npm - @jmruthers/pace-core - Versions diffs - 0.5.189 → 0.5.191 - Mend

@jmruthers/pace-core 0.5.189 → 0.5.191

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (438) hide show

package/core-usage-manifest.json +0 -4
package/dist/{AuthService-B-cd2MA4.d.ts → AuthService-CbP_utw2.d.ts} +7 -3
package/dist/{DataTable-IVYljGJ6.d.ts → DataTable-Be6dH_dR.d.ts} +1 -1
package/dist/{DataTable-GUFUNZ3N.js → DataTable-WKRZD47S.js} +8 -8
package/dist/{PublicPageProvider-B8HaLe69.d.ts → PublicPageProvider-ULXC_u6U.d.ts} +84 -25
package/dist/{UnifiedAuthProvider-BG0AL5eE.d.ts → UnifiedAuthProvider-BYA9qB-o.d.ts} +4 -3
package/dist/{UnifiedAuthProvider-643PUAIM.js → UnifiedAuthProvider-FTSG5XH7.js} +4 -2
package/dist/{api-YP7XD5L6.js → api-IHKALJZD.js} +4 -2
package/dist/{chunk-VGZZXKBR.js → chunk-6LTQQAT6.js} +351 -157
package/dist/chunk-6LTQQAT6.js.map +1 -0
package/dist/{chunk-MX64ZF6I.js → chunk-6TQDD426.js} +15 -15
package/dist/chunk-6TQDD426.js.map +1 -0
package/dist/{chunk-YHCN776L.js → chunk-G37KK66H.js} +2 -75
package/dist/chunk-G37KK66H.js.map +1 -0
package/dist/{chunk-THRPYOFK.js → chunk-HW3OVDUF.js} +5 -5
package/dist/chunk-HW3OVDUF.js.map +1 -0
package/dist/{chunk-F2IMUDXZ.js → chunk-I7PSE6JW.js} +75 -2
package/dist/chunk-I7PSE6JW.js.map +1 -0
package/dist/{chunk-IM4QE42D.js → chunk-LOMZXPSN.js} +141 -326
package/dist/chunk-LOMZXPSN.js.map +1 -0
package/dist/chunk-OETXORNB.js +614 -0
package/dist/chunk-OETXORNB.js.map +1 -0
package/dist/{chunk-HESYZWZW.js → chunk-QWWZ5CAQ.js} +2 -2
package/dist/{chunk-HEHYGYOX.js → chunk-ROXMHMY2.js} +403 -46
package/dist/chunk-ROXMHMY2.js.map +1 -0
package/dist/{chunk-2UUZZJFT.js → chunk-ULHIJK66.js} +228 -177
package/dist/{chunk-2UUZZJFT.js.map → chunk-ULHIJK66.js.map} +1 -1
package/dist/{chunk-YGPFYGA6.js → chunk-VKB2CO4Z.js} +838 -503
package/dist/chunk-VKB2CO4Z.js.map +1 -0
package/dist/{chunk-3GOZZZYH.js → chunk-VRGWKHDB.js} +238 -301
package/dist/chunk-VRGWKHDB.js.map +1 -0
package/dist/{chunk-UCQSRW7Z.js → chunk-XNYQOL3Z.js} +431 -384
package/dist/chunk-XNYQOL3Z.js.map +1 -0
package/dist/{chunk-DDM4CCYT.js → chunk-XYXSXPUK.js} +79 -59
package/dist/chunk-XYXSXPUK.js.map +1 -0
package/dist/{chunk-SAUPYVLF.js → chunk-ZSAAAMVR.js} +1 -1
package/dist/chunk-ZSAAAMVR.js.map +1 -0
package/dist/components.d.ts +5 -6
package/dist/components.js +19 -19
package/dist/components.js.map +1 -1
package/dist/{database.generated-DI89OQeI.d.ts → database.generated-CzIvgcPu.d.ts} +165 -201
package/dist/eslint-rules/pace-core-compliance.cjs +0 -2
package/dist/{file-reference-D037xOFK.d.ts → file-reference-BavO2eQj.d.ts} +13 -10
package/dist/hooks.d.ts +20 -15
package/dist/hooks.js +14 -8
package/dist/hooks.js.map +1 -1
package/dist/index.d.ts +17 -15
package/dist/index.js +86 -81
package/dist/index.js.map +1 -1
package/dist/providers.d.ts +3 -3
package/dist/providers.js +3 -1
package/dist/rbac/index.d.ts +77 -13
package/dist/rbac/index.js +12 -9
package/dist/{types-Bwgl--Xo.d.ts → types-CEpcvwwF.d.ts} +1 -1
package/dist/types.d.ts +3 -3
package/dist/types.js +1 -1
package/dist/{usePublicRouteParams-CTDELQ7H.d.ts → usePublicRouteParams-TZe0gy-4.d.ts} +17 -10
package/dist/utils.d.ts +8 -8
package/dist/utils.js +16 -16
package/docs/README.md +2 -2
package/docs/api/classes/ColumnFactory.md +1 -1
package/docs/api/classes/ErrorBoundary.md +1 -1
package/docs/api/classes/InvalidScopeError.md +2 -2
package/docs/api/classes/Logger.md +1 -1
package/docs/api/classes/MissingUserContextError.md +2 -2
package/docs/api/classes/OrganisationContextRequiredError.md +1 -1
package/docs/api/classes/PermissionDeniedError.md +1 -1
package/docs/api/classes/RBACAuditManager.md +2 -2
package/docs/api/classes/RBACCache.md +1 -1
package/docs/api/classes/RBACEngine.md +5 -5
package/docs/api/classes/RBACError.md +1 -1
package/docs/api/classes/RBACNotInitializedError.md +2 -2
package/docs/api/classes/SecureSupabaseClient.md +25 -20
package/docs/api/classes/StorageUtils.md +7 -4
package/docs/api/enums/FileCategory.md +1 -1
package/docs/api/enums/LogLevel.md +1 -1
package/docs/api/enums/RBACErrorCode.md +1 -1
package/docs/api/enums/RPCFunction.md +1 -1
package/docs/api/interfaces/AddressFieldProps.md +1 -1
package/docs/api/interfaces/AddressFieldRef.md +1 -1
package/docs/api/interfaces/AggregateConfig.md +1 -1
package/docs/api/interfaces/AutocompleteOptions.md +1 -1
package/docs/api/interfaces/AvatarProps.md +1 -1
package/docs/api/interfaces/BadgeProps.md +1 -1
package/docs/api/interfaces/ButtonProps.md +1 -1
package/docs/api/interfaces/CalendarProps.md +20 -6
package/docs/api/interfaces/CardProps.md +1 -1
package/docs/api/interfaces/ColorPalette.md +1 -1
package/docs/api/interfaces/ColorShade.md +1 -1
package/docs/api/interfaces/ComplianceResult.md +1 -1
package/docs/api/interfaces/DataAccessRecord.md +9 -9
package/docs/api/interfaces/DataRecord.md +1 -1
package/docs/api/interfaces/DataTableAction.md +1 -1
package/docs/api/interfaces/DataTableColumn.md +1 -1
package/docs/api/interfaces/DataTableProps.md +1 -1
package/docs/api/interfaces/DataTableToolbarButton.md +1 -1
package/docs/api/interfaces/DatabaseComplianceResult.md +1 -1
package/docs/api/interfaces/DatabaseIssue.md +1 -1
package/docs/api/interfaces/EmptyStateConfig.md +1 -1
package/docs/api/interfaces/EnhancedNavigationMenuProps.md +1 -1
package/docs/api/interfaces/EventAppRoleData.md +1 -1
package/docs/api/interfaces/ExportColumn.md +1 -1
package/docs/api/interfaces/ExportOptions.md +1 -1
package/docs/api/interfaces/FileDisplayProps.md +62 -16
package/docs/api/interfaces/FileMetadata.md +1 -1
package/docs/api/interfaces/FileReference.md +2 -2
