@jmruthers/pace-core 0.5.54 → 0.5.55

package/src/rbac/types.test.ts

@@ -0,0 +1,382 @@
+/**
+ * @file RBAC Types Tests
+ * @package @jmruthers/pace-core
+ * @module RBAC/Types
+ * @since 1.0.0
+ * 
+ * Comprehensive tests for RBAC type definitions and error classes.
+ */
+
+import { describe, it, expect } from 'vitest';
+import {
+  RBACError,
+  PermissionDeniedError,
+  OrganisationContextRequiredError,
+  RBACNotInitializedError,
+  InvalidScopeError,
+  MissingUserContextError
+} from './types';
+import { 
+  UUID, 
+  Operation, 
+  Permission, 
+  AccessLevel, 
+  Scope, 
+  PermissionCheck,
+  GlobalRole,
+  OrganisationRole,
+  EventAppRole
+} from './types';
+
+describe('RBAC Error Classes', () => {
+  describe('RBACError', () => {
+    it('creates error with message and code', () => {
+      const error = new RBACError('Test error', 'TEST_ERROR');
+      
+      expect(error.message).toBe('Test error');
+      expect(error.code).toBe('TEST_ERROR');
+      expect(error.name).toBe('RBACError');
+      expect(error.context).toBeUndefined();
+    });
+
+    it('creates error with context', () => {
+      const context = { userId: 'user-123', permission: 'read:users' };
+      const error = new RBACError('Test error', 'TEST_ERROR', context);
+      
+      expect(error.message).toBe('Test error');
+      expect(error.code).toBe('TEST_ERROR');
+      expect(error.context).toEqual(context);
+    });
+
+    it('inherits from Error', () => {
+      const error = new RBACError('Test error', 'TEST_ERROR');
+      expect(error).toBeInstanceOf(Error);
+    });
+  });
+
+  describe('PermissionDeniedError', () => {
+    it('creates permission denied error', () => {
+      const error = new PermissionDeniedError('read:users');
+      
+      expect(error.message).toBe('Permission denied: read:users');
+      expect(error.code).toBe('PERMISSION_DENIED');
+      expect(error.name).toBe('PermissionDeniedError');
+      expect(error.context).toEqual({ permission: 'read:users' });
+    });
+
+    it('creates permission denied error with context', () => {
+      const context = { userId: 'user-123', organisationId: 'org-456' };
+      const error = new PermissionDeniedError('read:users', context);
+      
+      expect(error.message).toBe('Permission denied: read:users');
+      expect(error.code).toBe('PERMISSION_DENIED');
+      expect(error.context).toEqual({ permission: 'read:users', ...context });
+    });
+
+    it('inherits from RBACError', () => {
+      const error = new PermissionDeniedError('read:users');
+      expect(error).toBeInstanceOf(RBACError);
+      expect(error).toBeInstanceOf(Error);
+    });
+  });
+
+  describe('OrganisationContextRequiredError', () => {
+    it('creates organisation context required error', () => {
+      const error = new OrganisationContextRequiredError();
+      
+      expect(error.message).toBe('Organisation context is required for this operation');
+      expect(error.code).toBe('ORGANISATION_CONTEXT_REQUIRED');
+      expect(error.name).toBe('OrganisationContextRequiredError');
+    });
+
+    it('inherits from RBACError', () => {
+      const error = new OrganisationContextRequiredError();
+      expect(error).toBeInstanceOf(RBACError);
+      expect(error).toBeInstanceOf(Error);
+    });
+  });
+
+  describe('RBACNotInitializedError', () => {
+    it('creates RBAC not initialized error', () => {
+      const error = new RBACNotInitializedError();
+      
+      expect(error.message).toContain('RBAC system not initialized');
+      expect(error.code).toBe('RBAC_NOT_INITIALIZED');
+      expect(error.name).toBe('RBACNotInitializedError');
+    });
+
+    it('includes setup instructions in message', () => {
+      const error = new RBACNotInitializedError();
+      expect(error.message).toContain('setupRBAC');
+      expect(error.message).toContain('https://docs.pace-core.dev/rbac/setup');
+    });
+
+    it('inherits from RBACError', () => {
+      const error = new RBACNotInitializedError();
+      expect(error).toBeInstanceOf(RBACError);
+      expect(error).toBeInstanceOf(Error);
+    });
+  });
+
+  describe('InvalidScopeError', () => {
+    it('creates invalid scope error', () => {
+      const scope = { organisationId: 'invalid-uuid' };
+      const reason = 'Invalid UUID format';
+      const error = new InvalidScopeError(scope, reason);
+      
+      expect(error.message).toContain('Invalid scope provided');
+      expect(error.message).toContain(JSON.stringify(scope));
