 1, name: 'Updated' }]);
       // Verify security: organisation filter is applied
-      expect(mockSupabase.from).toHaveBeenCalledWith('event');
+      expect(mockSupabase.from).toHaveBeenCalledWith('core_events');
       // Verify the operation completed successfully (organisation filter is applied internally)
       consoleSpy.mockRestore();

package/src/hooks/index.ts CHANGED Viewed

@@ -50,7 +50,7 @@ export { useComponentPerformance } from './useComponentPerformance';
 export { useAppConfig } from './useAppConfig';
 export type { UseAppConfigReturn } from './useAppConfig';
 export { usePerformanceMonitor } from './usePerformanceMonitor';
-export { useQueryCache, queryCacheHelpers } from './useQueryCache';
+export { useQueryCache, queryCacheHelpers, cleanupQueryCache } from './useQueryCache';
 export type { UseQueryCacheReturn, UseQueryCacheOptions } from './useQueryCache';
 // DataTable performance hook

package/src/hooks/public/usePublicEvent.ts CHANGED Viewed

@@ -120,7 +120,7 @@ export function usePublicEvent(
     // Fallback to direct environment variable access if not in PublicPageProvider
     environment = {
       supabaseUrl: (import.meta as any).env?.VITE_SUPABASE_URL || (import.meta as any).env?.NEXT_PUBLIC_SUPABASE_URL || null,
-      supabaseKey: (import.meta as any).env?.VITE_SUPABASE_ANON_KEY || (import.meta as any).env?.NEXT_PUBLIC_SUPABASE_ANON_KEY || null
+      supabaseKey: (import.meta as any).env?.VITE_SUPABASE_PUBLISHABLE_KEY || (import.meta as any).env?.NEXT_PUBLIC_SUPABASE_PUBLISHABLE_KEY || null
     };
   }
@@ -129,7 +129,7 @@ export function usePublicEvent(
     if (typeof window === 'undefined') return null;
     if (!environment.supabaseUrl || !environment.supabaseKey) {
-      logger.warn('usePublicEvent', 'Missing Supabase environment variables. Please ensure VITE_SUPABASE_URL and VITE_SUPABASE_ANON_KEY are set in your environment. Use publishable key if anon key is disabled.');
+      logger.warn('usePublicEvent', 'Missing Supabase environment variables. Please ensure VITE_SUPABASE_URL and VITE_SUPABASE_PUBLISHABLE_KEY are set in your environment.');
       return null;
     }
@@ -210,7 +210,7 @@ export function usePublicEvent(
               // Fallback: Direct table access with public RLS policy
             const tableResponse2 = await (supabase as any)
-              .from('event')
+              .from('core_events')
               .select(`
                 event_id,
                 event_name,
@@ -247,11 +247,11 @@ export function usePublicEvent(
               return;
             }
-            // Get event logo from file_references
+            // Get event logo from core_file_references
             const logoResponse = await (supabase as any)
-              .from('file_references')
+              .from('core_file_references')
               .select('file_path')
-              .eq('table_name', 'event')
+              .eq('table_name', 'core_events')
               .eq('record_id', tableData.event_id)
               .eq('is_public', true)
               .eq('file_metadata->>category', 'event_logos')
@@ -286,7 +286,7 @@ export function usePublicEvent(
         logger.warn('usePublicEvent', 'RPC call failed, falling back to direct table access:', rpcError);
         const tableResponse = await (supabase as any)
-          .from('event')
+          .from('core_events')
           .select(`
             event_id,
             event_name,
@@ -323,11 +323,11 @@ export function usePublicEvent(
           return;
         }
-        // Get event logo from file_references
+        // Get event logo from core_file_references
         const logoResponse = await (supabase as any)
-          .from('file_references')
+          .from('core_file_references')
           .select('file_path')
-          .eq('table_name', 'event')
+          .eq('table_name', 'core_events')
           .eq('record_id', tableData.event_id)
           .eq('is_public', true)
           .eq('file_metadata->>category', 'event_logos')