package/docs/api/interfaces/FileSizeLimits.md +1 -1
package/docs/api/interfaces/FileUploadOptions.md +26 -12
package/docs/api/interfaces/FileUploadProps.md +30 -19
package/docs/api/interfaces/FooterProps.md +1 -1
package/docs/api/interfaces/FormFieldProps.md +1 -1
package/docs/api/interfaces/FormProps.md +1 -1
package/docs/api/interfaces/GrantEventAppRoleParams.md +1 -1
package/docs/api/interfaces/InactivityWarningModalProps.md +1 -1
package/docs/api/interfaces/InputProps.md +1 -1
package/docs/api/interfaces/LabelProps.md +1 -1
package/docs/api/interfaces/LoggerConfig.md +1 -1
package/docs/api/interfaces/LoginFormProps.md +1 -1
package/docs/api/interfaces/NavigationAccessRecord.md +10 -10
package/docs/api/interfaces/NavigationContextType.md +9 -9
package/docs/api/interfaces/NavigationGuardProps.md +1 -1
package/docs/api/interfaces/NavigationItem.md +1 -1
package/docs/api/interfaces/NavigationMenuProps.md +1 -1
package/docs/api/interfaces/NavigationProviderProps.md +7 -7
package/docs/api/interfaces/Organisation.md +1 -1
package/docs/api/interfaces/OrganisationContextType.md +1 -1
package/docs/api/interfaces/OrganisationMembership.md +1 -1
package/docs/api/interfaces/OrganisationProviderProps.md +1 -1
package/docs/api/interfaces/OrganisationSecurityError.md +1 -1
package/docs/api/interfaces/PaceAppLayoutProps.md +1 -1
package/docs/api/interfaces/PaceLoginPageProps.md +1 -1
package/docs/api/interfaces/PageAccessRecord.md +8 -8
package/docs/api/interfaces/PagePermissionContextType.md +8 -8
package/docs/api/interfaces/PagePermissionGuardProps.md +1 -1
package/docs/api/interfaces/PagePermissionProviderProps.md +7 -7
package/docs/api/interfaces/PaletteData.md +1 -1
package/docs/api/interfaces/ParsedAddress.md +2 -2
package/docs/api/interfaces/PermissionEnforcerProps.md +1 -1
package/docs/api/interfaces/ProgressProps.md +3 -11
package/docs/api/interfaces/ProtectedRouteProps.md +1 -1
package/docs/api/interfaces/PublicPageFooterProps.md +1 -1
package/docs/api/interfaces/PublicPageHeaderProps.md +1 -1
package/docs/api/interfaces/PublicPageLayoutProps.md +1 -1
package/docs/api/interfaces/QuickFix.md +1 -1
package/docs/api/interfaces/RBACAccessValidateParams.md +1 -1
package/docs/api/interfaces/RBACAccessValidateResult.md +1 -1
package/docs/api/interfaces/RBACAuditLogParams.md +1 -1
package/docs/api/interfaces/RBACAuditLogResult.md +1 -1
package/docs/api/interfaces/RBACConfig.md +2 -2
package/docs/api/interfaces/RBACContext.md +1 -1
package/docs/api/interfaces/RBACLogger.md +1 -1
package/docs/api/interfaces/RBACPageAccessCheckParams.md +1 -1
package/docs/api/interfaces/RBACPerformanceMetrics.md +1 -1
package/docs/api/interfaces/RBACPermissionCheckParams.md +1 -1
package/docs/api/interfaces/RBACPermissionCheckResult.md +1 -1
package/docs/api/interfaces/RBACPermissionsGetParams.md +1 -1
package/docs/api/interfaces/RBACPermissionsGetResult.md +1 -1
package/docs/api/interfaces/RBACResult.md +1 -1
package/docs/api/interfaces/RBACRoleGrantParams.md +1 -1
package/docs/api/interfaces/RBACRoleGrantResult.md +1 -1
package/docs/api/interfaces/RBACRoleRevokeParams.md +1 -1
package/docs/api/interfaces/RBACRoleRevokeResult.md +1 -1
package/docs/api/interfaces/RBACRoleValidateParams.md +1 -1
package/docs/api/interfaces/RBACRoleValidateResult.md +1 -1
package/docs/api/interfaces/RBACRolesListParams.md +1 -1
package/docs/api/interfaces/RBACRolesListResult.md +1 -1
package/docs/api/interfaces/RBACSessionTrackParams.md +1 -1
package/docs/api/interfaces/RBACSessionTrackResult.md +1 -1
package/docs/api/interfaces/ResourcePermissions.md +1 -1
package/docs/api/interfaces/RevokeEventAppRoleParams.md +1 -1
package/docs/api/interfaces/RoleBasedRouterContextType.md +8 -8
package/docs/api/interfaces/RoleBasedRouterProps.md +10 -10
package/docs/api/interfaces/RoleManagementResult.md +1 -1
package/docs/api/interfaces/RouteAccessRecord.md +10 -10
package/docs/api/interfaces/RouteConfig.md +10 -10
package/docs/api/interfaces/RuntimeComplianceResult.md +1 -1
package/docs/api/interfaces/SecureDataContextType.md +9 -9
package/docs/api/interfaces/SecureDataProviderProps.md +8 -8
package/docs/api/interfaces/SessionRestorationLoaderProps.md +1 -1
package/docs/api/interfaces/SetupIssue.md +1 -1
package/docs/api/interfaces/StorageConfig.md +4 -4
package/docs/api/interfaces/StorageFileInfo.md +7 -7
package/docs/api/interfaces/StorageFileMetadata.md +25 -14
package/docs/api/interfaces/StorageListOptions.md +22 -9
package/docs/api/interfaces/StorageListResult.md +4 -4
package/docs/api/interfaces/StorageUploadOptions.md +21 -8
package/docs/api/interfaces/StorageUploadResult.md +6 -6
package/docs/api/interfaces/StorageUrlOptions.md +19 -6
package/docs/api/interfaces/StyleImport.md +1 -1
package/docs/api/interfaces/SwitchProps.md +1 -1
package/docs/api/interfaces/TabsContentProps.md +1 -1
package/docs/api/interfaces/TabsListProps.md +1 -1
package/docs/api/interfaces/TabsProps.md +1 -1
package/docs/api/interfaces/TabsTriggerProps.md +1 -1
package/docs/api/interfaces/TextareaProps.md +1 -1
package/docs/api/interfaces/ToastActionElement.md +1 -1
package/docs/api/interfaces/ToastProps.md +1 -1
package/docs/api/interfaces/UnifiedAuthContextType.md +53 -53
package/docs/api/interfaces/UnifiedAuthProviderProps.md +13 -13
package/docs/api/interfaces/UseFormDialogOptions.md +1 -1
package/docs/api/interfaces/UseFormDialogReturn.md +1 -1
package/docs/api/interfaces/UseInactivityTrackerOptions.md +1 -1
package/docs/api/interfaces/UseInactivityTrackerReturn.md +1 -1
package/docs/api/interfaces/UsePublicEventLogoOptions.md +2 -2
package/docs/api/interfaces/UsePublicEventLogoReturn.md +1 -1
