@jmruthers/pace-core 0.5.76 → 0.5.78
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +8 -0
- package/dist/{RBACService-C4udt_Zp.d.ts → AuthService-Df3IozMG.d.ts} +10 -118
- package/dist/{DataTable-ntgmhO2W.d.ts → DataTable-BE0OXZKQ.d.ts} +9 -2
- package/dist/{DataTable-4GAVPIEG.js → DataTable-ETGVF4Y5.js} +50 -13
- package/dist/{PublicLoadingSpinner-BiNER8F5.d.ts → PublicLoadingSpinner-CnUaz0vG.d.ts} +5 -2
- package/dist/{UnifiedAuthProvider-Bj6YCf7c.d.ts → UnifiedAuthProvider-B391Aqum.d.ts} +42 -45
- package/dist/{UnifiedAuthProvider-3NKDOSOK.js → UnifiedAuthProvider-P5SOJAQ6.js} +4 -5
- package/dist/{api-DDMUKIUD.js → api-KG4A2X7P.js} +9 -3
- package/dist/{audit-6TOCAMKO.js → audit-65VNHEV2.js} +2 -2
- package/dist/{chunk-K34IM5CT.js → chunk-2OGV6IRV.js} +196 -626
- package/dist/chunk-2OGV6IRV.js.map +1 -0
- package/dist/{chunk-NTNILOBC.js → chunk-5BO3MI5Y.js} +4 -4
- package/dist/{chunk-XLZ7U46Z.js → chunk-CVMVPYAL.js} +9 -60
- package/dist/chunk-CVMVPYAL.js.map +1 -0
- package/dist/{chunk-URUTVZ7N.js → chunk-FL4ZCQLD.js} +2 -2
- package/dist/{chunk-LW7MMEAQ.js → chunk-FT2M4R4F.js} +2 -2
- package/dist/{chunk-5BSLGBYI.js → chunk-JCQZ6LA7.js} +2 -8
- package/dist/{chunk-5BSLGBYI.js.map → chunk-JCQZ6LA7.js.map} +1 -1
- package/dist/{chunk-KHJS6VIA.js → chunk-LRQ6RBJC.js} +157 -112
- package/dist/chunk-LRQ6RBJC.js.map +1 -0
- package/dist/{chunk-WN6XJWOS.js → chunk-MNJXXD6C.js} +274 -743
- package/dist/chunk-MNJXXD6C.js.map +1 -0
- package/dist/{chunk-KK73ZB4E.js → chunk-PTR5PMPE.js} +153 -132
- package/dist/chunk-PTR5PMPE.js.map +1 -0
- package/dist/{chunk-B2WTCLCV.js → chunk-Q7APDV6H.js} +18 -8
- package/dist/chunk-Q7APDV6H.js.map +1 -0
- package/dist/{chunk-A4FUBC7B.js → chunk-QGVSOUJ2.js} +2 -4
- package/dist/{chunk-A4FUBC7B.js.map → chunk-QGVSOUJ2.js.map} +1 -1
- package/dist/{chunk-FGMFQSHX.js → chunk-S63MFSY6.js} +500 -551
- package/dist/chunk-S63MFSY6.js.map +1 -0
- package/dist/{chunk-AFGTSUAD.js → chunk-VSOKOFRF.js} +4 -4
- package/dist/chunk-WUXCWRL6.js +20 -0
- package/dist/chunk-WUXCWRL6.js.map +1 -0
- package/dist/{chunk-Y6TXWPJO.js → chunk-YVVGHRGI.js} +105 -31
- package/dist/chunk-YVVGHRGI.js.map +1 -0
- package/dist/{chunk-M5IWZRBT.js → chunk-ZMNXIJP4.js} +2187 -981
- package/dist/chunk-ZMNXIJP4.js.map +1 -0
- package/dist/components.d.ts +6 -6
- package/dist/components.js +14 -18
- package/dist/components.js.map +1 -1
- package/dist/{database-C3Szpi5J.d.ts → database-BXAfr2Y_.d.ts} +18 -0
- package/dist/hooks.d.ts +5 -5
- package/dist/hooks.js +8 -9
- package/dist/hooks.js.map +1 -1
- package/dist/index.d.ts +19 -27
- package/dist/index.js +21 -29
- package/dist/index.js.map +1 -1
- package/dist/{organisation-BtshODVF.d.ts → organisation-D6qRDtbF.d.ts} +1 -1
- package/dist/providers.d.ts +7 -21
- package/dist/providers.js +3 -10
- package/dist/rbac/index.d.ts +71 -221
- package/dist/rbac/index.js +15 -16
- package/dist/{types-CGX9Vyf5.d.ts → types-BDg1mAGG.d.ts} +36 -6
- package/dist/types.d.ts +3 -3
- package/dist/types.js +61 -18
- package/dist/types.js.map +1 -1
- package/dist/{unified-CM7T0aTK.d.ts → unified-DQ4VcT7H.d.ts} +1 -1
- package/dist/{usePublicRouteParams-B-CumWRc.d.ts → usePublicRouteParams-BlgwXweB.d.ts} +3 -3
