@jmruthers/pace-core 0.5.190 → 0.5.193

package/dist/chunk-I7PSE6JW 5.js

@@ -0,0 +1,191 @@
+import {
+  createLogger
+} from "./chunk-PWLANIRT.js";
+import {
+  __require
+} from "./chunk-7D4SUZUM.js";
+
+// src/utils/app/appNameResolver.ts
+var log = createLogger("AppNameResolver");
+function getAppNameFromPackageJson() {
+  if (typeof window === "undefined" && typeof __require !== "undefined") {
+    try {
+      const fs = __require("fs");
+      const path = __require("path");
+      const possiblePaths = [
+        // Only use process.cwd() if we're in a Node.js environment
+        ...typeof process !== "undefined" && process.cwd ? [path.join(process.cwd(), "package.json")] : [],
+        path.join(__dirname, "../../package.json"),
+        path.join(__dirname, "../../../package.json")
+      ];
+      for (const packagePath of possiblePaths) {
+        try {
+          if (fs.existsSync(packagePath)) {
+            const packageJsonContent = fs.readFileSync(packagePath, "utf8");
+            const packageJson = JSON.parse(packageJsonContent);
+            if (packageJson.name) {
+              const name = packageJson.name.split("/").pop() || packageJson.name;
+              return name;
+            }
+          }
+        } catch (error) {
+          continue;
+        }
+      }
+    } catch (error) {
+      log.warn("Could not read app name from package.json:", error);
+    }
+  }
+  return null;
+}
+function getAppNameFromBuildTime() {
+  if (typeof window !== "undefined") {
+    try {
+      const buildTimeEnv = globalThis.__RBAC_APP_NAME__;
+      if (buildTimeEnv && buildTimeEnv.trim()) {
+        return buildTimeEnv.trim();
+      }
+    } catch (error) {
+    }
+  }
+  return null;
+}
+function getAppNameFromGlobal() {
+  if (typeof window !== "undefined") {
+    try {
+      const globalAppName = globalThis.RBAC_APP_NAME;
+      if (globalAppName && globalAppName.trim()) {
+        return globalAppName.trim();
+      }
+    } catch (error) {
+    }
+  }
+  return null;
+}
+function getAppNameFromEnvironment() {
+  const envVars = [
+    "VITE_APP_NAME",
+    "REACT_APP_NAME",
+    "NEXT_PUBLIC_APP_NAME",
+    "APP_NAME",
+    "NODE_APP_NAME"
+  ];
+  for (const envVar of envVars) {
+    const value = import.meta.env[envVar];
+    if (value && value.trim()) {
+      return value.trim();
+    }
+  }
+  return null;
+}
+function getCurrentAppName() {
+  const globalName = getAppNameFromGlobal();
+  if (globalName) {
+    return globalName;
+  }
+  const buildTimeName = getAppNameFromBuildTime();
+  if (buildTimeName) {
+    return buildTimeName;
+  }
+  const packageJsonName = getAppNameFromPackageJson();
+  if (packageJsonName) {
+    return packageJsonName;
+  }
+  const envName = getAppNameFromEnvironment();
+  if (envName) {
+    return envName;
+  }
+  return null;
+}
+function setRBACAppName(appName) {
+  if (typeof window !== "undefined") {
+    globalThis.RBAC_APP_NAME = appName.trim();
+  }
+}
+function getCurrentAppNameWithFallback(fallback = "default-app") {
+  return getCurrentAppName() || fallback;
+}
+
+// src/utils/performance/performanceBudgets.ts
+var PERFORMANCE_BUDGETS = {
+  COMPONENT_RENDER: { threshold: 50 },
+  BUNDLE_SIZE: { threshold: 15e4 },
+  CHUNK_COUNT: { threshold: 10 },
+  TREESHAKING_SCORE: { threshold: 70 },
+  ERROR_BOUNDARY_TRIGGER: { threshold: 5 },
+  MEMORY_INCREASE: { threshold: 1e3 },
+  LARGE_LIST_RENDER: { threshold: 500 }
+};
+var PerformanceBudgetMonitor = class {
+  constructor() {
+    this.metrics = /* @__PURE__ */ new Map();
+    this.budgets = [];
+  }
+  measure(metric, value, metadata) {
+    this.metrics.set(metric, value);
+    if (import.meta.env.MODE === "development" || import.meta.env.MODE === "test" || false) {
+      console.log("\u{1F4CA} Performance Metric: " + metric + " = " + value, metadata);
+    }
+    const budgetConfig = PERFORMANCE_BUDGETS[metric];
+    const threshold = budgetConfig?.threshold || 100;
+    const passed = value <= threshold;
+    return {
+      passed,
+      value,
+      threshold
+    };
+  }
+  setBudget(metric, budget, threshold = "warning") {
+    this.budgets.push({ metric, budget, actual: 0, threshold });
+  }
+  checkBudgets() {
+    const violations = [];
+    for (const budget of this.budgets) {
+      const actual = this.metrics.get(budget.metric) || 0;
+      budget.actual = actual;
+      if (actual > budget.budget) {
