@jmruthers/pace-core 0.5.5 → 0.5.6

package/docs/api/interfaces/StorageUrlOptions.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.5](../README.md) / [Exports](../modules.md) / StorageUrlOptions
+[@jmruthers/pace-core - v0.5.6](../README.md) / [Exports](../modules.md) / StorageUrlOptions
 
 # Interface: StorageUrlOptions
 

package/docs/api/interfaces/StyleImport.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.5](../README.md) / [Exports](../modules.md) / StyleImport
+[@jmruthers/pace-core - v0.5.6](../README.md) / [Exports](../modules.md) / StyleImport
 
 # Interface: StyleImport
 

package/docs/api/interfaces/ToastActionElement.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.5](../README.md) / [Exports](../modules.md) / ToastActionElement
+[@jmruthers/pace-core - v0.5.6](../README.md) / [Exports](../modules.md) / ToastActionElement
 
 # Interface: ToastActionElement
 

package/docs/api/interfaces/ToastProps.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.5](../README.md) / [Exports](../modules.md) / ToastProps
+[@jmruthers/pace-core - v0.5.6](../README.md) / [Exports](../modules.md) / ToastProps
 
 # Interface: ToastProps
 

package/docs/api/interfaces/UnifiedAuthContextType.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.5](../README.md) / [Exports](../modules.md) / UnifiedAuthContextType
+[@jmruthers/pace-core - v0.5.6](../README.md) / [Exports](../modules.md) / UnifiedAuthContextType
 
 # Interface: UnifiedAuthContextType
 

package/docs/api/interfaces/UnifiedAuthProviderProps.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.5](../README.md) / [Exports](../modules.md) / UnifiedAuthProviderProps
+[@jmruthers/pace-core - v0.5.6](../README.md) / [Exports](../modules.md) / UnifiedAuthProviderProps
 
 # Interface: UnifiedAuthProviderProps
 

package/docs/api/interfaces/UseInactivityTrackerOptions.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.5](../README.md) / [Exports](../modules.md) / UseInactivityTrackerOptions
+[@jmruthers/pace-core - v0.5.6](../README.md) / [Exports](../modules.md) / UseInactivityTrackerOptions
 
 # Interface: UseInactivityTrackerOptions
 

package/docs/api/interfaces/UseInactivityTrackerReturn.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.5](../README.md) / [Exports](../modules.md) / UseInactivityTrackerReturn
+[@jmruthers/pace-core - v0.5.6](../README.md) / [Exports](../modules.md) / UseInactivityTrackerReturn
 
 # Interface: UseInactivityTrackerReturn
 

package/docs/api/interfaces/UsePublicEventLogoOptions.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.5](../README.md) / [Exports](../modules.md) / UsePublicEventLogoOptions
+[@jmruthers/pace-core - v0.5.6](../README.md) / [Exports](../modules.md) / UsePublicEventLogoOptions
 
 # Interface: UsePublicEventLogoOptions
 

package/docs/api/interfaces/UsePublicEventLogoReturn.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.5](../README.md) / [Exports](../modules.md) / UsePublicEventLogoReturn
+[@jmruthers/pace-core - v0.5.6](../README.md) / [Exports](../modules.md) / UsePublicEventLogoReturn
 
 # Interface: UsePublicEventLogoReturn
 

package/docs/api/interfaces/UsePublicEventOptions.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.5](../README.md) / [Exports](../modules.md) / UsePublicEventOptions
+[@jmruthers/pace-core - v0.5.6](../README.md) / [Exports](../modules.md) / UsePublicEventOptions
 
 # Interface: UsePublicEventOptions
 

package/docs/api/interfaces/UsePublicEventReturn.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.5](../README.md) / [Exports](../modules.md) / UsePublicEventReturn
+[@jmruthers/pace-core - v0.5.6](../README.md) / [Exports](../modules.md) / UsePublicEventReturn
 
 # Interface: UsePublicEventReturn
 

package/docs/api/interfaces/UsePublicRouteParamsReturn.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.5](../README.md) / [Exports](../modules.md) / UsePublicRouteParamsReturn
+[@jmruthers/pace-core - v0.5.6](../README.md) / [Exports](../modules.md) / UsePublicRouteParamsReturn
 
 # Interface: UsePublicRouteParamsReturn
 

package/docs/api/interfaces/UserEventAccess.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.5](../README.md) / [Exports](../modules.md) / UserEventAccess
+[@jmruthers/pace-core - v0.5.6](../README.md) / [Exports](../modules.md) / UserEventAccess
 
 # Interface: UserEventAccess
 

package/docs/api/interfaces/UserMenuProps.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.5](../README.md) / [Exports](../modules.md) / UserMenuProps
+[@jmruthers/pace-core - v0.5.6](../README.md) / [Exports](../modules.md) / UserMenuProps
 