package/docs/api/interfaces/UsePublicEventOptions.md +1 -1
package/docs/api/interfaces/UsePublicEventReturn.md +1 -1
package/docs/api/interfaces/UsePublicFileDisplayOptions.md +2 -2
package/docs/api/interfaces/UsePublicFileDisplayReturn.md +1 -1
package/docs/api/interfaces/UsePublicRouteParamsReturn.md +1 -1
package/docs/api/interfaces/UseResolvedScopeOptions.md +5 -5
package/docs/api/interfaces/UseResolvedScopeReturn.md +4 -4
package/docs/api/interfaces/UseResourcePermissionsOptions.md +1 -1
package/docs/api/interfaces/UserEventAccess.md +11 -11
package/docs/api/interfaces/UserMenuProps.md +1 -1
package/docs/api/interfaces/UserProfile.md +1 -1
package/docs/api/modules.md +165 -106
package/docs/api-reference/components.md +15 -7
package/docs/api-reference/providers.md +2 -2
package/docs/api-reference/rpc-functions.md +1 -0
package/docs/best-practices/README.md +1 -1
package/docs/best-practices/deployment.md +8 -8
package/docs/getting-started/examples/README.md +2 -2
package/docs/getting-started/installation-guide.md +4 -4
package/docs/getting-started/quick-start.md +3 -3
package/docs/migration/MIGRATION_GUIDE.md +3 -3
package/docs/migration/README.md +18 -0
package/docs/migration/database-changes-december-2025.md +767 -0
package/docs/migration/person-scoped-profiles-migration-guide.md +472 -0
package/docs/rbac/compliance/compliance-guide.md +2 -2
package/docs/rbac/event-based-apps.md +2 -2
package/docs/rbac/getting-started.md +2 -2
package/docs/rbac/quick-start.md +2 -2
package/docs/security/README.md +4 -4
package/docs/standards/07-rbac-and-rls-standard.md +430 -7
package/docs/troubleshooting/README.md +2 -2
package/docs/troubleshooting/migration.md +3 -3
package/package.json +1 -3
package/scripts/check-pace-core-compliance.cjs +1 -1
package/scripts/check-pace-core-compliance.js +1 -1
package/src/__tests__/fixtures/supabase.ts +301 -0
package/src/__tests__/public-recipe-view.test.ts +19 -19
package/src/__tests__/rls-policies.test.ts +210 -74
package/src/components/AddressField/AddressField.test.tsx +42 -0
package/src/components/AddressField/AddressField.tsx +71 -60
package/src/components/AddressField/README.md +7 -6
package/src/components/Alert/Alert.test.tsx +50 -10
package/src/components/Alert/Alert.tsx +5 -3
package/src/components/Avatar/Avatar.test.tsx +95 -43
package/src/components/Avatar/Avatar.tsx +16 -16
package/src/components/Button/Button.test.tsx +2 -1
package/src/components/Button/Button.tsx +3 -3
package/src/components/Calendar/Calendar.test.tsx +53 -37
package/src/components/Calendar/Calendar.tsx +409 -82
package/src/components/Card/Card.test.tsx +7 -4
package/src/components/Card/Card.tsx +3 -6
package/src/components/Checkbox/Checkbox.tsx +2 -2
package/src/components/DataTable/components/ActionButtons.tsx +5 -5
package/src/components/DataTable/components/BulkOperationsDropdown.tsx +2 -2
package/src/components/DataTable/components/ColumnFilter.tsx +1 -1
package/src/components/DataTable/components/ColumnVisibilityDropdown.tsx +3 -3
package/src/components/DataTable/components/DataTableBody.tsx +12 -12
package/src/components/DataTable/components/DataTableCore.tsx +3 -3
package/src/components/DataTable/components/DataTableToolbar.tsx +5 -5
package/src/components/DataTable/components/DraggableColumnHeader.tsx +3 -3
package/src/components/DataTable/components/EditableRow.tsx +2 -2
package/src/components/DataTable/components/EmptyState.tsx +3 -3
package/src/components/DataTable/components/GroupHeader.tsx +2 -2
package/src/components/DataTable/components/GroupingDropdown.tsx +1 -1
package/src/components/DataTable/components/ImportModal.tsx +4 -4
package/src/components/DataTable/components/LoadingState.tsx +1 -1
package/src/components/DataTable/components/PaginationControls.tsx +11 -11
package/src/components/DataTable/components/UnifiedTableBody.tsx +9 -9
package/src/components/DataTable/components/ViewRowModal.tsx +2 -2
package/src/components/DataTable/components/__tests__/AccessDeniedPage.test.tsx +11 -37
package/src/components/DataTable/components/__tests__/DataTableToolbar.test.tsx +157 -0
package/src/components/DataTable/components/__tests__/LoadingState.test.tsx +2 -1
package/src/components/DataTable/components/__tests__/VirtualizedDataTable.test.tsx +128 -0
package/src/components/DataTable/core/__tests__/ActionManager.test.ts +19 -0
package/src/components/DataTable/core/__tests__/ColumnFactory.test.ts +51 -0
package/src/components/DataTable/core/__tests__/ColumnManager.test.ts +84 -0
package/src/components/DataTable/core/__tests__/DataManager.test.ts +14 -0
package/src/components/DataTable/core/__tests__/DataTableContext.test.tsx +136 -0
package/src/components/DataTable/core/__tests__/LocalDataAdapter.test.ts +16 -0
package/src/components/DataTable/core/__tests__/PluginRegistry.test.ts +18 -0
package/src/components/DataTable/hooks/useDataTablePermissions.ts +28 -7
package/src/components/DataTable/utils/__tests__/hierarchicalUtils.test.ts +30 -1
package/src/components/DataTable/utils/hierarchicalUtils.ts +38 -10
package/src/components/DatePickerWithTimezone/DatePickerWithTimezone.test.tsx +8 -3
package/src/components/DatePickerWithTimezone/DatePickerWithTimezone.tsx +4 -4
package/src/components/Dialog/Dialog.tsx +2 -2
package/src/components/EventSelector/EventSelector.tsx +7 -7
package/src/components/FileDisplay/FileDisplay.tsx +291 -179
package/src/components/FileUpload/FileUpload.tsx +7 -4
package/src/components/Header/Header.test.tsx +28 -0
package/src/components/Header/Header.tsx +22 -9
package/src/components/InactivityWarningModal/InactivityWarningModal.tsx +2 -2
package/src/components/LoadingSpinner/LoadingSpinner.test.tsx +19 -14