- package/dist/utils.d.ts +2 -2
- package/dist/utils.js +52 -9
- package/dist/utils.js.map +1 -1
- package/docs/CONTENT_AUDIT_REPORT.md +253 -0
- package/docs/DOCUMENTATION_AUDIT.md +172 -0
- package/docs/README.md +142 -147
- package/docs/STYLE_GUIDE.md +37 -0
- package/docs/api/classes/ColumnFactory.md +17 -17
- package/docs/api/classes/ErrorBoundary.md +1 -1
- package/docs/api/classes/InvalidScopeError.md +4 -4
- package/docs/api/classes/MissingUserContextError.md +4 -4
- package/docs/api/classes/OrganisationContextRequiredError.md +4 -4
- package/docs/api/classes/PermissionDeniedError.md +5 -5
- package/docs/api/classes/PublicErrorBoundary.md +1 -1
- package/docs/api/classes/RBACAuditManager.md +8 -8
- package/docs/api/classes/RBACCache.md +35 -5
- package/docs/api/classes/RBACEngine.md +49 -20
- package/docs/api/classes/RBACError.md +4 -4
- package/docs/api/classes/RBACNotInitializedError.md +4 -4
- package/docs/api/classes/SecureSupabaseClient.md +1 -1
- package/docs/api/classes/StorageUtils.md +1 -1
- package/docs/api/enums/FileCategory.md +1 -1
- package/docs/api/interfaces/AggregateConfig.md +4 -4
- package/docs/api/interfaces/ButtonProps.md +1 -1
- package/docs/api/interfaces/CardProps.md +1 -1
- package/docs/api/interfaces/ColorPalette.md +1 -1
- package/docs/api/interfaces/ColorShade.md +1 -1
- package/docs/api/interfaces/DataAccessRecord.md +1 -1
- package/docs/api/interfaces/DataRecord.md +11 -0
- package/docs/api/interfaces/DataTableAction.md +65 -29
- package/docs/api/interfaces/DataTableColumn.md +36 -23
- package/docs/api/interfaces/DataTableProps.md +80 -38
- package/docs/api/interfaces/DataTableToolbarButton.md +7 -7
- package/docs/api/interfaces/EmptyStateConfig.md +5 -5
- package/docs/api/interfaces/EnhancedNavigationMenuProps.md +1 -1
- package/docs/api/interfaces/EventLogoProps.md +1 -1
- package/docs/api/interfaces/FileDisplayProps.md +1 -1
- package/docs/api/interfaces/FileMetadata.md +1 -1
- package/docs/api/interfaces/FileReference.md +1 -1
- package/docs/api/interfaces/FileSizeLimits.md +1 -1
- package/docs/api/interfaces/FileUploadOptions.md +1 -1
- package/docs/api/interfaces/FileUploadProps.md +1 -1
- package/docs/api/interfaces/FooterProps.md +1 -1
- package/docs/api/interfaces/InactivityWarningModalProps.md +1 -1
- package/docs/api/interfaces/InputProps.md +1 -1
- package/docs/api/interfaces/LabelProps.md +1 -1
- package/docs/api/interfaces/LoginFormProps.md +1 -1
- package/docs/api/interfaces/NavigationAccessRecord.md +11 -11
- package/docs/api/interfaces/NavigationContextType.md +9 -9
- package/docs/api/interfaces/NavigationGuardProps.md +1 -1
- package/docs/api/interfaces/NavigationItem.md +1 -1
- package/docs/api/interfaces/NavigationMenuProps.md +1 -1
- package/docs/api/interfaces/NavigationProviderProps.md +7 -7
- package/docs/api/interfaces/Organisation.md +1 -1
- package/docs/api/interfaces/OrganisationContextType.md +1 -1
- package/docs/api/interfaces/OrganisationMembership.md +1 -1
- package/docs/api/interfaces/OrganisationProviderProps.md +1 -1
- package/docs/api/interfaces/OrganisationSecurityError.md +1 -1