+      expect(error.message).toContain(reason);
+      expect(error.code).toBe('INVALID_SCOPE');
+      expect(error.name).toBe('InvalidScopeError');
+      expect(error.context).toEqual({ scope, reason });
+    });
+
+    it('inherits from RBACError', () => {
+      const error = new InvalidScopeError({}, 'test');
+      expect(error).toBeInstanceOf(RBACError);
+      expect(error).toBeInstanceOf(Error);
+    });
+  });
+
+  describe('MissingUserContextError', () => {
+    it('creates missing user context error', () => {
+      const error = new MissingUserContextError();
+      
+      expect(error.message).toContain('User context is required');
+      expect(error.message).toContain('auth provider');
+      expect(error.code).toBe('MISSING_USER_CONTEXT');
+      expect(error.name).toBe('MissingUserContextError');
+    });
+
+    it('inherits from RBACError', () => {
+      const error = new MissingUserContextError();
+      expect(error).toBeInstanceOf(RBACError);
+      expect(error).toBeInstanceOf(Error);
+    });
+  });
+});
+
+describe('Type Definitions', () => {
+  describe('UUID Type', () => {
+    it('accepts valid UUID strings', () => {
+      const validUUIDs: UUID[] = [
+        '123e4567-e89b-12d3-a456-426614174000',
+        '00000000-0000-0000-0000-000000000000',
+        'ffffffff-ffff-ffff-ffff-ffffffffffff'
+      ];
+
+      validUUIDs.forEach(uuid => {
+        expect(typeof uuid).toBe('string');
+        expect(uuid).toMatch(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i);
+      });
+    });
+  });
+
+  describe('Operation Type', () => {
+    it('includes all required operations', () => {
+      const operations: Operation[] = ['read', 'create', 'update', 'delete', 'manage'];
+      
+      operations.forEach(operation => {
+        expect(['read', 'create', 'update', 'delete', 'manage']).toContain(operation);
+      });
+    });
+
+    it('has correct number of operations', () => {
+      const operations: Operation[] = ['read', 'create', 'update', 'delete', 'manage'];
+      expect(operations).toHaveLength(5);
+    });
+  });
+
+  describe('Permission Type', () => {
+    it('creates valid permission strings', () => {
+      const permissions: Permission[] = [
+        'read:users',
+        'create:user-profiles',
+        'update:events',
+        'delete:organisations',
+        'manage:base.events'
+      ];
+
+      permissions.forEach(permission => {
+        expect(permission).toMatch(/^(read|create|update|delete|manage):/);
+      });
+    });
+
+    it('supports complex resource names', () => {
+      const permissions: Permission[] = [
+        'read:user-profiles.details',
+        'manage:base.events.schedule',
+        'create:app-data.records'
+      ];
+
+      permissions.forEach(permission => {
+        expect(permission).toMatch(/^(read|create|update|delete|manage):[a-z0-9._-]+$/);
+      });
+    });
+  });
+
+  describe('AccessLevel Type', () => {
+    it('includes all required access levels', () => {
+      const accessLevels: AccessLevel[] = ['viewer', 'participant', 'planner', 'admin', 'super'];
+      
+      accessLevels.forEach(level => {
+        expect(['viewer', 'participant', 'planner', 'admin', 'super']).toContain(level);
+      });
+    });
+
+    it('has correct hierarchy order', () => {
+      const levels: AccessLevel[] = ['viewer', 'participant', 'planner', 'admin', 'super'];
+      expect(levels).toHaveLength(5);
+      
+      // Verify hierarchy makes sense
+      const hierarchy = ['viewer', 'participant', 'planner', 'admin', 'super'];
+      expect(levels).toEqual(hierarchy);
+    });
+  });
+
+  describe('Scope Type', () => {
+    it('creates valid scope objects', () => {
+      const scopes: Scope[] = [
+        { organisationId: '123e4567-e89b-12d3-a456-426614174000' as UUID },
+        { 
+          organisationId: '123e4567-e89b-12d3-a456-426614174000' as UUID,
+          eventId: 'event-123'
+        },
+        { 
+          organisationId: '123e4567-e89b-12d3-a456-426614174000' as UUID,
+          appId: '123e4567-e89b-12d3-a456-426614174001' as UUID
+        },
+        { 
+          organisationId: '123e4567-e89b-12d3-a456-426614174000' as UUID,
+          eventId: 'event-123',
+          appId: '123e4567-e89b-12d3-a456-426614174001' as UUID
+        }
+      ];
+
+      scopes.forEach(scope => {
+        expect(scope).toBeDefined();
+        expect(typeof scope).toBe('object');
+        if (scope.organisationId) {