package/src/components/LoadingSpinner/LoadingSpinner.tsx +5 -5
package/src/components/NavigationMenu/NavigationMenu.test.tsx +127 -1
package/src/components/OrganisationSelector/OrganisationSelector.tsx +42 -22
package/src/components/PaceAppLayout/PaceAppLayout.integration.test.tsx +4 -0
package/src/components/PaceAppLayout/PaceAppLayout.performance.test.tsx +3 -0
package/src/components/PaceAppLayout/PaceAppLayout.security.test.tsx +3 -0
package/src/components/PaceAppLayout/PaceAppLayout.test.tsx +16 -6
package/src/components/PaceAppLayout/PaceAppLayout.tsx +37 -3
package/src/components/PaceAppLayout/test-setup.tsx +1 -0
package/src/components/PaceLoginPage/PaceLoginPage.test.tsx +66 -45
package/src/components/PaceLoginPage/PaceLoginPage.tsx +6 -4
package/src/components/Progress/Progress.test.tsx +18 -19
package/src/components/Progress/Progress.tsx +31 -32
package/src/components/PublicLayout/PublicLayout.test.tsx +6 -6
package/src/components/PublicLayout/PublicPageProvider.tsx +5 -3
package/src/components/Select/Select.test.tsx +4 -1
package/src/components/Select/Select.tsx +65 -20
package/src/components/Switch/Switch.test.tsx +2 -1
package/src/components/Switch/Switch.tsx +1 -1
package/src/components/Toast/Toast.tsx +1 -1
package/src/components/Tooltip/Tooltip.test.tsx +8 -2
package/src/components/UserMenu/UserMenu.tsx +3 -3
package/src/eslint-rules/pace-core-compliance.cjs +0 -2
package/src/eslint-rules/pace-core-compliance.js +0 -2
package/src/hooks/__tests__/hooks.integration.test.tsx +4 -1
package/src/hooks/__tests__/useAppConfig.unit.test.ts +76 -5
package/src/hooks/__tests__/useDataTableState.test.ts +76 -0
package/src/hooks/__tests__/useFileUrl.unit.test.ts +25 -69
package/src/hooks/__tests__/useFileUrlCache.test.ts +129 -0
package/src/hooks/__tests__/usePreventTabReload.test.ts +88 -0
package/src/hooks/__tests__/usePublicEvent.simple.test.ts +1 -1
package/src/hooks/__tests__/usePublicEvent.test.ts +608 -0
package/src/hooks/__tests__/useQueryCache.test.ts +144 -0
package/src/hooks/__tests__/useSecureDataAccess.unit.test.tsx +67 -24
package/src/hooks/index.ts +1 -1
package/src/hooks/public/usePublicEvent.ts +10 -10
package/src/hooks/public/usePublicFileDisplay.ts +173 -87
package/src/hooks/useAppConfig.ts +24 -5
package/src/hooks/useFileDisplay.ts +298 -36
package/src/hooks/useFileReference.ts +56 -11
package/src/hooks/useFileUrl.ts +1 -1
package/src/hooks/useInactivityTracker.ts +16 -7
package/src/hooks/usePermissionCache.test.ts +85 -8
package/src/hooks/useQueryCache.ts +27 -6
package/src/hooks/useSecureDataAccess.test.ts +87 -42
package/src/hooks/useSecureDataAccess.ts +95 -48
package/src/providers/__tests__/OrganisationProvider.test.tsx +27 -21
package/src/providers/services/EventServiceProvider.tsx +37 -17
package/src/providers/services/InactivityServiceProvider.tsx +4 -4
package/src/providers/services/OrganisationServiceProvider.tsx +8 -1
package/src/providers/services/UnifiedAuthProvider.tsx +115 -29
package/src/rbac/__tests__/auth-rbac.e2e.test.tsx +451 -0
package/src/rbac/__tests__/engine.comprehensive.test.ts +12 -0
package/src/rbac/__tests__/rbac-engine-core-logic.test.ts +8 -0
package/src/rbac/__tests__/rbac-engine-simplified.test.ts +4 -0
package/src/rbac/api.ts +240 -36
package/src/rbac/cache-invalidation.ts +21 -7
package/src/rbac/compliance/quick-fix-suggestions.ts +1 -1
package/src/rbac/components/NavigationGuard.tsx +23 -63
package/src/rbac/components/NavigationProvider.test.tsx +52 -23
package/src/rbac/components/NavigationProvider.tsx +13 -11
package/src/rbac/components/PagePermissionGuard.tsx +77 -203
package/src/rbac/components/PagePermissionProvider.tsx +13 -11
package/src/rbac/components/PermissionEnforcer.tsx +24 -62
package/src/rbac/components/RoleBasedRouter.tsx +14 -12
package/src/rbac/components/SecureDataProvider.tsx +13 -11
package/src/rbac/components/__tests__/NavigationGuard.test.tsx +104 -41
package/src/rbac/components/__tests__/NavigationProvider.test.tsx +49 -12
package/src/rbac/components/__tests__/PagePermissionGuard.race-condition.test.tsx +22 -1
package/src/rbac/components/__tests__/PagePermissionGuard.test.tsx +161 -82
package/src/rbac/components/__tests__/PagePermissionGuard.verification.test.tsx +22 -1
package/src/rbac/components/__tests__/PermissionEnforcer.test.tsx +77 -30
package/src/rbac/components/__tests__/RoleBasedRouter.test.tsx +39 -5
package/src/rbac/components/__tests__/SecureDataProvider.test.tsx +47 -4
package/src/rbac/engine.ts +4 -2
package/src/rbac/hooks/__tests__/useSecureSupabase.test.ts +144 -52
package/src/rbac/hooks/index.ts +3 -0
package/src/rbac/hooks/useCan.test.ts +101 -53
package/src/rbac/hooks/usePermissions.ts +108 -41
package/src/rbac/hooks/useRBAC.test.ts +11 -3
package/src/rbac/hooks/useRBAC.ts +83 -40
package/src/rbac/hooks/useResolvedScope.test.ts +189 -63
package/src/rbac/hooks/useResolvedScope.ts +128 -70
package/src/rbac/hooks/useSecureSupabase.ts +36 -19
package/src/rbac/hooks/useSuperAdminBypass.ts +126 -0
package/src/rbac/request-deduplication.ts +1 -1
package/src/rbac/secureClient.ts +72 -12
package/src/rbac/security.ts +29 -23
package/src/rbac/types.ts +10 -0
package/src/rbac/utils/__tests__/contextValidator.test.ts +150 -0
package/src/rbac/utils/__tests__/deep-equal.test.ts +53 -0
package/src/rbac/utils/__tests__/eventContext.test.ts +8 -3
package/src/rbac/utils/__tests__/eventContext.unit.test.ts +74 -12
package/src/rbac/utils/contextValidator.ts +288 -0
package/src/rbac/utils/eventContext.ts +52 -3
package/src/services/AuthService.ts +37 -8
package/src/services/EventService.ts +165 -21