- package/docs/api/interfaces/PaceAppLayoutProps.md +1 -1
- package/docs/api/interfaces/PaceLoginPageProps.md +16 -3
- package/docs/api/interfaces/PageAccessRecord.md +1 -1
- package/docs/api/interfaces/PagePermissionContextType.md +1 -1
- package/docs/api/interfaces/PagePermissionGuardProps.md +2 -2
- package/docs/api/interfaces/PagePermissionProviderProps.md +1 -1
- package/docs/api/interfaces/PaletteData.md +1 -1
- package/docs/api/interfaces/PermissionEnforcerProps.md +4 -4
- package/docs/api/interfaces/PublicErrorBoundaryProps.md +1 -1
- package/docs/api/interfaces/PublicErrorBoundaryState.md +1 -1
- package/docs/api/interfaces/PublicLoadingSpinnerProps.md +1 -1
- package/docs/api/interfaces/PublicPageFooterProps.md +1 -1
- package/docs/api/interfaces/PublicPageHeaderProps.md +1 -1
- package/docs/api/interfaces/PublicPageLayoutProps.md +1 -1
- package/docs/api/interfaces/RBACConfig.md +1 -1
- package/docs/api/interfaces/RBACLogger.md +1 -1
- package/docs/api/interfaces/RoleBasedRouterContextType.md +1 -1
- package/docs/api/interfaces/RoleBasedRouterProps.md +1 -1
- package/docs/api/interfaces/RouteAccessRecord.md +2 -2
- package/docs/api/interfaces/RouteConfig.md +2 -2
- package/docs/api/interfaces/SecureDataContextType.md +1 -1
- package/docs/api/interfaces/SecureDataProviderProps.md +1 -1
- package/docs/api/interfaces/StorageConfig.md +1 -1
- package/docs/api/interfaces/StorageFileInfo.md +1 -1
- package/docs/api/interfaces/StorageFileMetadata.md +1 -1
- package/docs/api/interfaces/StorageListOptions.md +1 -1
- package/docs/api/interfaces/StorageListResult.md +1 -1
- package/docs/api/interfaces/StorageUploadOptions.md +1 -1
- package/docs/api/interfaces/StorageUploadResult.md +1 -1
- package/docs/api/interfaces/StorageUrlOptions.md +1 -1
- package/docs/api/interfaces/StyleImport.md +1 -1
- package/docs/api/interfaces/SwitchProps.md +1 -1
- package/docs/api/interfaces/ToastActionElement.md +1 -1
- package/docs/api/interfaces/ToastProps.md +1 -1
- package/docs/api/interfaces/UnifiedAuthContextType.md +94 -521
- package/docs/api/interfaces/UnifiedAuthProviderProps.md +16 -16
- package/docs/api/interfaces/UseInactivityTrackerOptions.md +1 -1
- package/docs/api/interfaces/UseInactivityTrackerReturn.md +1 -1
- package/docs/api/interfaces/UsePublicEventLogoOptions.md +1 -1
- package/docs/api/interfaces/UsePublicEventLogoReturn.md +1 -1
- package/docs/api/interfaces/UsePublicEventOptions.md +1 -1
- package/docs/api/interfaces/UsePublicEventReturn.md +1 -1
- package/docs/api/interfaces/UsePublicRouteParamsReturn.md +1 -1
- package/docs/api/interfaces/UseResolvedScopeOptions.md +1 -1
- package/docs/api/interfaces/UseResolvedScopeReturn.md +1 -1
- package/docs/api/interfaces/UserEventAccess.md +11 -11
- package/docs/api/interfaces/UserMenuProps.md +1 -1
- package/docs/api/interfaces/UserProfile.md +1 -1
- package/docs/api/modules.md +251 -269
- package/docs/api-reference/components.md +193 -0
- package/docs/api-reference/hooks.md +265 -0
- package/docs/api-reference/providers.md +6 -0
- package/docs/api-reference/types.md +6 -0
- package/docs/api-reference/utilities.md +207 -0
- package/docs/architecture/README.md +6 -0