+        violations.push(budget);
+        if (import.meta.env.MODE === "development" || import.meta.env.MODE === "test" || false) {
+          if (budget.threshold === "error") {
+            console.error("\u274C Performance budget exceeded: " + budget.metric + " (" + actual + " > " + budget.budget + ")");
+          } else if (budget.threshold === "warning") {
+            console.warn("\u26A0\uFE0F Performance budget exceeded: " + budget.metric + " (" + actual + " > " + budget.budget + ")");
+          } else {
+            console.info("\u2139\uFE0F Performance budget exceeded: " + budget.metric + " (" + actual + " > " + budget.budget + ")");
+          }
+        }
+      }
+    }
+    return violations;
+  }
+  getMetrics() {
+    return {
+      bundleSize: this.metrics.get("BUNDLE_SIZE") || 0,
+      chunkCount: this.metrics.get("CHUNK_COUNT") || 0,
+      treeshakingEffectiveness: this.metrics.get("TREESHAKING_SCORE") || 0,
+      dynamicImportUsage: this.metrics.get("DYNAMIC_IMPORTS") || 0
+    };
+  }
+  reset() {
+    this.metrics.clear();
+    this.budgets.length = 0;
+  }
+};
+var performanceBudgetMonitor = new PerformanceBudgetMonitor();
+performanceBudgetMonitor.setBudget("BUNDLE_SIZE", 15e4, "error");
+performanceBudgetMonitor.setBudget("CHUNK_COUNT", 10, "warning");
+performanceBudgetMonitor.setBudget("TREESHAKING_SCORE", 70, "warning");
+performanceBudgetMonitor.setBudget("ERROR_BOUNDARY_TRIGGER", 5, "error");
+
+export {
+  getAppNameFromPackageJson,
+  getAppNameFromBuildTime,
+  getAppNameFromGlobal,
+  getAppNameFromEnvironment,
+  getCurrentAppName,
+  setRBACAppName,
+  getCurrentAppNameWithFallback,
+  PERFORMANCE_BUDGETS,
+  performanceBudgetMonitor
+};
+//# sourceMappingURL=chunk-I7PSE6JW.js.map

package/dist/chunk-I7PSE6JW.js 2.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/utils/app/appNameResolver.ts","../src/utils/performance/performanceBudgets.ts"],"sourcesContent":["/**\n * Utility to resolve the current app name from various sources\n * Priority: package.json > environment variables > fallback\n */\n\nimport { createLogger } from '../core/logger';\n\nconst log = createLogger('AppNameResolver');\n\ninterface PackageJson {\n  name: string;\n  [key: string]: unknown;\n}\n\n/**\n * Get the app name from package.json at build time\n * This works by reading package.json during the build process\n */\nexport function getAppNameFromPackageJson(): string | null {\n  // Check if we're in a Node.js environment (build time)\n  if (typeof window === 'undefined' && typeof require !== 'undefined') {\n    try {\n      // Try to read package.json from the current working directory\n      // This works in most Node.js environments\n      const fs = require('fs');\n      const path = require('path');\n      \n      // Look for package.json in common locations\n      const possiblePaths = [\n        // Only use process.cwd() if we're in a Node.js environment\n        ...(typeof process !== 'undefined' && process.cwd ? [path.join(process.cwd(), 'package.json')] : []),\n        path.join(__dirname, '../../package.json'),\n        path.join(__dirname, '../../../package.json'),\n      ];\n      \n      for (const packagePath of possiblePaths) {\n        try {\n          if (fs.existsSync(packagePath)) {\n            const packageJsonContent = fs.readFileSync(packagePath, 'utf8');\n            const packageJson: PackageJson = JSON.parse(packageJsonContent);\n            \n            if (packageJson.name) {\n              // Extract the app name from the package name\n              // Handle scoped packages like @org/app-name\n              const name = packageJson.name.split('/').pop() || packageJson.name;\n              return name;\n            }\n          }\n        } catch (error) {\n          // Continue to next path\n          continue;\n        }\n      }\n    } catch (error) {\n      // package.json not found or not readable\n      log.warn('Could not read app name from package.json:', error);\n    }\n  }\n  \n  // In browser environments, we can't read package.json\n  // This will fall back to environment variables\n  return null;\n}\n\n/**\n * Get the app name from build-time injected variables\n * This is the preferred method for browser environments\n */\nexport function getAppNameFromBuildTime(): string | null {\n  // Check for build-time injected app name\n  // This would be set by the build process reading package.json\n  if (typeof window !