package/src/services/OrganisationService.ts +125 -137
package/src/services/__tests__/EventService.test.ts +26 -21
package/src/services/__tests__/OrganisationService.pagination.test.ts +34 -8
package/src/services/__tests__/OrganisationService.test.ts +218 -86
package/src/types/database.generated.ts +166 -201
package/src/types/file-reference.ts +13 -10
package/src/types/supabase.ts +2 -2
package/src/utils/__tests__/secureDataAccess.unit.test.ts +3 -2
package/src/utils/app/appNameResolver.test.ts +346 -73
package/src/utils/context/superAdminOverride.ts +58 -0
package/src/utils/file-reference/index.ts +65 -37
package/src/utils/google-places/googlePlacesUtils.test.ts +98 -0
package/src/utils/google-places/googlePlacesUtils.ts +1 -1
package/src/utils/google-places/loadGoogleMapsScript.test.ts +83 -0
package/src/utils/google-places/types.ts +1 -1
package/src/utils/request-deduplication.ts +4 -4
package/src/utils/security/secureDataAccess.test.ts +1 -1
package/src/utils/security/secureDataAccess.ts +7 -4
package/src/utils/storage/README.md +1 -1
package/src/utils/storage/helpers.test.ts +1 -1
package/src/utils/storage/helpers.ts +38 -19
package/src/utils/storage/types.ts +15 -8
package/src/utils/validation/__tests__/csrf.test.ts +105 -0
package/src/utils/validation/__tests__/sqlInjectionProtection.test.ts +92 -0
package/src/vite-env.d.ts +2 -2
package/dist/chunk-3GOZZZYH.js.map +0 -1
package/dist/chunk-DDM4CCYT.js.map +0 -1
package/dist/chunk-E7UAOUMY.js +0 -75
package/dist/chunk-E7UAOUMY.js.map +0 -1
package/dist/chunk-F2IMUDXZ.js.map +0 -1
package/dist/chunk-HEHYGYOX.js.map +0 -1
package/dist/chunk-IM4QE42D.js.map +0 -1
package/dist/chunk-MX64ZF6I.js.map +0 -1
package/dist/chunk-SAUPYVLF.js.map +0 -1
package/dist/chunk-THRPYOFK.js.map +0 -1
package/dist/chunk-UCQSRW7Z.js.map +0 -1
package/dist/chunk-VGZZXKBR.js.map +0 -1
package/dist/chunk-YGPFYGA6.js.map +0 -1
package/dist/chunk-YHCN776L.js.map +0 -1
/package/dist/{DataTable-GUFUNZ3N.js.map → DataTable-WKRZD47S.js.map} +0 -0
/package/dist/{UnifiedAuthProvider-643PUAIM.js.map → UnifiedAuthProvider-FTSG5XH7.js.map} +0 -0
/package/dist/{api-YP7XD5L6.js.map → api-IHKALJZD.js.map} +0 -0
/package/dist/{chunk-HESYZWZW.js.map → chunk-QWWZ5CAQ.js.map} +0 -0

package/dist/{chunk-HEHYGYOX.js → chunk-ROXMHMY2.js} RENAMED Viewed

@@ -35,6 +35,15 @@ var OrganisationContextRequiredError = class extends RBACError {
     this.name = "OrganisationContextRequiredError";
   }
 };
+var EventContextRequiredError = class extends RBACError {
+  constructor() {
+    super(
+      "Event context is required for this operation",
+      "EVENT_CONTEXT_REQUIRED"
+    );
+    this.name = "EventContextRequiredError";
+  }
+};
 var RBACNotInitializedError = class extends RBACError {
   constructor() {
     super(
@@ -428,19 +437,32 @@ var RBACCacheInvalidationManager = class {
       log.warn("Failed to log cache invalidation audit event:", error);
     });
   }
+  /**
+   * Cleanup subscriptions only (not all callbacks)
+   * Used internally to cleanup before setting up new subscriptions
+   */
+  cleanupSubscriptions() {
+    this.channels.forEach((channel) => {
+      try {
+        if (channel && typeof channel.unsubscribe === "function") {
+          channel.unsubscribe();
+        }
+      } catch (error) {
+        log.warn("Failed to unsubscribe from channel:", error);
+      }
+    });
+    this.channels = [];
+  }
   /**
    * Setup realtime subscriptions for automatic cache invalidation
-   * Prevents duplicate subscriptions by checking if already set up
+   * Always cleans up existing subscriptions before setting up new ones to prevent duplicates
    */
   setupRealtimeSubscriptions() {
+    this.cleanupSubscriptions();
     if (!this.supabase.channel || typeof this.supabase.channel !== "function") {
       log.debug("Realtime not available, skipping subscriptions");
       return;
     }
-    if (this.channels.length > 0) {
-      log.debug("Realtime subscriptions already set up, skipping duplicate setup");
-      return;
-    }
     const orgRolesChannel = this.supabase.channel("rbac_organisation_roles_changes").on("postgres_changes", {
       event: "*",
       schema: "public",
@@ -672,8 +694,228 @@ function mapErrorCategoryToSecurityEventType(category) {
   }
 }
+// src/rbac/utils/eventContext.ts
+var orgDerivationCache = /* @__PURE__ */ new Map();
+var MAX_CACHE_SIZE = 100;
+async function getOrganisationFromEvent(supabase, eventId) {
+  if (orgDerivationCache.has(eventId)) {
+    return orgDerivationCache.get(eventId) ?? null;
+  }
+  const { data, error } = await supabase.from("core_events").select("organisation_id").eq("event_id", eventId).single();
+  let organisationId = null;
+  if (error || !data) {
+    organisationId = null;
+  } else if (data.organisation_id) {
+    organisationId = data.organisation_id;
+  } else {
+    organisationId = null;
+  }
+  if (orgDerivationCache.size >= MAX_CACHE_SIZE) {
+    const firstKey = orgDerivationCache.keys().next().value;
+    if (firstKey) {
+      orgDerivationCache.delete(firstKey);
+    }
+  }
+  orgDerivationCache.set(eventId, organisationId);
+  return organisationId;
+}
+// src/rbac/utils/contextValidator.ts
+var log2 = createLogger("ContextValidator");
+function allowsOptionalContexts(appName) {
+  return appName === "PORTAL" || appName === "ADMIN";
+}
+var ContextValidator = class {
+  /**
+   * Validate scope against app requirements
+   *
+   * @param scope - Current scope
+   * @param appConfig - App configuration (requires_event flag)
+   * @param appName - App name (for PORTAL/ADMIN special case)