- package/docs/{database-schema-requirements.md → architecture/database-schema-requirements.md} +6 -0
- package/docs/architecture/rbac-security-architecture.md +258 -0
- package/docs/architecture/services.md +9 -1
- package/docs/best-practices/README.md +6 -0
- package/docs/best-practices/accessibility.md +6 -0
- package/docs/{common-patterns.md → best-practices/common-patterns.md} +6 -0
- package/docs/best-practices/deployment.md +6 -0
- package/docs/best-practices/performance.md +475 -2
- package/docs/best-practices/security.md +6 -0
- package/docs/best-practices/testing.md +6 -0
- package/docs/core-concepts/authentication.md +6 -0
- package/docs/core-concepts/events.md +6 -0
- package/docs/core-concepts/organisations.md +6 -0
- package/docs/core-concepts/permissions.md +6 -0
- package/docs/core-concepts/rbac-system.md +8 -0
- package/docs/documentation-index.md +121 -182
- package/docs/{consuming-app-vite-config.md → getting-started/consuming-app-vite-config.md} +6 -0
- package/docs/getting-started/documentation-index.md +40 -0
- package/docs/getting-started/examples/README.md +878 -35
- package/docs/{faq.md → getting-started/faq.md} +7 -1
- package/docs/getting-started/installation-guide.md +6 -0
- package/docs/{quick-reference.md → getting-started/quick-reference.md} +6 -0
- package/docs/implementation-guides/app-layout.md +6 -0
- package/docs/implementation-guides/authentication.md +1021 -0
- package/docs/implementation-guides/component-styling.md +6 -0
- package/docs/implementation-guides/data-tables.md +1264 -2076
- package/docs/implementation-guides/dynamic-colors.md +6 -0
- package/docs/implementation-guides/event-theming-summary.md +6 -0
- package/docs/{file-reference-system.md → implementation-guides/file-reference-system.md} +6 -0
- package/docs/implementation-guides/file-upload-storage.md +6 -0
- package/docs/implementation-guides/forms.md +6 -0
- package/docs/implementation-guides/inactivity-tracking.md +6 -0
- package/docs/implementation-guides/navigation.md +6 -0
- package/docs/implementation-guides/organisation-security.md +6 -0
- package/docs/implementation-guides/permission-enforcement.md +6 -0
- package/docs/implementation-guides/public-pages-advanced.md +6 -0
- package/docs/implementation-guides/public-pages.md +6 -0
- package/docs/migration/MIGRATION_GUIDE.md +827 -351
- package/docs/migration/README.md +7 -1
- package/docs/migration/organisation-context-timing-fix.md +6 -0
- package/docs/migration/rbac-migration.md +44 -1
- package/docs/migration/service-architecture.md +6 -0
- package/docs/migration/v0.4.15-tailwind-scanning.md +6 -0
- package/docs/migration/v0.4.16-css-first-approach.md +6 -0
- package/docs/migration/v0.4.17-source-path-fix.md +6 -0
- package/docs/rbac/README-rbac-rls-integration.md +6 -0
- package/docs/rbac/README.md +6 -0
- package/docs/rbac/advanced-patterns.md +6 -0
- package/docs/rbac/api-reference.md +7 -1
- package/docs/rbac/breaking-changes-v3.md +222 -0
- package/docs/rbac/examples/rbac-rls-integration-example.md +6 -0
- package/docs/rbac/examples.md +6 -0
- package/docs/rbac/getting-started.md +6 -0
- package/docs/rbac/migration-guide.md +260 -0
- package/docs/rbac/quick-start.md +70 -13