== 'undefined') {\n    // Try to access build-time injected variables\n    try {\n      // @ts-ignore - These are injected at build time\n      const buildTimeEnv = (globalThis as any).__RBAC_APP_NAME__;\n      if (buildTimeEnv && buildTimeEnv.trim()) {\n        return buildTimeEnv.trim();\n      }\n    } catch (error) {\n      // Build-time injection not available\n    }\n  }\n  \n  return null;\n}\n\n/**\n * Get the app name from a global variable set by the consuming app\n * This is the simplest approach for browser environments\n */\nexport function getAppNameFromGlobal(): string | null {\n  if (typeof window !== 'undefined') {\n    // Check for global app name set by consuming app\n    try {\n      // @ts-ignore - This is set by the consuming app\n      const globalAppName = (globalThis as any).RBAC_APP_NAME;\n      if (globalAppName && globalAppName.trim()) {\n        return globalAppName.trim();\n      }\n    } catch (error) {\n      // Global variable not set\n    }\n  }\n  \n  return null;\n}\n\n/**\n * Get the app name from environment variables\n * Fallback method for when package.json is not available\n */\nexport function getAppNameFromEnvironment(): string | null {\n  // Try different environment variable patterns used by various frameworks\n  const envVars = [\n    'VITE_APP_NAME',\n    'REACT_APP_NAME', \n    'NEXT_PUBLIC_APP_NAME',\n    'APP_NAME',\n    'NODE_APP_NAME'\n  ];\n  \n  for (const envVar of envVars) {\n    const value = import.meta.env[envVar];\n    if (value && value.trim()) {\n      return value.trim();\n    }\n  }\n  \n  return null;\n}\n\n/**\n * Get the current app name from the most reliable source\n * Priority: global variable > build-time injection > package.json > environment variables > null\n */\nexport function getCurrentAppName(): string | null {\n  // First try global variable (set by consuming app)\n  const globalName = getAppNameFromGlobal();\n  if (globalName) {\n    return globalName;\n  }\n  \n  // Then try build-time injection (most reliable for browser)\n  const buildTimeName = getAppNameFromBuildTime();\n  if (buildTimeName) {\n    return buildTimeName;\n  }\n  \n  // Then try package.json (works in Node.js environments)\n  const packageJsonName = getAppNameFromPackageJson();\n  if (packageJsonName) {\n    return packageJsonName;\n  }\n  \n  // Fallback to environment variables\n  const envName = getAppNameFromEnvironment();\n  if (envName) {\n    return envName;\n  }\n  \n  return null;\n}\n\n/**\n * Set the app name globally for RBAC resolution\n * Call this in your app's main entry point (e.g., main.tsx, index.tsx)\n * \n * @param appName - The app name from your package.json\n * \n * @example\n * ```tsx\n * // In your main.tsx or index.tsx\n * import { setRBACAppName } from '@jmruthers/pace-core/utils';\n * \n * // Set the app name from package.json\n * setRBACAppName('CAKE');\n * \n * // Rest of your app setup...\n * ```\n */\nexport function setRBACAppName(appName: string): void {\n  if (typeof window !== 'undefined') {\n    // @ts-ignore - Setting global variable\n    (globalThis as any).RBAC_APP_NAME = appName.trim();\n  }\n}\n\n/**\n * Get the app name with fallback to a default\n * Useful when you need a guaranteed app name\n */\nexport function getCurrentAppNameWithFallback(fallback: string = 'default-app'): string {\n  return getCurrentAppName() || fallback;\n}\n","\ninterface PerformanceBudget {\n  metric: string;\n  budget: number;\n  actual: number;\n  threshold: 'error' | 'warning' | 'info';\n}\n\ninterface PerformanceMetrics {\n  bundleSize: number;\n  chunkCount: number;\n  treeshakingEffectiveness: number;\n  dynamicImportUsage: number;\n}\n\ninterface MeasurementResult {\n  passed: boolean;\n  value: number;\n  threshold: number;\n}\n\n// Performance budget thresholds with index signature\nexport const PERFORMANCE_BUDGETS: { [key: string]: { threshold: number } } = {\n  COMPONENT_RENDER: { threshold: 50 },\n  BUNDLE_SIZE: { threshold: 150000 },\n  CHUNK_COUNT: { threshold: 10 },\n  TREESHAKING_SCORE: { threshold: 70 },\n  ERROR_BOUNDARY_TRIGGER: { threshold: 5 },\n  MEMORY_INCREASE: { threshold: 1000 },\n  LARGE_LIST_RENDER: { threshold: 500 },\n} as const;\n\nclass PerformanceBudgetMonitor {\n  private metrics: Map<string, number> = new Map();\n  private budgets: PerformanceBudget[] = [];\n\n  