+   * @returns Validation result with resolved scope
+   */
+  static async validateScope(scope, appConfig, appName) {
+    if (allowsOptionalContexts(appName)) {
+      return {
+        isValid: true,
+        resolvedScope: {
+          organisationId: scope.organisationId,
+          eventId: scope.eventId,
+          appId: scope.appId
+        },
+        error: null
+      };
+    }
+    if (!appConfig) {
+      if (!scope.organisationId) {
+        return {
+          isValid: false,
+          resolvedScope: null,
+          error: new OrganisationContextRequiredError()
+        };
+      }
+      return {
+        isValid: true,
+        resolvedScope: scope,
+        error: null
+      };
+    }
+    if (appConfig.requires_event) {
+      if (!scope.eventId) {
+        return {
+          isValid: false,
+          resolvedScope: null,
+          error: new EventContextRequiredError()
+        };
+      }
+      return {
+        isValid: true,
+        resolvedScope: scope,
+        error: null
+      };
+    }
+    if (!scope.organisationId) {
+      return {
+        isValid: false,
+        resolvedScope: null,
+        error: new OrganisationContextRequiredError()
+      };
+    }
+    return {
+      isValid: true,
+      resolvedScope: scope,
+      error: null
+    };
+  }
+  /**
+   * Resolve required context and derive missing values
+   *
+   * @param scope - Current scope
+   * @param appConfig - App configuration
+   * @param appName - App name (for PORTAL/ADMIN special case)
+   * @param supabase - Supabase client (for deriving org from event)
+   * @returns Resolved scope with all required context
+   */
+  static async resolveRequiredContext(scope, appConfig, appName, supabase) {
+    if (allowsOptionalContexts(appName)) {
+      return {
+        isValid: true,
+        resolvedScope: {
+          organisationId: scope.organisationId,
+          eventId: scope.eventId,
+          appId: scope.appId
+        },
+        error: null
+      };
+    }
+    if (!appConfig) {
+      if (!scope.organisationId) {
+        return {
+          isValid: false,
+          resolvedScope: null,
+          error: new OrganisationContextRequiredError()
+        };
+      }
+      return {
+        isValid: true,
+        resolvedScope: scope,
+        error: null
+      };
+    }
+    if (appConfig.requires_event) {
+      if (!scope.eventId) {
+        return {
+          isValid: false,
+          resolvedScope: null,
+          error: new EventContextRequiredError()
+        };
+      }
+      let organisationId = scope.organisationId;
+      if (!organisationId && supabase && scope.eventId) {
+        try {
+          const derivedOrgId = await this.deriveOrgFromEvent(supabase, scope.eventId);
+          organisationId = derivedOrgId || void 0;
+          if (!organisationId) {
+            return {
+              isValid: false,
+              resolvedScope: null,
+              error: new Error("Could not resolve organisation from event context")
+            };
+          }
+        } catch (error) {
+          log2.error("Failed to derive org from event:", error);
+          return {
+            isValid: false,
+            resolvedScope: null,
+            error: error instanceof Error ? error : new Error("Failed to derive organisation from event")
+          };
+        }
+      } else if (!organisationId) {
+        return {
+          isValid: false,
+          resolvedScope: null,
+          error: new Error("Event context requires organisationId but it could not be derived (supabase client not available)")
+        };
+      }
+      return {
+        isValid: true,
+        resolvedScope: {
+          organisationId,
+          eventId: scope.eventId,
+          appId: scope.appId
+        },
+        error: null
+      };
+    }
+    if (!scope.organisationId) {
+      return {
+        isValid: false,
+        resolvedScope: null,
+        error: new OrganisationContextRequiredError()
+      };
+    }
+    return {
+      isValid: true,
+      resolvedScope: scope,
+      error: null
+    };
+  }
+  /**
+   * Derive organisation ID from event ID
+   *
+   * @param supabase - Supabase client
+   * @param eventId - Event ID
+   * @returns Organisation ID or null
+   */
+  static async deriveOrgFromEvent(supabase, eventId) {
+    return getOrganisationFromEvent(supabase, eventId);
+  }
+  /**
+   * Check if context is ready for permission checks
+   *
+   * @param scope - Current scope
+   * @param appConfig - App configuration
+   * @param appName - App name
+   * @param hasSelectedEvent - Whether event is selected
+   * @param hasSelectedOrganisation - Whether organisation is selected
+   * @returns True if context is ready
+   */
+  static isContextReady(scope, appConfig, appName, hasSelectedEvent, hasSelectedOrganisation) {
+    if (allowsOptionalContexts(appName)) {
+      return true;
+    }
+    if (!appConfig) {
+      return !!hasSelectedOrganisation || !!scope.organisationId;
+    }
+    if (appConfig.requires_event) {
+      return !!hasSelectedEvent || !!scope.eventId;
+    }
+    return !!hasSelectedOrganisation || !!scope.organisationId;
+  }
+};
 // src/rbac/security.ts
-var log2 = createLogger("RBACSecurity");
+var log3 = createLogger("RBACSecurity");
 var RBACSecurityValidator = class {
   /**
    * Validate permission string format
@@ -782,19 +1024,13 @@ var RBACSecurityValidator = class {
   /**
    * Validate context requirements for security
    * @param scope - Scope object
-   * @param appId - Application ID
+   * @param appConfig - App configuration
+   * @param appName - App name (for PORTAL special case)