+          expect(typeof scope.organisationId).toBe('string');
+        }
+        if (scope.eventId) {
+          expect(typeof scope.eventId).toBe('string');
+        }
+        if (scope.appId) {
+          expect(typeof scope.appId).toBe('string');
+        }
+      });
+    });
+  });
+
+  describe('PermissionCheck Type', () => {
+    it('creates valid permission check objects', () => {
+      const permissionCheck: PermissionCheck = {
+        userId: '123e4567-e89b-12d3-a456-426614174000' as UUID,
+        scope: { organisationId: '123e4567-e89b-12d3-a456-426614174001' as UUID },
+        permission: 'read:users' as Permission,
+        pageId: 'page-123'
+      };
+
+      expect(permissionCheck.userId).toBeDefined();
+      expect(permissionCheck.scope).toBeDefined();
+      expect(permissionCheck.permission).toBeDefined();
+      expect(permissionCheck.pageId).toBeDefined();
+    });
+
+    it('handles optional pageId', () => {
+      const permissionCheck: PermissionCheck = {
+        userId: '123e4567-e89b-12d3-a456-426614174000' as UUID,
+        scope: { organisationId: '123e4567-e89b-12d3-a456-426614174001' as UUID },
+        permission: 'read:users' as Permission
+      };
+
+      expect(permissionCheck.pageId).toBeUndefined();
+    });
+  });
+
+  describe('Role Types', () => {
+    it('defines global roles correctly', () => {
+      const globalRoles: GlobalRole[] = ['super_admin'];
+      expect(globalRoles).toHaveLength(1);
+      expect(globalRoles[0]).toBe('super_admin');
+    });
+
+    it('defines organisation roles correctly', () => {
+      const orgRoles: OrganisationRole[] = ['supporter', 'member', 'leader', 'org_admin'];
+      expect(orgRoles).toHaveLength(4);
+      expect(orgRoles).toContain('supporter');
+      expect(orgRoles).toContain('member');
+      expect(orgRoles).toContain('leader');
+      expect(orgRoles).toContain('org_admin');
+    });
+
+    it('defines event app roles correctly', () => {
+      const eventAppRoles: EventAppRole[] = ['viewer', 'participant', 'planner', 'event_admin'];
+      expect(eventAppRoles).toHaveLength(4);
+      expect(eventAppRoles).toContain('viewer');
+      expect(eventAppRoles).toContain('participant');
+      expect(eventAppRoles).toContain('planner');
+      expect(eventAppRoles).toContain('event_admin');
+    });
+  });
+});
+
+describe('Type Guards and Validation', () => {
+  it('validates UUID format', () => {
+    const validUUID = '123e4567-e89b-12d3-a456-426614174000';
+    const invalidUUID = 'invalid-uuid';
+    
+    expect(validUUID).toMatch(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i);
+    expect(invalidUUID).not.toMatch(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i);
+  });
+
+  it('validates permission format', () => {
+    const validPermission = 'read:users';
+    const invalidPermission = 'invalid';
+    
+    expect(validPermission).toMatch(/^(read|create|update|delete|manage):/);
+    expect(invalidPermission).not.toMatch(/^(read|create|update|delete|manage):/);
+  });
+
+  it('validates access level values', () => {
+    const validLevels = ['viewer', 'participant', 'planner', 'admin', 'super'];
+    const invalidLevel = 'invalid';
+    
+    validLevels.forEach(level => {
+      expect(['viewer', 'participant', 'planner', 'admin', 'super']).toContain(level);
+    });
+    
+    expect(['viewer', 'participant', 'planner', 'admin', 'super']).not.toContain(invalidLevel);
+  });
+});
+
+describe('Type Compatibility', () => {
+  it('ensures types are compatible with expected interfaces', () => {
+    // Test that types can be used in expected contexts
+    const permissionCheck: PermissionCheck = {
+      userId: '123e4567-e89b-12d3-a456-426614174000' as UUID,
+      scope: { organisationId: '123e4567-e89b-12d3-a456-426614174001' as UUID },
+      permission: 'read:users' as Permission
+    };
+
+    // This should compile without errors
+    const userId: UUID = permissionCheck.userId;
+    const scope: Scope = permissionCheck.scope;
+    const permission: Permission = permissionCheck.permission;
+
+    expect(userId).toBeDefined();
+    expect(scope).toBeDefined();
+    expect(permission).toBeDefined();
+  });
+
+  it('supports type narrowing', () => {
+    const accessLevel: AccessLevel = 'admin';
+    
+    if (accessLevel === 'admin' || accessLevel === 'super') {
+      // This should be a valid admin level
+      expect(['admin', 'super']).toContain(accessLevel);
+    }
+  });
+});