measure(metric: string, value: number, metadata?: Record<string, unknown>): MeasurementResult {\n    this.metrics.set(metric, value);\n    \n    // In production, this would send to a proper logging service\n    // For now, we'll log to console for testing purposes\n    if (import.meta.env.MODE === 'development' || import.meta.env.MODE === 'test' || process.env.NODE_ENV === 'test') {\n      console.log('📊 Performance Metric: ' + metric + ' = ' + value, metadata);\n    }\n\n    // Get threshold for this metric\n    const budgetConfig = PERFORMANCE_BUDGETS[metric];\n    const threshold = budgetConfig?.threshold || 100;\n    const passed = value <= threshold;\n\n    return {\n      passed,\n      value,\n      threshold\n    };\n  }\n\n  setBudget(metric: string, budget: number, threshold: 'error' | 'warning' | 'info' = 'warning'): void {\n    this.budgets.push({ metric, budget, actual: 0, threshold });\n  }\n\n  checkBudgets(): PerformanceBudget[] {\n    const violations: PerformanceBudget[] = [];\n    \n    for (const budget of this.budgets) {\n      const actual = this.metrics.get(budget.metric) || 0;\n      budget.actual = actual;\n      \n      if (actual > budget.budget) {\n        violations.push(budget);\n        \n        // In production, this would send to a proper logging service\n        // For now, we'll log to console for testing purposes\n        if (import.meta.env.MODE === 'development' || import.meta.env.MODE === 'test' || process.env.NODE_ENV === 'test') {\n          if (budget.threshold === 'error') {\n            console.error('❌ Performance budget exceeded: ' + budget.metric + ' (' + actual + ' > ' + budget.budget + ')');\n          } else if (budget.threshold === 'warning') {\n            console.warn('⚠️ Performance budget exceeded: ' + budget.metric + ' (' + actual + ' > ' + budget.budget + ')');\n          } else {\n            console.info('ℹ️ Performance budget exceeded: ' + budget.metric + ' (' + actual + ' > ' + budget.budget + ')');\n          }\n        }\n      }\n    }\n    \n    return violations;\n  }\n\n  getMetrics(): PerformanceMetrics {\n    return {\n      bundleSize: this.metrics.get('BUNDLE_SIZE') || 0,\n      chunkCount: this.metrics.get('CHUNK_COUNT') || 0,\n      treeshakingEffectiveness: this.metrics.get('TREESHAKING_SCORE') || 0,\n      dynamicImportUsage: this.metrics.get('DYNAMIC_IMPORTS') || 0,\n    };\n  }\n\n  reset(): void {\n    this.metrics.clear();\n    this.budgets.length = 0;\n  }\n}\n\nexport const performanceBudgetMonitor = new PerformanceBudgetMonitor();\n\n// Set default performance budgets\nperformanceBudgetMonitor.setBudget('BUNDLE_SIZE', 150000, 'error'); // 150KB\nperformanceBudgetMonitor.setBudget('CHUNK_COUNT', 10, 'warning');\nperformanceBudgetMonitor.setBudget('TREESHAKING_SCORE', 70, 'warning');\nperformanceBudgetMonitor.setBudget('ERROR_BOUNDARY_TRIGGER', 5, 'error');\n"],"mappings":";;;;;;;;AAOA,IAAM,MAAM,aAAa,iBAAiB;AAWnC,SAAS,4BAA2C;AAEzD,MAAI,OAAO,WAAW,eAAe,OAAO,cAAY,aAAa;AACnE,QAAI;AAGF,YAAM,KAAK,UAAQ,IAAI;AACvB,YAAM,OAAO,UAAQ,MAAM;AAG3B,YAAM,gBAAgB;AAAA;AAAA,QAEpB,GAAI,OAAO,YAAY,eAAe,QAAQ,MAAM,CAAC,KAAK,KAAK,QAAQ,IAAI,GAAG,cAAc,CAAC,IAAI,CAAC;AAAA,QAClG,KAAK,KAAK,WAAW,oBAAoB;AAAA,QACzC,KAAK,KAAK,WAAW,uBAAuB;AAAA,MAC9C;AAEA,iBAAW,eAAe,eAAe;AACvC,YAAI;AACF,cAAI,GAAG,WAAW,WAAW,GAAG;AAC9B,kBAAM,qBAAqB,GAAG,aAAa,aAAa,MAAM;AAC9D,kBAAM,cAA2B,KAAK,MAAM,kBAAkB;AAE9D,gBAAI,YAAY,MAAM;AAGpB,oBAAM,OAAO,YAAY,KAAK,MAAM,GAAG,EAAE,IAAI,KAAK,YAAY;AAC9D,qBAAO;AAAA,YACT;AAAA,UACF;AAAA,QACF,SAAS,OAAO;AAEd;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AAEd,UAAI,KAAK,8CAA8C,KAAK;AAAA,IAC9D;AAAA,EACF;AAIA,SAAO;AACT;AAMO,SAAS,0BAAyC;AAGvD,MAAI,OAAO,WAAW,aAAa;AAEjC,QAAI;AAEF,YAAM,eAAgB,WAAmB;AACzC,UAAI,gBAAgB,aAAa,KAAK,GAAG;AACvC,eAAO,aAAa,KAAK;AAAA,MAC3B;AAAA,IACF,SAAS,OAAO;AAAA,IAEhB;AAAA,EACF;AAEA,SAAO;AACT;AAMO,SAAS,uBAAsC;AACpD,MAAI,OAAO,WAAW,aAAa;AAEjC,QAAI;AAEF,YAAM,gBAAiB,WAAmB;AAC1C,UAAI,iBAAiB,cAAc,KAAK,GAAG;AACzC,eAAO,cAAc,KAAK;AAAA,MAC5B;AAAA,IACF,SAAS,OAAO;AAAA,IAEhB;AAAA,EACF;AAEA,SAAO;AACT;AAMO,SAAS,4BAA2C;AAEzD,QAAM,UAAU;AAAA,IACd;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,aAAW,UAAU,SAAS;AAC5B,UAAM,QAAQ,YAAY,IAAI,MAAM;AACpC,QAAI,SAAS,MAAM,KAAK,GAAG;AACzB,aAAO,MAAM,KAAK;AAAA,IACpB;AAAA,EACF;AAEA,SAAO;AACT;AAMO,SAAS,oBAAmC;AAEjD,QAAM,aAAa,qBAAqB;AACxC,MAAI,YAAY;AACd,WAAO;AAAA,EACT;AAGA,QAAM,gBAAgB,wBAAwB;AAC9C,MAAI,eAAe;AACjB,