npm - @jmruthers/pace-core - Versions diffs - 0.5.191 → 0.6.1 - Mend

@jmruthers/pace-core 0.5.191 → 0.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (380) hide show

package/src/hooks/useFormDialog.ts CHANGED Viewed

@@ -23,7 +23,7 @@
  * ```
  */
-import { useState, useCallback } from 'react';
+import { useState } from 'react';
 /**
  * Options for configuring the useFormDialog hook behavior
@@ -115,27 +115,28 @@ export function useFormDialog<T = unknown>({
   const [isOpen, setIsOpen] = useState(false);
   const [formData, setFormData] = useState<T | null>(null);
-  const openDialog = useCallback((data: T | null = null) => {
+  // React Compiler handles memoization automatically
+  const openDialog = (data: T | null = null) => {
     setFormData(data);
     setIsOpen(true);
     onOpenChange?.(true);
-  }, [onOpenChange]);
+  };
-  const closeDialog = useCallback(() => {
+  const closeDialog = () => {
     setIsOpen(false);
     if (resetOnClose) {
       setFormData(null);
     }
     onOpenChange?.(false);
-  }, [resetOnClose, onOpenChange]);
+  };
-  const handleOpenChange = useCallback((open: boolean) => {
+  const handleOpenChange = (open: boolean) => {
     setIsOpen(open);
     if (!open && resetOnClose) {
       setFormData(null);
     }
     onOpenChange?.(open);
-  }, [resetOnClose, onOpenChange]);
+  };
   return {
     isOpen,

package/src/hooks/useInactivityTracker.ts CHANGED Viewed

@@ -48,7 +48,7 @@
  * - Cross-tab optimization
  *
  * @dependencies
- * - React 18+ - Hooks and effects
+ * - React 19+ - Hooks and effects
  * - Browser APIs - BroadcastChannel, localStorage, timers
  */

package/src/hooks/usePermissionCache.ts CHANGED Viewed

@@ -46,7 +46,7 @@
  * - Memory-efficient storage
  *
  * @dependencies
- * - React 18+ - Hooks and effects
+ * - React 19+ - Hooks and effects
  * - RBAC API functions - isPermittedCached for permission checking
  * - RBAC types - Type definitions
  *

package/src/hooks/useSecureDataAccess.test.ts CHANGED Viewed

@@ -15,7 +15,7 @@ import { useOrganisations } from './useOrganisations';
 import { setOrganisationContext } from '../utils/context/organisationContext';
 import { createMockSupabaseClient, createMockQueryBuilderWithData } from '../__tests__/helpers/supabaseMock';
 import { useResolvedScope } from '../rbac/hooks/useResolvedScope';
-import { useSuperAdminBypass } from '../rbac/hooks/useSuperAdminBypass';
+import { useOrganisationSecurity } from './useOrganisationSecurity';
 // Mock the providers
 vi.mock('../providers', () => ({
@@ -36,9 +36,9 @@ vi.mock('../rbac/hooks/useResolvedScope', () => ({
   useResolvedScope: vi.fn()
 }));
-// Mock useSuperAdminBypass
-vi.mock('../rbac/hooks/useSuperAdminBypass', () => ({
-  useSuperAdminBypass: vi.fn()
+// Mock useOrganisationSecurity
+vi.mock('./useOrganisationSecurity', () => ({
+  useOrganisationSecurity: vi.fn()
 }));
@@ -47,7 +47,7 @@ describe('useSecureDataAccess', () => {
   const mockUseOrganisations = vi.mocked(useOrganisations);
   const mockSetOrganisationContext = vi.mocked(setOrganisationContext);
   const mockUseResolvedScope = vi.mocked(useResolvedScope);
-  const mockUseSuperAdminBypass = vi.mocked(useSuperAdminBypass);
+  const mockUseOrganisationSecurity = vi.mocked(useOrganisationSecurity);
   const mockUser = {
     id: 'user-123',
@@ -119,10 +119,17 @@ describe('useSecureDataAccess', () => {
       error: null,
     });
-    // Mock useSuperAdminBypass to return not super admin
-    mockUseSuperAdminBypass.mockReturnValue({
-      isSuperAdmin: false,
-    });
+    // Mock useOrganisationSecurity to return not super admin
+    mockUseOrganisationSecurity.mockReturnValue({
+      superAdminContext: { isSuperAdmin: false, hasGlobalAccess: false, canManageAllOrganisations: false },
+      validateOrganisationAccess: vi.fn(),
+      hasMinimumRole: vi.fn(),
+      canAccessChildOrganisations: vi.fn(),
+      checkPermission: vi.fn(),
+      getPermissions: vi.fn(),
+      logOrganisationAccess: vi.fn(),