 # Interface: UserMenuProps
 

package/docs/api/interfaces/UserProfile.md

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.5](../README.md) / [Exports](../modules.md) / UserProfile
+[@jmruthers/pace-core - v0.5.6](../README.md) / [Exports](../modules.md) / UserProfile
 
 # Interface: UserProfile
 

package/docs/api/modules.md

@@ -1,6 +1,6 @@
-[@jmruthers/pace-core - v0.5.5](README.md) / Exports
+[@jmruthers/pace-core - v0.5.6](README.md) / Exports
 
-# @jmruthers/pace-core - v0.5.5
+# @jmruthers/pace-core - v0.5.6
 
 **`File`**
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@jmruthers/pace-core",
-  "version": "0.5.5",
+  "version": "0.5.6",
   "description": "Clean, modern React component library with Tailwind v4 styling and native utilities",
   "private": false,
   "publishConfig": {

package/src/components/DataTable/components/DataTableCore.tsx

@@ -536,31 +536,11 @@ function DataTableInternal<TData extends DataRecord>({
   }, [cleanup]);
 
   // ============================================================================
-  // RBAC VALIDATION AND EARLY RETURNS - AFTER ALL HOOKS
+  // RBAC VALIDATION AND SECURE CONFIGURATION - ALWAYS call these hooks
   // ============================================================================
   
-  // MANDATORY: Every DataTable must have a user and RBAC config
-  if (!user) {
-    throw new Error('DataTable requires authenticated user for RBAC');
-  }
-  
-  if (!rbac?.resource) {
-    throw new Error('DataTable requires rbac.resource for permission checking');
-  }
-
-  const scope = {
-    organisationId: user?.user_metadata?.organisationId || user?.app_metadata?.organisationId,
-    eventId: user?.user_metadata?.eventId || user?.app_metadata?.eventId,
-    appId: user?.user_metadata?.appId || user?.app_metadata?.appId,
-  };
-
-  // MANDATORY: No data access without read permission
-  if (!permissions.canRead.can) {
-    return <AccessDeniedPage resource={rbac?.resource || 'test-resource'} operation="read" />;
-  }
-
   // MANDATORY: Features are automatically filtered by permissions
-  const secureFeatures: DataTableFeatureConfig = {
+  const secureFeatures: DataTableFeatureConfig = useMemo(() => ({
     ...features,
     creation: features.creation && permissions.canCreate.can,
     editing: features.editing && permissions.canUpdate.can,
@@ -568,17 +548,17 @@ function DataTableInternal<TData extends DataRecord>({
     deleteSelected: features.deleteSelected && permissions.canDelete.can,
     export: features.export && permissions.canExport.can,
     import: features.import && permissions.canImport.can,
-  };
+  }), [features, permissions.canCreate.can, permissions.canUpdate.can, permissions.canDelete.can, permissions.canExport.can, permissions.canImport.can]);
 
   // MANDATORY: Handlers are automatically secured
-  const secureHandlers = {
+  const secureHandlers = useMemo(() => ({
     onEditRow: permissions.canUpdate.can ? onEditRow : undefined,
     onDeleteRow: permissions.canDelete.can ? onDeleteRow : undefined,
     onCreateRow: permissions.canCreate.can ? onCreateRow : undefined,
     onImport: permissions.canImport.can ? onImport : undefined,
     onExport: permissions.canExport.can ? onExport : undefined,
     onDeleteSelected: permissions.canDelete.can ? onDeleteSelected : undefined,
-  };
+  }), [permissions.canUpdate.can, permissions.canDelete.can, permissions.canCreate.can, permissions.canImport.can, permissions.canExport.can, onEditRow, onDeleteRow, onCreateRow, onImport, onExport, onDeleteSelected]);
 
   // MANDATORY: Process actions with RBAC checks
   const effectiveActions = useMemo(() => {
@@ -792,6 +772,30 @@ function DataTableInternal<TData extends DataRecord>({
   
   const table = useReactTable(tableConfig);
 
+  // ============================================================================
+  // RBAC VALIDATION AND EARLY RETURNS - AFTER ALL HOOKS
+  // ============================================================================
+  
+  // MANDATORY: Every DataTable must have a user and RBAC config
+  if (!user) {
+    throw new Error('DataTable requires authenticated user for RBAC');
+  }
+  
+  if (!rbac?.resource) {
+    throw new Error('DataTable requires rbac.resource for permission checking');
+  }
+
+  const scope = {
+    organisationId: user?.user_metadata?.organisationId || user?.app_metadata?.organisationId,
+    eventId: user?.user_metadata?.eventId || user?.app_metadata?.eventId,
+    appId: user?.user_metadata?.appId || user?.app_metadata?.appId,
+  };
+
+  // MANDATORY: No data access without read permission
+  if (!permissions.canRead.can) {
+    return <AccessDeniedPage resource={rbac?.resource || 'test-resource'} operation="read" />;
+  }
+
   // ============================================================================
   // RENDER
   // ============================================================================