WAAO;AAAA,EACT;AAGA,QAAM,kBAAkB,0BAA0B;AAClD,MAAI,iBAAiB;AACnB,WAAO;AAAA,EACT;AAGA,QAAM,UAAU,0BAA0B;AAC1C,MAAI,SAAS;AACX,WAAO;AAAA,EACT;AAEA,SAAO;AACT;AAmBO,SAAS,eAAe,SAAuB;AACpD,MAAI,OAAO,WAAW,aAAa;AAEjC,IAAC,WAAmB,gBAAgB,QAAQ,KAAK;AAAA,EACnD;AACF;AAMO,SAAS,8BAA8B,WAAmB,eAAuB;AACtF,SAAO,kBAAkB,KAAK;AAChC;;;AC5KO,IAAM,sBAAgE;AAAA,EAC3E,kBAAkB,EAAE,WAAW,GAAG;AAAA,EAClC,aAAa,EAAE,WAAW,KAAO;AAAA,EACjC,aAAa,EAAE,WAAW,GAAG;AAAA,EAC7B,mBAAmB,EAAE,WAAW,GAAG;AAAA,EACnC,wBAAwB,EAAE,WAAW,EAAE;AAAA,EACvC,iBAAiB,EAAE,WAAW,IAAK;AAAA,EACnC,mBAAmB,EAAE,WAAW,IAAI;AACtC;AAEA,IAAM,2BAAN,MAA+B;AAAA,EAA/B;AACE,SAAQ,UAA+B,oBAAI,IAAI;AAC/C,SAAQ,UAA+B,CAAC;AAAA;AAAA,EAExC,QAAQ,QAAgB,OAAe,UAAuD;AAC5F,SAAK,QAAQ,IAAI,QAAQ,KAAK;AAI9B,QAAI,YAAY,IAAI,SAAS,iBAAiB,YAAY,IAAI,SAAS,UAAU,OAAiC;AAChH,cAAQ,IAAI,mCAA4B,SAAS,QAAQ,OAAO,QAAQ;AAAA,IAC1E;AAGA,UAAM,eAAe,oBAAoB,MAAM;AAC/C,UAAM,YAAY,cAAc,aAAa;AAC7C,UAAM,SAAS,SAAS;AAExB,WAAO;AAAA,MACL;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,UAAU,QAAgB,QAAgB,YAA0C,WAAiB;AACnG,SAAK,QAAQ,KAAK,EAAE,QAAQ,QAAQ,QAAQ,GAAG,UAAU,CAAC;AAAA,EAC5D;AAAA,EAEA,eAAoC;AAClC,UAAM,aAAkC,CAAC;AAEzC,eAAW,UAAU,KAAK,SAAS;AACjC,YAAM,SAAS,KAAK,QAAQ,IAAI,OAAO,MAAM,KAAK;AAClD,aAAO,SAAS;AAEhB,UAAI,SAAS,OAAO,QAAQ;AAC1B,mBAAW,KAAK,MAAM;AAItB,YAAI,YAAY,IAAI,SAAS,iBAAiB,YAAY,IAAI,SAAS,UAAU,OAAiC;AAChH,cAAI,OAAO,cAAc,SAAS;AAChC,oBAAQ,MAAM,yCAAoC,OAAO,SAAS,OAAO,SAAS,QAAQ,OAAO,SAAS,GAAG;AAAA,UAC/G,WAAW,OAAO,cAAc,WAAW;AACzC,oBAAQ,KAAK,+CAAqC,OAAO,SAAS,OAAO,SAAS,QAAQ,OAAO,SAAS,GAAG;AAAA,UAC/G,OAAO;AACL,oBAAQ,KAAK,+CAAqC,OAAO,SAAS,OAAO,SAAS,QAAQ,OAAO,SAAS,GAAG;AAAA,UAC/G;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,aAAiC;AAC/B,WAAO;AAAA,MACL,YAAY,KAAK,QAAQ,IAAI,aAAa,KAAK;AAAA,MAC/C,YAAY,KAAK,QAAQ,IAAI,aAAa,KAAK;AAAA,MAC/C,0BAA0B,KAAK,QAAQ,IAAI,mBAAmB,KAAK;AAAA,MACnE,oBAAoB,KAAK,QAAQ,IAAI,iBAAiB,KAAK;AAAA,IAC7D;AAAA,EACF;AAAA,EAEA,QAAc;AACZ,SAAK,QAAQ,MAAM;AACnB,SAAK,QAAQ,SAAS;AAAA,EACxB;AACF;AAEO,IAAM,2BAA2B,IAAI,yBAAyB;AAGrE,yBAAyB,UAAU,eAAe,MAAQ,OAAO;AACjE,yBAAyB,UAAU,eAAe,IAAI,SAAS;AAC/D,yBAAyB,UAAU,qBAAqB,IAAI,SAAS;AACrE,yBAAyB,UAAU,0BAA0B,GAAG,OAAO;","names":[]}

package/dist/{chunk-Y4BUBBHD.js → chunk-IIELH4DL.js}

@@ -1,11 +1,11 @@
 import {
   useEventService,
+  useOrganisations,
   useUnifiedAuth
-} from "./chunk-J2XXC7R5.js";
+} from "./chunk-7FLMSG37.js";
 import {
-  ContextValidator,
-  isSuperAdmin
-} from "./chunk-RUYZKXOD.js";
+  ContextValidator
+} from "./chunk-KNC55RTG.js";
 import {
   getCurrentAppName,
   performanceBudgetMonitor
@@ -114,30 +114,45 @@ function useResolvedScope({
         let appConfig = null;
         if (supabase && appName2) {
           try {
-            const cached = appConfigCache.get(appName2);
-            const now = Date.now();
-            if (cached && now - cached.timestamp < CACHE_TTL) {
-              appId = cached.appId;
-              appConfig = cached.appConfig;
+            const { data: session } = await supabase.auth.getSession();
+            if (!session?.session) {
+              log.debug(`Skipping app resolution for "${appName2}" - user not authenticated`);
             } else {
-              const { data: app, error: error2 } = await supabase.from("rbac_apps").select("id, name, requires_event, is_active").eq("name", appName2).eq("is_active", true).single();
-              if (error2) {
-                const { data: inactiveApp } = await supabase.from("rbac_apps").select("id, name, is_active").eq("name", appName2).single();
-                if (inactiveApp) {
-                  log.error(`App "${appName2}" exists but is inactive (is_active: ${inactiveApp.is_active})`);
-                  appId = void 0;
-                } else {
-                  log.error(`App "${appName2}" not found in rbac_apps table`);
-                  appId = void 0;
+              const cached = appConfigCache.get(appName2);
+              const now = Date.now();
+              if (cached && now - cached.timestamp < CACHE_TTL) {
+                appId = cached.appId;
+                appConfig = cached.appConfig;
+              } else {
+                const { data: app, error: error2 } = await supabase.from("rbac_apps").select("id, name, requires_event, is_active").eq("name", appName2).eq("is_active", true).single();
+                if (error2) {
+                  if (error2.code === "406" || error2.code === "PGRST116" || error2.message?.includes("406")) {