+      canManageOrganisation: vi.fn(),
+    } as any);
   });
     describe('Hook Initialization', () => {

package/src/hooks/useSecureDataAccess.ts CHANGED Viewed

@@ -59,7 +59,7 @@ import { setOrganisationContext } from '../utils/context/organisationContext';
 import { logger } from '../utils/core/logger';
 import type { Permission } from '../rbac/types';
 import type { OrganisationSecurityError } from '../types/organisation';
-import { useSuperAdminBypass } from '../rbac/hooks/useSuperAdminBypass';
+import { useOrganisationSecurity } from './useOrganisationSecurity';
 import { useResolvedScope } from '../rbac/hooks/useResolvedScope';
 export interface SecureDataAccessReturn {
@@ -158,7 +158,8 @@ export function useSecureDataAccess(): SecureDataAccessReturn {
   const eventServiceContext = useContext(EventServiceContext);
   const eventFromContext = eventServiceContext?.eventService?.getSelectedEvent() || null;
   const effectiveSelectedEvent = selectedEvent || eventFromContext;
-  const { isSuperAdmin } = useSuperAdminBypass();
+  const { superAdminContext } = useOrganisationSecurity();
+  const isSuperAdmin = superAdminContext.isSuperAdmin;
   // Use resolved scope to get organisationId (derived from event if needed)
   const { resolvedScope } = useResolvedScope({
@@ -236,9 +237,11 @@ export function useSecureDataAccess(): SecureDataAccessReturn {
       // SECURITY: Phase 2 additions - complete organisation table mapping
       'organisation_audit_log', 'organisation_invitations', 'organisation_app_access',
       // SECURITY: Emergency additions for Phase 1 fixes
-      'cake_meal', 'cake_mealtype', 'core_person',
-      // NOTE: core_member, medi_profile, core_contact, core_consent, core_identification, core_qualification
-      // are now person-scoped (not organisation-scoped) - removed from this list
+      'cake_meal', 'cake_mealtype',
+      // NOTE: core_person, core_member, core_contact, core_consent, core_identification,
+      // core_qualification, and medi_profile are person-scoped tables that do NOT have
+      // organisation_id columns. They were removed as part of the person-scoped profiles migration.
+      // Do NOT add organisation_id filters to these tables - it will cause 400 errors.
       // SECURITY: Phase 3A additions - medical and personal data
       // NOTE: medi_condition, medi_diet, medi_action_plan, medi_profile_versions are now person-scoped
       // (via medi_profile) - removed from this list
@@ -369,7 +372,20 @@ export function useSecureDataAccess(): SecureDataAccessReturn {
       // SECURITY: Phase 2 additions - complete organisation table mapping
       'organisation_audit_log', 'organisation_invitations', 'organisation_app_access',
       // SECURITY: Emergency additions for Phase 1 fixes
-      'cake_meal', 'cake_mealtype', 'core_person', 'core_member'
+      'cake_meal', 'cake_mealtype', 'core_person',
+      // SECURITY: These tables still have organisation_id columns and must be filtered
+      'core_member', 'core_contact', 'core_consent', 'core_identification', 'core_qualification',
+      'medi_profile',
+      // SECURITY: Phase 3A additions - medical and personal data
+      'medi_condition', 'medi_diet', 'medi_action_plan', 'medi_profile_versions',
+      'core_identification_type',
+      'form_responses', 'form_response_values', 'forms',
+      // SECURITY: Phase 3B additions - remaining critical tables
+      'invoice', 'line_item', 'credit_balance', 'payment_method',
+      'form_contexts', 'form_field_config', 'form_fields',
+      'cake_delivery', 'cake_diettype', 'cake_diner', 'cake_dish', 'cake_item',
+      'cake_logistics', 'cake_mealplan', 'cake_package', 'cake_recipe', 'cake_supplier',
+      'cake_supply', 'cake_unit', 'event_app_access', 'base_application', 'base_questions'
     ];
     if (!bypassOrganisationFilter && organisationId && tablesWithOrganisation.includes(table)) {

package/src/hooks/useToast.ts CHANGED Viewed

@@ -23,7 +23,7 @@ export interface ToastProps {