- package/docs/rbac/rbac-rls-integration.md +6 -0
- package/docs/rbac/super-admin-guide.md +6 -0
- package/docs/rbac/troubleshooting.md +6 -0
- package/docs/security/README.md +6 -0
- package/docs/security/checklist.md +6 -0
- package/docs/styles/README.md +7 -1
- package/docs/{usage.md → styles/usage.md} +6 -0
- package/docs/testing/README.md +6 -0
- package/docs/{visual-testing.md → testing/visual-testing.md} +6 -0
- package/docs/troubleshooting/README.md +387 -5
- package/docs/troubleshooting/cake-page-permission-guard-issue-summary.md +6 -0
- package/docs/troubleshooting/common-issues.md +6 -0
- package/docs/troubleshooting/database-view-compatibility.md +6 -0
- package/docs/troubleshooting/organisation-context-setup.md +6 -0
- package/docs/troubleshooting/react-hooks-issue-analysis.md +6 -0
- package/docs/troubleshooting/styling-issues.md +6 -0
- package/docs/troubleshooting/tailwind-content-scanning.md +6 -0
- package/package.json +1 -1
- package/src/__tests__/helpers/__tests__/test-providers.test.tsx +2 -1
- package/src/__tests__/helpers/test-providers.tsx +3 -53
- package/src/components/DataTable/DataTable.test.tsx +319 -0
- package/src/components/DataTable/DataTable.tsx +32 -11
- package/src/components/DataTable/__tests__/{DataTable.comprehensive.test.tsx → DataTable.comprehensive.test.tsx.skip} +6 -4
- package/src/components/DataTable/__tests__/{DataTable.test.tsx → DataTable.test.tsx.skip} +6 -4
- package/src/components/DataTable/__tests__/DataTableCore.test.tsx +31 -9
- package/src/components/DataTable/__tests__/a11y.basic.test.tsx +601 -0
- package/src/components/DataTable/__tests__/keyboard.test.tsx +615 -0
- package/src/components/DataTable/__tests__/pagination.modes.test.tsx +639 -0
- package/src/components/DataTable/__tests__/ssr.strict-mode.test.tsx.skip +330 -0
- package/src/components/DataTable/components/AccessDeniedPage.tsx +2 -2
- package/src/components/DataTable/components/ActionButtons.tsx +88 -104
- package/src/components/DataTable/components/DataTableCore.tsx +309 -337
- package/src/components/DataTable/components/DataTableErrorBoundary.tsx +4 -2
- package/src/components/DataTable/components/DataTableModals.tsx +22 -1
- package/src/components/DataTable/components/EditableRow.tsx +69 -84
- package/src/components/DataTable/components/EmptyState.tsx +5 -1
- package/src/components/DataTable/components/ImportModal.tsx +65 -36
- package/src/components/DataTable/components/PaginationControls.tsx +40 -100
- package/src/components/DataTable/components/UnifiedTableBody.tsx +125 -148
- package/src/components/DataTable/context/DataTableContext.tsx +1 -1
- package/src/components/DataTable/core/ColumnFactory.ts +5 -0
- package/src/components/DataTable/examples/HierarchicalActionsExample.tsx +12 -10
- package/src/components/DataTable/examples/HierarchicalExample.tsx +1 -1
- package/src/components/DataTable/examples/InitialPageSizeExample.tsx +1 -0
- package/src/components/DataTable/examples/PerformanceExample.tsx +1 -0
- package/src/components/DataTable/hooks/__tests__/useColumnOrderPersistence.test.ts +1 -5
- package/src/components/DataTable/hooks/__tests__/useColumnVisibilityPersistence.test.ts +167 -0