+                    log.debug(`App resolution blocked by RLS for "${appName2}" - user may not be authenticated`);
+                    appId = void 0;
+                  } else {
+                    const { data: inactiveApp } = await supabase.from("rbac_apps").select("id, name, is_active").eq("name", appName2).single();
+                    if (inactiveApp) {
+                      log.error(`App "${appName2}" exists but is inactive (is_active: ${inactiveApp.is_active})`);
+                      appId = void 0;
+                    } else {
+                      log.error(`App "${appName2}" not found in rbac_apps table`, { error: error2 });
+                      appId = void 0;
+                    }
+                  }
+                } else if (app) {
+                  appId = app.id;
+                  appConfig = { requires_event: app.requires_event ?? false };
+                  appConfigCache.set(appName2, { appId, appConfig, timestamp: now });
                 }
-              } else if (app) {
-                appId = app.id;
-                appConfig = { requires_event: app.requires_event ?? false };
-                appConfigCache.set(appName2, { appId, appConfig, timestamp: now });
               }
             }
           } catch (error2) {
-            log.error("Unexpected error resolving app config:", error2);
+            const errorMessage = error2 instanceof Error ? error2.message : String(error2);
+            if (!errorMessage.includes("406") && !errorMessage.includes("PGRST116")) {
+              log.error("Unexpected error resolving app config:", error2);
+            } else {
+              log.debug("App resolution skipped - authentication required");
+            }
           }
         }
         const initialScope = {
@@ -399,7 +414,6 @@ function PublicPageProvider({ children, appName }) {
       return null;
     }
     const client = createClient(supabaseUrl, supabaseKey);
-    logger.info("PublicPageProvider", "Supabase client created successfully for public pages");
     return client;
   }, [supabaseUrl, supabaseKey]);
   const contextValue = {
@@ -481,124 +495,185 @@ function useAppConfig() {
   }
 }
 
-// src/rbac/hooks/useSuperAdminBypass.ts
-import { useEffect as useEffect2, useMemo as useMemo5, useRef as useRef3, useState as useState2 } from "react";
-
-// src/utils/context/superAdminOverride.ts
-var log2 = createLogger("superAdminOverride");
-async function setSuperAdminOverrideFlag({
-  supabase,
-  enabled,
-  reason = "client_request"
-}) {
-  if (!supabase) {
-    return;
-  }
-  try {
-    const { error } = await supabase.rpc("set_super_admin_override", {
-      p_enabled: enabled,
-      p_reason: reason
-    });
-    if (error) {
-      log2.error("Failed to toggle super admin override", {
-        enabled,
-        reason,
-        error: error.message
-      });
-    } else {
-      log2.debug("Super admin override flag updated", { enabled, reason });
-    }
-  } catch (rpcError) {
-    log2.error("Unexpected error toggling super admin override", {
-      enabled,
-      reason,
-      error: rpcError instanceof Error ? rpcError.message : rpcError
-    });
-  }
-}
-
-// src/rbac/hooks/useSuperAdminBypass.ts
-var log3 = createLogger("useSuperAdminBypass");
-function useSafeUnifiedAuth() {
-  try {
-    return useUnifiedAuth();
-  } catch (error) {
-    log3.debug("useSuperAdminBypass", "UnifiedAuthProvider not available, falling back to defaults", {
-      error: error instanceof Error ? error.message : error
-    });
-    return null;
-  }
-}
-function useSuperAdminBypass() {
-  const authContext = useSafeUnifiedAuth();
-  const user = authContext?.user ?? null;
-  const supabase = authContext?.supabase ?? null;
-  const metadataHint = Boolean(user?.app_metadata?.is_super_admin) || Boolean(user?.user_metadata?.is_super_admin);
-  const [isSuperAdminState, setIsSuperAdminState] = useState2(metadataHint);
-  const [hasVerified, setHasVerified] = useState2(!user?.id);
-  const [isLoading, setIsLoading] = useState2(!!user?.id);
-  const [error, setError] = useState2(null);
-  const lastOverrideValueRef = useRef3(null);
+// src/hooks/useOrganisationSecurity.ts
+import { useCallback, useMemo as useMemo5, useEffect as useEffect2, useState as useState2 } from "react";
+var useOrganisationSecurity = () => {
+  const { user, session, supabase } = useUnifiedAuth();