   description?: React.ReactNode;
   variant?: 'default' | 'destructive' | 'success';
   onClose?: () => void;
-  action?: React.ReactElement;
+  action?: React.ReactElement<any>;
 }
 /**
@@ -40,7 +40,7 @@ type ToasterToast = ToastProps & {
   /** Optional description content */
   description?: React.ReactNode
   /** Optional action button */
-  action?: React.ReactElement
+  action?: React.ReactElement<any>
   /** Open state */
   open?: boolean
   /** Open change handler */

package/src/providers/__tests__/OrganisationProvider.test.tsx CHANGED Viewed

@@ -17,9 +17,14 @@ vi.mock('../../utils/debugLogger', () => ({
   },
 }));
-// Mock setOrganisationContext
+// Mock setOrganisationContext - make it resolve immediately to avoid delays
 vi.mock('../../utils/context/organisationContext', () => ({
-  setOrganisationContext: vi.fn().mockResolvedValue(undefined),
+  setOrganisationContext: vi.fn().mockImplementation(() => Promise.resolve(undefined)),
+}));
+// Mock isSuperAdmin to return false (normal user, not super admin)
+vi.mock('../../rbac/api', () => ({
+  isSuperAdmin: vi.fn().mockResolvedValue(false),
 }));
 // Create mock user and session
@@ -63,18 +68,36 @@ const createMockSupabaseClient = () => {
         role: 'org_admin',
         status: 'active',
         granted_at: '2023-01-01T00:00:00Z',
+        granted_by: null,
         revoked_at: null,
-        core_organisations: mockOrganisation
+        revoked_by: null,
+        notes: null,
+        created_at: '2023-01-01T00:00:00Z',
+        updated_at: '2023-01-01T00:00:00Z',
+        core_organisations: {
+          id: orgId,
+          name: 'Test Organisation 1',
+          display_name: 'Test Organisation 1',
+          subscription_tier: 'basic',
+          settings: {},
+          is_active: true,
+          parent_id: null,
+          created_at: '2023-01-01T00:00:00Z',
+          updated_at: '2023-01-01T00:00:00Z'
+        }
       }],
       error: null
     })
   };
+  // Mock RPC function for setOrganisationContext
+  const mockRpc = vi.fn().mockResolvedValue({
+    data: null,
+    error: null,
+  });
   return {
-    rpc: vi.fn().mockResolvedValue({
-      data: [],
-            error: null,
-          }),
+    rpc: mockRpc,
     from: vi.fn((table: string) => {
       if (table === 'rbac_organisation_roles') {
         return mockQueryBuilder;
@@ -127,6 +150,8 @@ describe('OrganisationProvider', () => {
   beforeEach(() => {
     vi.clearAllMocks();
+    // Clear localStorage to ensure clean state
+    localStorage.clear();
     mockSupabaseClient = createMockSupabaseClient();
   });
@@ -140,10 +165,19 @@ describe('OrganisationProvider', () => {
       expect(screen.getByTestId('test-component')).toBeInTheDocument();
-      // Wait for organisations to load
+      // Wait for organisations to load - OrganisationService initializes asynchronously
+      // The service calls notify() in finally block, and useOrganisationService has 50ms debounce
+      // Also need to account for the 2 second minimum retry delay in loadUserOrganisations
       await waitFor(() => {
-        expect(screen.getByTestId('organisations-count')).toHaveTextContent('1');
-      }, { timeout: 3000 });
+        const count = screen.getByTestId('organisations-count').textContent;
+        const error = screen.getByTestId('error').textContent;
+        // Log for debugging if test fails
+        if (count !== '1' || error !== 'no-error') {
+          console.log('Test state:', { count, error, isLoading: screen.getByTestId('isLoading').textContent });
+        }
+        expect(count).toBe('1');
+        expect(error).toBe('no-error');
+      }, { timeout: 15000, interval: 200 });
       expect(screen.getByTestId('isLoading')).toHaveTextContent('false');
       expect(screen.getByTestId('error')).toHaveTextContent('no-error');
@@ -169,10 +203,20 @@ describe('OrganisationProvider', () => {
       );
       // Wait for organisations to load and selected organisation to be set