package/src/rbac/types.ts

@@ -16,9 +16,9 @@ import type React from 'react';
 
 export type UUID = string;
 
-export type Operation = 'read' | 'create' | 'update' | 'delete' | 'manage';
+export type Operation = 'read' | 'create' | 'update' | 'delete';
 
-export type Permission = `${Operation}:${string}`; // e.g. "manage:base.events"
+export type Permission = `${Operation}:${string}`; // e.g. "read:base.events" or "create:team.members"
 
 export type AccessLevel =
   | 'viewer'

package/src/styles/core.css

@@ -33,23 +33,6 @@
   --color-card: var(--color-main-50);
   --color-card-foreground: var(--color-main-950);
 
-  /* Print-specific variables */
-  --print-margin: 0.5in;
-  --print-font-size: 12pt;
-  --print-line-height: 1.4;
-  --print-color: #000;
-  --print-bg: #fff;
-  --print-first-page-margin: 1in;
-  --print-cover-logo-size: 120px;
-  --print-cover-title-size: 2.5rem;
-  --print-page-width: 8.27in;
-  /* A4 width */
-  --print-page-height: 11.69in;
-  /* A4 height */
-  --print-landscape-width: 11.69in;
-  /* A4 landscape width */
-  --print-landscape-height: 8.27in;
-  /* A4 landscape height */
 }
 