+  const { selectedOrganisation, getUserRole, validateOrganisationAccess: validateAccess } = useOrganisations();
+  const [isSuperAdmin, setIsSuperAdmin] = useState2(false);
+  const [isCheckingSuperAdmin, setIsCheckingSuperAdmin] = useState2(false);
   useEffect2(() => {
-    if (!user?.id) {
-      setIsSuperAdminState(false);
-      setHasVerified(true);
-      setIsLoading(false);
-      setError(null);
+    if (!user || !session || !supabase) {
+      setIsSuperAdmin(false);
       return;
     }
-    let cancelled = false;
-    setIsLoading(true);
-    setError(null);
-    isSuperAdmin(user.id).then((result) => {
-      if (cancelled) {
-        return;
+    const checkSuperAdmin = async () => {
+      setIsCheckingSuperAdmin(true);
+      try {
+        const now = (/* @__PURE__ */ new Date()).toISOString();
+        const { data, error } = await supabase.from("rbac_global_roles").select("role").eq("user_id", user.id).eq("role", "super_admin").lte("valid_from", now).or(`valid_to.is.null,valid_to.gte.${now}`).limit(1);
+        setIsSuperAdmin(!error && data && data.length > 0);
+      } catch (error) {
+        logger.error("useOrganisationSecurity", "Error checking super admin status:", error);
+        setIsSuperAdmin(false);
+      } finally {
+        setIsCheckingSuperAdmin(false);
       }
-      setIsSuperAdminState(result);
-      setHasVerified(true);
-    }).catch((err) => {
-      if (cancelled) {
-        return;
+    };
+    checkSuperAdmin();
+  }, [user, session, supabase]);
+  const superAdminContext = useMemo5(() => {
+    return {
+      isSuperAdmin,
+      hasGlobalAccess: isSuperAdmin,
+      canManageAllOrganisations: isSuperAdmin
+    };
+  }, [isSuperAdmin]);
+  const validateOrganisationAccess = useCallback(async (orgId) => {
+    if (!user || !session || !supabase) return false;
+    try {
+      if (superAdminContext.isSuperAdmin) {
+        return true;
       }
-      const normalisedError = err instanceof Error ? err : new Error("Failed to resolve super admin status");
-      setError(normalisedError);
-      setIsSuperAdminState(false);
-      setHasVerified(false);
-      log3.error("Unable to verify super admin status", normalisedError);
-    }).finally(() => {
-      if (!cancelled) {
-        setIsLoading(false);
+      const { data, error } = await supabase.from("rbac_organisation_roles").select("id").eq("user_id", user.id).eq("organisation_id", orgId).eq("status", "active").is("revoked_at", null).in("role", ["org_admin", "leader", "member"]).single();
+      if (error) {
+        logger.error("useOrganisationSecurity", "Error validating organisation access:", error);
+        return false;
       }
-    });
-    return () => {
-      cancelled = true;
-    };
-  }, [user?.id]);
-  const shouldBypass = hasVerified && isSuperAdminState;
-  useEffect2(() => {
-    if (!supabase) {
-      return;
+      return !!data;
+    } catch (error) {
+      logger.error("useOrganisationSecurity", "Exception validating organisation access:", error);
+      return false;
     }
-    if (lastOverrideValueRef.current === shouldBypass) {
-      return;
+  }, [user, session, supabase, superAdminContext.isSuperAdmin]);
+  const hasMinimumRole = useCallback((minRole, orgId) => {
+    if (superAdminContext.isSuperAdmin) {
+      return true;
     }
-    lastOverrideValueRef.current = shouldBypass;
-    setSuperAdminOverrideFlag({
-      supabase,
-      enabled: shouldBypass,
-      reason: "pace-core-super-admin-bypass"
-    }).catch(() => {
-    });
-  }, [supabase, shouldBypass]);
-  return useMemo5(
-    () => ({
-      isSuperAdmin: shouldBypass,
-      isLoading,
-      error
-    }),
-    [shouldBypass, isLoading, error]
-  );
-}
+    const targetOrgId = orgId || selectedOrganisation?.id;
+    if (!targetOrgId) return false;
+    const userRole = getUserRole(targetOrgId);
+    const roleHierarchy = ["supporter", "member", "leader", "org_admin"];
+    const userRoleIndex = roleHierarchy.indexOf(userRole);
+    const minRoleIndex = roleHierarchy.indexOf(minRole);
+    return userRoleIndex >= minRoleIndex;
+  }, [selectedOrganisation, getUserRole, superAdminContext.isSuperAdmin]);
+  const canAccessChildOrganisations = useCallback((orgId) => {
+    if (superAdminContext.isSuperAdmin) {
+      return true;
+    }
+    const targetOrgId = orgId || selectedOrganisation?.id;
+    if (!targetOrgId) return false;
+    const userRole = getUserRole(targetOrgId);