+      // The service calls notify() in finally block, and useOrganisationService has 50ms debounce
+      // Also need to account for the 2 second minimum retry delay in loadUserOrganisations
       await waitFor(() => {
-        expect(screen.getByTestId('organisations-count')).toHaveTextContent('1');
-        expect(screen.getByTestId('selectedOrg')).not.toHaveTextContent('no-org');
-      }, { timeout: 3000 });
+        const count = screen.getByTestId('organisations-count').textContent;
+        const error = screen.getByTestId('error').textContent;
+        const selectedOrg = screen.getByTestId('selectedOrg').textContent;
+        // Log for debugging if test fails
+        if (count !== '1' || error !== 'no-error' || selectedOrg === 'no-org') {
+          console.log('Test state:', { count, error, selectedOrg, isLoading: screen.getByTestId('isLoading').textContent });
+        }
+        expect(count).toBe('1');
+        expect(error).toBe('no-error');
+        expect(selectedOrg).not.toBe('no-org');
+      }, { timeout: 15000, interval: 200 });
       expect(screen.getByTestId('organisations-count')).toHaveTextContent('1');
       expect(screen.getByTestId('isLoading')).toHaveTextContent('false');

package/src/providers/__tests__/ProviderLifecycle.test.tsx CHANGED Viewed

@@ -7,7 +7,7 @@
  * Tests for provider lifecycle management, state persistence, cleanup, and edge cases.
  */
-import { render, screen, fireEvent } from '@testing-library/react';
+import { render, screen, fireEvent, act } from '@testing-library/react';
 import { vi, describe, it, expect, beforeEach, afterEach } from 'vitest';
 import React, { ReactNode, useState } from 'react';
 import { createMockSupabaseClient } from '../../__tests__/helpers/supabaseMock';
@@ -88,8 +88,12 @@ describe('Provider Lifecycle Tests', () => {
     it('should cleanup subscription listeners', () => {
       const cleanup = vi.fn();
       const TestComponent = () => {
+        const cleanupRef = React.useRef(cleanup);
         React.useEffect(() => {
-          return cleanup;
+          // Return a function that calls cleanup from ref
+          return () => {
+            cleanupRef.current();
+          };
         }, []);
         return <div data-testid="listener-test">Test</div>;
       };
@@ -98,7 +102,9 @@ describe('Provider Lifecycle Tests', () => {
       expect(screen.getByTestId('listener-test')).toBeInTheDocument();
-      unmountComponent();
+      act(() => {
+        unmountComponent();
+      });
       // Cleanup should be called on unmount
       expect(cleanup).toHaveBeenCalled();
@@ -109,13 +115,22 @@ describe('Provider Lifecycle Tests', () => {
       const cleanup2 = vi.fn();
       const TestComponent = () => {
-        React.useEffect(() => cleanup1, []);
-        React.useEffect(() => cleanup2, []);
+        const cleanup1Ref = React.useRef(cleanup1);
+        const cleanup2Ref = React.useRef(cleanup2);
+        React.useEffect(() => {
+          return () => cleanup1Ref.current();
+        }, []);
+        React.useEffect(() => {
+          return () => cleanup2Ref.current();
+        }, []);
         return <div data-testid="multi-listener">Test</div>;
       };
       const { unmount: unmountComponent } = render(<TestComponent />);
-      unmountComponent();
+      act(() => {
+        unmountComponent();
+      });
       expect(cleanup1).toHaveBeenCalled();
       expect(cleanup2).toHaveBeenCalled();

package/src/providers/__tests__/UnifiedAuthProvider.test.tsx CHANGED Viewed

@@ -72,7 +72,7 @@ const TestComponent = () => {
 describe('UnifiedAuthProvider', () => {
   let mockSupabaseClient: ReturnType<typeof createMockSupabaseClient>;
-  const defaultProps = {
+  const baseProps = {
     idleTimeoutMs: 30 * 60 * 1000,
     warnBeforeMs: 60 * 1000,
     onIdleLogout: vi.fn(),
@@ -86,7 +86,7 @@ describe('UnifiedAuthProvider', () => {
   describe('Rendering', () => {
     it('renders without crashing', () => {
       render(