    * @returns True if context is valid, false otherwise
    */
-  static validateContextRequirements(scope, appId) {
-    if (!scope.organisationId) {
-      return false;
-    }
-    if (appId && scope.appId === appId) {
-      if (!scope.eventId) {
-        return false;
-      }
-    }
-    return true;
+  static async validateContextRequirements(scope, appConfig, appName) {
+    const validation = await ContextValidator.validateScope(scope, appConfig || null, appName);
+    return validation.isValid;
   }
   // Only warn once per 5 seconds per user
   static logSecurityEvent(event) {
@@ -813,7 +1049,7 @@ var RBACSecurityValidator = class {
           this.rateLimitWarningCount.set(event.userId, userWarning);
           return;
         } else {
-          log2.warn("Security event (throttled):", {
+          log3.warn("Security event (throttled):", {
             ...securityEvent,
             details: {
               ...securityEvent.details,
@@ -826,11 +1062,11 @@ var RBACSecurityValidator = class {
         }
       } else {
         this.rateLimitWarningCount.set(event.userId, { count: 0, lastWarning: now });
-        log2.warn("Security event:", securityEvent);
+        log3.warn("Security event:", securityEvent);
         return;
       }
     }
-    log2.warn("Security event:", securityEvent);
+    log3.warn("Security event:", securityEvent);
   }
   /**
    * Get severity level for security event
@@ -902,10 +1138,18 @@ var RBACSecurityMiddleware = class {
     if (!RBACSecurityValidator.validateUserId(context.userId)) {
       errors.push("Invalid user ID format");
     }
-    if (!context.organisationId) {
-      errors.push("Organisation ID is required");
-    } else if (!RBACSecurityValidator.validateUUID(context.organisationId)) {
-      errors.push("Invalid organisation ID format");
+    const isPagePermission = input.permission?.includes(":page.") || !!input.pageId;
+    const requiresOrgId = !isPagePermission;
+    if (requiresOrgId) {
+      if (!context.organisationId) {
+        errors.push("Organisation ID is required for resource-level permissions");
+      } else if (!RBACSecurityValidator.validateUUID(context.organisationId)) {
+        errors.push("Invalid organisation ID format");
+      }
+    } else {
+      if (context.organisationId && !RBACSecurityValidator.validateUUID(context.organisationId)) {
+        errors.push("Invalid organisation ID format");
+      }
     }
     if (input.permission && !RBACSecurityValidator.validatePermission(input.permission)) {
       errors.push("Invalid permission format");
@@ -1252,7 +1496,8 @@ var RBACEngine = class {
       return "super";
     }
     if (scope.organisationId) {
-      const { data: orgRole } = await this.supabase.from("rbac_organisation_roles").select("role").eq("user_id", userId).eq("organisation_id", scope.organisationId).eq("status", "active").is("revoked_at", null).lte("valid_from", now).or(`valid_to.is.null,valid_to.gte.${now}`).single();
+      const { data: orgRoles } = await this.supabase.from("rbac_organisation_roles").select("role").eq("user_id", userId).eq("organisation_id", scope.organisationId).eq("status", "active").is("revoked_at", null).lte("valid_from", now).or(`valid_to.is.null,valid_to.gte.${now}`).limit(1);
+      const orgRole = orgRoles?.[0];
       if (orgRole?.role === "org_admin") {
         rbacCache.set(cacheKey, "admin", 6e4);
         return "admin";
@@ -1598,6 +1843,7 @@ function generateDeduplicationKey(input) {
   return RBACCache.generatePermissionKey({
     userId: input.userId,
     organisationId: input.scope.organisationId,
+    // Can be undefined for page-level permissions
     eventId: input.scope.eventId,
     appId: input.scope.appId,
     permission: input.permission,
@@ -1624,7 +1870,7 @@ function getInFlightRequestCount() {
 }
 // src/rbac/api.ts
-var log3 = createLogger("RBACAPI");
+var log4 = createLogger("RBACAPI");
 var globalEngine = null;
 function setupRBAC(supabase, config) {
   const logger = getRBACLogger();
@@ -1662,37 +1908,116 @@ function getEngine() {
   }
   return globalEngine;
 }
-async function getAccessLevel(input) {
+async function getAccessLevel(input, appConfig, appName) {
   const engine = getEngine();
-  return engine.getAccessLevel(input);
+  const isSuperAdminUser = await engine["checkSuperAdmin"](input.userId);
+  if (isSuperAdminUser) {
+    return "super";
+  }
+  let resolvedAppConfig = appConfig ?? null;
+  let resolvedAppName = appName;
+  if (!resolvedAppConfig && input.scope.appId) {
+    resolvedAppConfig = await getAppConfig(input.scope.appId);
+  }
+  const validation = await ContextValidator.resolveRequiredContext(
+    input.scope,
+    resolvedAppConfig,
+    resolvedAppName,
+    engine["supabase"]
+  );
+  if (!validation.isValid || !validation.resolvedScope) {
+    throw validation.error || new OrganisationContextRequiredError();
+  }
+  return engine.getAccessLevel({
+    ...input,
+    scope: validation.resolvedScope
+  });
 }
-async function getPermissionMap(input) {
+async function getPermissionMap(input, appConfig, appName) {
   const engine = getEngine();
-  return engine.getPermissionMap(input);
+  let resolvedAppConfig = appConfig ?? null;
+  let resolvedAppName = appName;
+  if (!resolvedAppConfig && input.scope.appId) {
+    resolvedAppConfig = await getAppConfig(input.scope.appId);
+  }
+  const validation = await ContextValidator.resolveRequiredContext(
+    input.scope,
+    resolvedAppConfig,
+    resolvedAppName,
+    engine["supabase"]
+  );
+  if (!validation.isValid || !validation.resolvedScope) {