+    return userRole === "org_admin";
+  }, [selectedOrganisation, getUserRole, superAdminContext.isSuperAdmin]);
+  const hasPermission = useCallback(async (permission, orgId) => {
+    if (superAdminContext.isSuperAdmin) {
+      return true;
+    }
+    const targetOrgId = orgId || selectedOrganisation?.id;
+    if (!targetOrgId || !user) return false;
+    try {
+      const { isPermittedCached } = await import("./api-N774RPUA.js");
+      const scope = {
+        organisationId: targetOrgId,
+        eventId: user.user_metadata?.eventId || user.app_metadata?.eventId,
+        appId: user.user_metadata?.appId || user.app_metadata?.appId
+      };
+      return await isPermittedCached({
+        userId: user.id,
+        scope,
+        permission
+      });
+    } catch (error) {
+      logger.error("useOrganisationSecurity", "Exception checking permission:", error);
+      return false;
+    }
+  }, [selectedOrganisation, user, superAdminContext.isSuperAdmin]);
+  const getUserPermissions = useCallback(async (orgId) => {
+    if (superAdminContext.isSuperAdmin) {
+      return ["*"];
+    }
+    const targetOrgId = orgId || selectedOrganisation?.id;
+    if (!targetOrgId || !user) return [];
+    try {
+      const { getPermissionMap } = await import("./api-N774RPUA.js");
+      const scope = {
+        organisationId: targetOrgId,
+        eventId: user.user_metadata?.eventId || user.app_metadata?.eventId,
+        appId: user.user_metadata?.appId || user.app_metadata?.appId
+      };
+      const permissionMap = await getPermissionMap({
+        userId: user.id,
+        scope
+      });
+      const allPermissions = Object.entries(permissionMap).filter(([, allowed]) => allowed).map(([permission]) => permission);
+      return [...new Set(allPermissions)];
+    } catch (error) {
+      logger.error("useOrganisationSecurity", "Exception getting user permissions:", error);
+      return [];
+    }
+  }, [selectedOrganisation, user, getUserRole, superAdminContext.isSuperAdmin]);
+  const logOrganisationAccess = useCallback(async (action, details) => {
+    if (!user || !selectedOrganisation) return;
+    try {
+      if (selectedOrganisation.id) {
+        const { emitAuditEvent } = await import("./audit-B5P6FFIR.js");
+        await emitAuditEvent({
+          type: "permission_check",
+          userId: user.id,
+          organisationId: selectedOrganisation.id,
+          permission: action,
+          decision: true,
+          // Assume access was granted if we're logging it
+          source: "api",
+          duration_ms: 0,
+          // No actual permission check performed here
+          metadata: details || {}
+        });
+      }
+    } catch (error) {
+      logger.error("useOrganisationSecurity", "Error logging organisation access:", error);
+    }
+  }, [user, selectedOrganisation]);
+  const ensureOrganisationAccess = useCallback(async (orgId) => {
+    const hasAccess = await validateOrganisationAccess(orgId);
+    if (!hasAccess) {
+      const error = new Error(`User does not have access to organisation ${orgId}`);
+      error.name = "OrganisationSecurityError";
+      error.code = "ACCESS_DENIED";
+      error.organisationId = orgId;
+      error.userId = user?.id;
+      throw error;
+    }
+  }, [validateOrganisationAccess, user]);
+  const validateUserAccess = useCallback(async (userId, orgId) => {
+    if (!supabase) return false;
+    try {
+      if (superAdminContext.isSuperAdmin) {
+        return true;
+      }
+      if (userId !== user?.id) {
+        return false;
+      }
+      return await validateOrganisationAccess(orgId);
+    } catch (error) {
+      logger.error("useOrganisationSecurity", "Exception validating user access:", error);
+      return false;
+    }
+  }, [supabase, superAdminContext.isSuperAdmin, user, validateOrganisationAccess]);
+  return {
+    superAdminContext,
+    validateOrganisationAccess,
+    hasMinimumRole,
+    canAccessChildOrganisations,
+    hasPermission,
+    getUserPermissions,
+    logOrganisationAccess,
+    ensureOrganisationAccess,
+    validateUserAccess
+  };
+};
 
 export {
   useEvents,
@@ -609,6 +684,6 @@ export {
   usePublicPageContext,
   useIsPublicPage,
   useAppConfig,
-  useSuperAdminBypass
+  useOrganisationSecurity
 };
-//# sourceMappingURL=chunk-Y4BUBBHD.js.map
+//# sourceMappingURL=chunk-IIELH4DL.js.map