-        <UnifiedAuthProvider supabaseClient={mockSupabaseClient} {...defaultProps}>
+        <UnifiedAuthProvider supabaseClient={mockSupabaseClient} {...baseProps}>
           <TestComponent />
         </UnifiedAuthProvider>
       );
@@ -96,7 +96,7 @@ describe('UnifiedAuthProvider', () => {
     it('renders with custom app name', () => {
       render(
-        <UnifiedAuthProvider supabaseClient={mockSupabaseClient} appName="Custom App" {...defaultProps}>
+        <UnifiedAuthProvider supabaseClient={mockSupabaseClient} appName="Custom App" {...baseProps}>
           <TestComponent />
         </UnifiedAuthProvider>
       );
@@ -118,7 +118,7 @@ describe('UnifiedAuthProvider', () => {
   describe('Context Values', () => {
     it('provides all required context values', async () => {
       render(
-        <UnifiedAuthProvider supabaseClient={mockSupabaseClient} appName="Test App" {...defaultProps}>
+        <UnifiedAuthProvider supabaseClient={mockSupabaseClient} appName="Test App" {...baseProps}>
           <TestComponent />
         </UnifiedAuthProvider>
       );
@@ -182,7 +182,7 @@ describe('UnifiedAuthProvider', () => {
     it('uses default configuration', () => {
       render(
-        <UnifiedAuthProvider supabaseClient={mockSupabaseClient} {...defaultProps}>
+        <UnifiedAuthProvider supabaseClient={mockSupabaseClient} {...baseProps}>
           <TestComponent />
         </UnifiedAuthProvider>
       );
@@ -207,7 +207,7 @@ describe('UnifiedAuthProvider', () => {
       };
       render(
-        <UnifiedAuthProvider supabaseClient={mockSupabaseClient} appName="Test App" {...defaultProps}>
+        <UnifiedAuthProvider supabaseClient={mockSupabaseClient} appName="Test App" {...baseProps}>
           <TestCompositionComponent />
         </UnifiedAuthProvider>
       );
@@ -236,7 +236,7 @@ describe('UnifiedAuthProvider', () => {
       };
       render(
-        <UnifiedAuthProvider supabaseClient={mockSupabaseClient} appName="Test App" {...defaultProps}>
+        <UnifiedAuthProvider supabaseClient={mockSupabaseClient} appName="Test App" {...baseProps}>
           <TestCompleteContextComponent />
         </UnifiedAuthProvider>
       );
@@ -428,7 +428,7 @@ describe('UnifiedAuthProvider', () => {
       };
       render(
-        <UnifiedAuthProvider supabaseClient={mockSupabaseClient} appName="Test App" {...defaultProps}>
+        <UnifiedAuthProvider supabaseClient={mockSupabaseClient} appName="Test App" {...baseProps}>
           <TestHookIntegrationComponent />
         </UnifiedAuthProvider>
       );
@@ -494,7 +494,7 @@ describe('UnifiedAuthProvider', () => {
       };
       render(
-        <UnifiedAuthProvider supabaseClient={mockSupabaseClient} appName="Test App" {...defaultProps}>
+        <UnifiedAuthProvider supabaseClient={mockSupabaseClient} appName="Test App" {...baseProps}>
           <TestConcurrentComponent />
         </UnifiedAuthProvider>
       );
@@ -554,7 +554,7 @@ describe('UnifiedAuthProvider', () => {
       };
       render(
-        <UnifiedAuthProvider supabaseClient={mockSupabaseClient} appName="Test App" enableRBAC={true} {...defaultProps}>
+        <UnifiedAuthProvider supabaseClient={mockSupabaseClient} appName="Test App" enableRBAC={true} {...baseProps}>
           <TestRBACConfigComponent />
         </UnifiedAuthProvider>
       );

package/src/providers/services/EventServiceProvider.tsx CHANGED Viewed

@@ -63,14 +63,6 @@ export function EventServiceProvider({
       initializingRef.current = true;
       try {
-        logger.debug('EventServiceProvider', 'Updating dependencies and initializing', {
-          hasUser: !!user,
-          hasSession: !!session,
-          appName,
-          hasSelectedOrganisation: !!selectedOrganisation,
-          organisationId: selectedOrganisation?.id
-        });
         // Update dependencies (now async to handle user change cleanup)
         await eventService.updateDependencies(supabaseClient, user, session, appName, selectedOrganisation, setSelectedEventId);