 @layer base {
@@ -256,112 +239,4 @@
 
 @layer utilities {
 
-  /* Print-specific utilities */
-  .print-break-avoid {
-    page-break-inside: avoid;
-  }
-
-  .print-break-before {
-    page-break-before: always;
-  }
-
-  .print-break-after {
-    page-break-after: always;
-  }
-
-  /* Print page size controls */
-  .print-a4-portrait {
-    @media print {
-      @page {
-        size: A4 portrait;
-        margin: var(--print-margin);
-      }
-    }
-  }
-
-  .print-a4-landscape {
-    @media print {
-      @page {
-        size: A4 landscape;
-        margin: var(--print-margin);
-      }
-    }
-  }
-
-  /* First page header styles */
-  .print-first-page-header {
-    @media print {
-      @page :first {
-        margin-top: var(--print-first-page-margin);
-      }
-    }
-  }
-
-  .print-cover-header {
-    @media print {
-      @page :first {
-        margin-top: var(--print-first-page-margin);
-      }
-    }
-  }
-
-  .print-subsequent-header {
-    @media print {
-      @page :not(:first) {
-        margin-top: var(--print-margin);
-      }
-    }
-  }
-
-  /* Print-specific layouts */
-  @media print {
-    .print-hidden {
-      display: none !important;
-    }
-
-    .print-visible {
-      display: block !important;
-    }
-
-    .print-first-page-only {
-      display: block;
-    }
-
-    .print-subsequent-pages-only {
-      display: none;
-    }
-  }
-
-  @media print {
-    @page :not(:first) {
-      .print-first-page-only {
-        display: none !important;
-      }
-
-      .print-subsequent-pages-only {
-        display: block !important;
-      }
-    }
-  }
-
-  /* Print typography */
-  .print-text {
-    @media print {
-      font-size: var(--print-font-size);
-      line-height: var(--print-line-height);
-      color: var(--print-color);
-    }
-  }
-
-  /* Print layout container */
-  .print-layout {
-    @media print {
-      width: 100%;
-      max-width: none;
-      margin: 0;
-      padding: 0;
-      background: var(--print-bg);
-      color: var(--print-color);
-    }
-  }
 }

package/src/types/file-reference.ts

@@ -0,0 +1,77 @@
+// File Reference System Types
+// These types define the structure for the centralized file reference system
+
+export interface FileReference {
+  id: string;
+  table_name: string;
+  record_id: string;
+  file_path: string;
+  file_metadata: FileMetadata;
+  organisation_id: string;
+  app_id: string;
+  is_public: boolean;
+  created_at: string;
+  updated_at: string;
+}
+
+export interface FileMetadata {
+  fileName: string;
+  fileType: string;
+  fileSize?: number;
+  width?: number;
+  height?: number;
+  category: FileCategory;
+  hash?: string;
+  uploadedBy?: string;
+  uploadedAt?: string;
+  tags?: string[];
+  customMetadata?: Record<string, any>;
+}
+
+export enum FileCategory {
+  PROFILE_PHOTOS = 'profile_photos',
+  ID_DOCUMENTS = 'id_documents',
+  QUALIFICATIONS = 'qualifications',
+  MEDICAL_DOCUMENTS = 'medical_documents',
+  DISH_IMAGES = 'dish_images',
+  EVENT_LOGOS = 'event_logos',
+  GENERAL_DOCUMENTS = 'general_documents',
+  IMAGES = 'images',
+  AUDIO = 'audio',
+  VIDEO = 'video',
+  ARCHIVES = 'archives'
+}
+
+export interface FileUploadOptions {
+  table_name: string;
+  record_id: string;
+  organisation_id: string;
+  app_id: string;
+  category: FileCategory;
+  is_public?: boolean;
+  custom_metadata?: Record<string, any>;
+}
+
+export interface FileReferenceService {
+  createFileReference(options: FileUploadOptions, file: File): Promise<FileReference>;
+  getFileReference(table_name: string, record_id: string, organisation_id: string): Promise<FileReference | null>;
+  getFileUrl(table_name: string, record_id: string, organisation_id: string): Promise<string | null>;
+  getSignedUrl(table_name: string, record_id: string, organisation_id: string, expires_in?: number): Promise<string | null>;
+  updateFileReference(id: string, updates: Partial<FileReference>): Promise<FileReference>;
+  deleteFileReference(table_name: string, record_id: string, organisation_id: string, delete_file?: boolean): Promise<boolean>;
+  listFileReferences(table_name: string, record_id: string, organisation_id: string): Promise<FileReference[]>;
+  getFileCount(table_name: string, record_id: string, organisation_id: string): Promise<number>;
+}
+
+export interface StorageUploadOptions {
+  orgId: string;
+  category: FileCategory;
+  isPublic?: boolean;
+  customPath?: string;
+}
+
+export interface FileUploadResult {
+  file_reference: FileReference;
+  file_url: string;
+  signed_url?: string;
+}