- package/src/components/DataTable/hooks/index.ts +7 -0
- package/src/components/DataTable/hooks/useColumnOrderPersistence.ts +32 -15
- package/src/components/DataTable/hooks/useColumnVisibilityPersistence.ts +102 -0
- package/src/components/DataTable/hooks/useDataTableConfiguration.ts +89 -0
- package/src/components/DataTable/hooks/useDataTableDataPipeline.ts +117 -0
- package/src/components/DataTable/hooks/useDataTablePermissions.ts +71 -27
- package/src/components/DataTable/hooks/useDataTableState.ts +39 -11
- package/src/components/DataTable/hooks/useEffectiveColumnOrder.ts +33 -0
- package/src/components/DataTable/hooks/useHierarchicalState.ts +15 -1
- package/src/components/DataTable/hooks/useKeyboardNavigation.ts +447 -0
- package/src/components/DataTable/hooks/useServerSideDataEffect.ts +94 -0
- package/src/components/DataTable/hooks/useTableColumns.ts +10 -7
- package/src/components/DataTable/hooks/useTableHandlers.ts +174 -0
- package/src/components/DataTable/index.ts +12 -3
- package/src/components/DataTable/types.ts +129 -9
- package/src/components/DataTable/utils/__tests__/exportUtils.test.ts +159 -22
- package/src/components/DataTable/utils/__tests__/flexibleImport.test.ts +111 -0
- package/src/components/DataTable/utils/__tests__/rowUtils.test.ts +15 -29
- package/src/components/DataTable/utils/a11yUtils.ts +244 -0
- package/src/components/DataTable/utils/debugTools.ts +609 -0
- package/src/components/DataTable/utils/exportUtils.ts +114 -16
- package/src/components/DataTable/utils/flexibleImport.ts +202 -32
- package/src/components/DataTable/utils/hierarchicalUtils.ts +1 -1
- package/src/components/DataTable/utils/index.ts +2 -0
- package/src/components/DataTable/utils/paginationUtils.ts +350 -0
- package/src/components/DataTable/utils/rowUtils.ts +6 -5
- package/src/components/NavigationMenu/NavigationMenu.test.tsx +19 -24
- package/src/components/NavigationMenu/NavigationMenu.tsx +19 -8
- package/src/components/PaceAppLayout/__tests__/PaceAppLayout.security.test.tsx +1 -23
- package/src/components/PaceLoginPage/PaceLoginPage.test.tsx +56 -6
- package/src/components/PaceLoginPage/PaceLoginPage.tsx +137 -13
- package/src/components/PublicLayout/__tests__/PublicPageHeader.test.tsx +1 -1
- package/src/components/Select/Select.tsx +1 -0
- package/src/components/examples/PermissionExample.tsx +173 -0
- package/src/examples/CorrectPublicPageImplementation.tsx +301 -0
- package/src/examples/PublicEventPage.tsx +274 -0
- package/src/examples/PublicPageApp.tsx +308 -0
- package/src/examples/PublicPageUsageExample.tsx +216 -0
- package/src/hooks/__tests__/useOrganisationPermissions.unit.test.tsx +12 -1
- package/src/hooks/__tests__/useOrganisationSecurity.unit.test.tsx +129 -17
- package/src/hooks/__tests__/useRBAC.unit.test.ts +151 -846
- package/src/hooks/useOrganisationPermissions.test.ts +42 -18
- package/src/hooks/useOrganisationPermissions.ts +12 -6
- package/src/hooks/useOrganisationSecurity.test.ts +138 -85
- package/src/hooks/useOrganisationSecurity.ts +41 -10
- package/src/index.ts +0 -1
- package/src/providers/AuthProvider.simplified.tsx +880 -0