+    throw validation.error || new OrganisationContextRequiredError();
+  }
+  return engine.getPermissionMap({
+    ...input,
+    scope: validation.resolvedScope
+  });
 }
 async function resolveAppContext(input) {
   const engine = getEngine();
   return engine.resolveAppContext(input);
 }
-async function getRoleContext(input) {
+async function getRoleContext(input, appConfig, appName) {
   const engine = getEngine();
-  return engine.getRoleContext(input);
+  let resolvedAppConfig = appConfig ?? null;
+  let resolvedAppName = appName;
+  if (!resolvedAppConfig && input.scope.appId) {
+    resolvedAppConfig = await getAppConfig(input.scope.appId);
+  }
+  const validation = await ContextValidator.resolveRequiredContext(
+    input.scope,
+    resolvedAppConfig,
+    resolvedAppName,
+    engine["supabase"]
+  );
+  if (!validation.isValid || !validation.resolvedScope) {
+    throw validation.error || new OrganisationContextRequiredError();
+  }
+  return engine.getRoleContext({
+    ...input,
+    scope: validation.resolvedScope
+  });
 }
-async function isPermitted(input) {
+async function isPermitted(input, appConfig, appName) {
   const engine = getEngine();
-  if (!input.scope.organisationId) {
-    throw new OrganisationContextRequiredError();
+  let resolvedAppConfig = appConfig ?? null;
+  let resolvedAppName = appName;
+  if (!resolvedAppConfig && input.scope.appId) {
+    resolvedAppConfig = await getAppConfig(input.scope.appId);
   }
+  if (!resolvedAppName && input.scope.appId) {
+    try {
+      const { data } = await engine["supabase"].from("rbac_apps").select("name").eq("id", input.scope.appId).eq("is_active", true).single();
+      if (data) {
+        resolvedAppName = data.name;
+      }
+    } catch (err) {
+    }
+  }
+  const validation = await ContextValidator.resolveRequiredContext(
+    input.scope,
+    resolvedAppConfig,
+    resolvedAppName,
+    engine["supabase"]
+  );
+  if (!validation.isValid || !validation.resolvedScope) {
+    throw validation.error || new OrganisationContextRequiredError();
+  }
+  const validatedScope = validation.resolvedScope;
   const securityContext = {
     userId: input.userId,
-    organisationId: input.scope.organisationId,
-    // Required - no fallback
+    organisationId: validatedScope.organisationId || null,
     timestamp: /* @__PURE__ */ new Date()
     // Optional fields can be omitted
   };
-  return engine.isPermitted(input, securityContext);
+  const validatedInput = {
+    ...input,
+    scope: validatedScope
+  };
+  return engine.isPermitted(validatedInput, securityContext);
 }
-async function isPermittedCached(input) {
+async function isPermittedCached(input, appConfig, appName) {
   const { userId, scope, permission, pageId } = input;
   const cacheKey = RBACCache.generatePermissionKey({
     userId,
@@ -1707,7 +2032,7 @@ async function isPermittedCached(input) {
     return cached;
   }
   return getOrCreateRequest(input, async (checkInput) => {
-    const result = await isPermitted(checkInput);
+    const result = await isPermitted(checkInput, appConfig, appName);
     const isPageLevelCheck = !!pageId || permission.includes("page.");
     rbacCache.set(cacheKey, result, void 0, isPageLevelCheck);
     return result;
@@ -1747,18 +2072,48 @@ async function isSuperAdmin(userId) {
   return engine["checkSuperAdmin"](userId);
 }
 async function getAppConfig(appId) {
-  log3.warn("getAppConfig called without Supabase client - returning null");
-  return null;
+  try {
+    const engine = getEngine();
+    return getAppConfigWithClient(engine["supabase"], appId);
+  } catch (err) {
+    if (err instanceof RBACNotInitializedError) {
+      return null;
+    }
+    throw err;
+  }
 }
 async function getAppConfigWithClient(client, appId) {
+  if (!client) {
+    return null;
+  }
+  const cacheKey = `app_config:${appId}`;
+  const cached = rbacCache.get(cacheKey, true);
+  if (cached !== null) {
+    return cached;
+  }
+  try {
+    const { data, error } = await client.from("rbac_apps").select("requires_event, name").eq("id", appId).eq("is_active", true).single();
+    if (error || !data) {
+      return null;
+    }
+    const appConfig = { requires_event: data.requires_event ?? false };
+    rbacCache.set(cacheKey, appConfig, 5 * 60 * 1e3, true);
+    return appConfig;
+  } catch (err) {
+    log4.error("Error fetching app config:", err);
+    return null;
+  }
+}
+async function getAppConfigByName(appName) {
+  const engine = getEngine();
   try {
-    const { data, error } = await client.from("rbac_apps").select("requires_event").eq("id", appId).eq("is_active", true).single();
+    const { data, error } = await engine["supabase"].from("rbac_apps").select("requires_event, name").eq("name", appName).eq("is_active", true).single();
     if (error || !data) {
       return null;
     }
-    return { requires_event: data.requires_event };
+    return { requires_event: data.requires_event ?? false };
   } catch (err) {
-    log3.error("Error fetching app config:", err);
+    log4.error("Error fetching app config by name:", err);
     return null;
   }
 }
@@ -1807,6 +2162,7 @@ export {
   RBACCache,
   rbacCache,
   CACHE_PATTERNS,
+  ContextValidator,
   createRBACConfig,
   getRBACConfig,
   getRBACLogger,
@@ -1837,6 +2193,7 @@ export {
   isSuperAdmin,
   getAppConfig,
   getAppConfigWithClient,
+  getAppConfigByName,
   isOrganisationAdmin,
   isEventAdmin,
   invalidateUserCache,
@@ -1845,4 +2202,4 @@ export {
   invalidateAppCache,
   clearCache
 };
-//# sourceMappingURL=chunk-HEHYGYOX.js.map
+//# sourceMappingURL=chunk-ROXMHMY2.js.map