- package/src/providers/UnifiedAuthProvider.test.simple.tsx +8 -8
- package/src/providers/__tests__/UnifiedAuthProvider.test.tsx +29 -19
- package/src/providers/index.ts +0 -1
- package/src/providers/services/EventServiceProvider.tsx +19 -15
- package/src/providers/services/InactivityServiceProvider.tsx +19 -15
- package/src/providers/services/OrganisationServiceProvider.tsx +19 -15
- package/src/providers/services/UnifiedAuthProvider.tsx +156 -127
- package/src/providers/services/__tests__/AuthServiceProvider.integration.test.tsx +1 -1
- package/src/providers/services/__tests__/UnifiedAuthProvider.integration.test.tsx +3 -3
- package/src/rbac/README.md +1 -1
- package/src/rbac/__tests__/adapters.comprehensive.test.tsx +25 -27
- package/src/rbac/__tests__/auth-rbac-security.integration.test.tsx +313 -0
- package/src/rbac/__tests__/engine.comprehensive.test.ts +114 -348
- package/src/rbac/__tests__/rbac-engine-core-logic.test.ts +28 -110
- package/src/rbac/__tests__/rbac-engine-simplified.test.ts +33 -85
- package/src/rbac/__tests__/scenarios.user-role.test.tsx +2 -2
- package/src/rbac/adapters.tsx +26 -69
- package/src/rbac/api.test.ts +90 -27
- package/src/rbac/api.ts +61 -10
- package/src/rbac/audit.test.ts +33 -38
- package/src/rbac/audit.ts +21 -6
- package/src/rbac/cache.ts +33 -1
- package/src/rbac/components/NavigationGuard.tsx +11 -11
- package/src/rbac/components/NavigationProvider.test.tsx +11 -5
- package/src/rbac/components/NavigationProvider.tsx +37 -13
- package/src/rbac/components/PagePermissionGuard.tsx +111 -50
- package/src/rbac/components/PagePermissionProvider.tsx +5 -5
- package/src/rbac/components/PermissionEnforcer.tsx +11 -11
- package/src/rbac/components/RoleBasedRouter.tsx +5 -5
- package/src/rbac/components/SecureDataProvider.tsx +5 -5
- package/src/rbac/components/__tests__/NavigationGuard.test.tsx +8 -8
- package/src/rbac/components/__tests__/PagePermissionGuard.test.tsx +14 -14
- package/src/rbac/components/__tests__/PermissionEnforcer.test.tsx +12 -12
- package/src/rbac/components/__tests__/RoleBasedRouter.test.tsx +6 -6
- package/src/rbac/engine.test.simple.ts +19 -13
- package/src/rbac/engine.test.ts +1 -0
- package/src/rbac/engine.ts +330 -766
- package/src/rbac/errors.ts +156 -0
- package/src/rbac/hooks/usePermissions.ts +32 -10
- package/src/rbac/hooks/useRBAC.test.ts +126 -512
- package/src/rbac/hooks/useRBAC.ts +147 -193
- package/src/rbac/hooks/useResolvedScope.ts +12 -0
- package/src/rbac/index.ts +7 -4
- package/src/rbac/security.ts +109 -18
- package/src/rbac/types.ts +12 -1
- package/src/services/AuthService.ts +2 -15
- package/src/services/EventService.ts +43 -46
- package/src/services/OrganisationService.ts +51 -31
- package/src/services/__tests__/AuthService.test.ts +1 -1
- package/src/services/__tests__/EventService.test.ts +1 -1
- package/src/services/__tests__/OrganisationService.test.ts +1 -1
- package/src/services/base/BaseService.ts +8 -0
- package/src/styles/base.css +208 -0
- package/src/styles/semantic.css +24 -0
- package/src/types/database.generated.ts +7347 -0
- package/src/types/database.ts +20 -0
- package/src/utils/logger.ts +179 -0
- package/src/utils/organisationContext.ts +11 -4
- package/src/utils/storage/__tests__/helpers.unit.test.ts +6 -2
- package/dist/appNameResolver-UURKN7NF.js +0 -22
- package/dist/audit-6TOCAMKO.js.map +0 -1
- package/dist/chunk-B2WTCLCV.js.map +0 -1
- package/dist/chunk-FGMFQSHX.js.map +0 -1
- package/dist/chunk-K34IM5CT.js.map +0 -1
- package/dist/chunk-KHJS6VIA.js.map +0 -1
- package/dist/chunk-KK73ZB4E.js.map +0 -1
- package/dist/chunk-M5IWZRBT.js.map +0 -1
- package/dist/chunk-ULBI5JGB.js +0 -109
- package/dist/chunk-ULBI5JGB.js.map +0 -1
- package/dist/chunk-WN6XJWOS.js.map +0 -1
- package/dist/chunk-XLZ7U46Z.js.map +0 -1
- package/dist/chunk-Y6TXWPJO.js.map +0 -1
- package/docs/DOCUMENTATION_CHECKLIST.md +0 -281
- package/docs/TERMINOLOGY.md +0 -231
- package/docs/api/interfaces/RBACContextType.md +0 -468
- package/docs/api/interfaces/RBACProviderProps.md +0 -107
- package/docs/best-practices/performance-expansion.md +0 -473
- package/docs/breaking-changes.md +0 -179
- package/docs/consuming-app-example.md +0 -290
- package/docs/documentation-templates.md +0 -539
- package/docs/examples/navigation-menu-auth-fix.md +0 -344
- package/docs/getting-started/examples/basic-auth-app.md +0 -520
- package/docs/getting-started/examples/full-featured-app.md +0 -616
- package/docs/getting-started/quick-start.md +0 -376
- package/docs/implementation-guides/datatable-filtering.md +0 -313
- package/docs/implementation-guides/datatable-rbac-usage.md +0 -317
- package/docs/implementation-guides/hierarchical-datatable.md +0 -850
- package/docs/implementation-guides/large-datasets.md +0 -281
- package/docs/implementation-guides/performance.md +0 -403
- package/docs/migration/quick-migration-guide.md +0 -320
- package/docs/migration-guide.md +0 -193
- package/docs/migration-guides/unified-auth-provider-mandatory-timeouts.md +0 -226
- package/docs/performance/README.md +0 -551
- package/docs/style-guide.md +0 -964
- package/docs/troubleshooting/authentication-issues.md +0 -334
- package/docs/troubleshooting/debugging.md +0 -1117
- package/docs/troubleshooting/migration.md +0 -918
- package/src/__tests__/hooks/usePermissions.test.ts +0 -261
- package/src/components/PaceAppLayout/__tests__/PaceAppLayout.rbac.test.tsx +0 -574
- package/src/hooks/__tests__/ServiceHooks.test.tsx +0 -613
- package/src/hooks/services/__tests__/useServiceHooks.test.tsx +0 -137
- package/src/hooks/services/usePermissions.ts +0 -70
- package/src/hooks/services/useRBACService.ts +0 -30
- package/src/hooks/usePermissionCheck.ts +0 -150
- package/src/providers/__tests__/ServiceProviders.test.tsx +0 -477
- package/src/providers/services/RBACServiceProvider.tsx +0 -79
- package/src/rbac/__tests__/integration.authflow.test.tsx +0 -119
- package/src/rbac/__tests__/integration.navigation.test.tsx +0 -69
- package/src/rbac/__tests__/integration.securedata.test.tsx +0 -92
- package/src/rbac/__tests__/integration.smoke.test.tsx +0 -73
- package/src/rbac/providers/RBACProvider.tsx +0 -645
- package/src/rbac/providers/__tests__/RBACProvider.integration.test.tsx +0 -688
- package/src/rbac/providers/__tests__/RBACProvider.test.tsx +0 -1186
- package/src/rbac/providers/index.ts +0 -11
- package/src/services/RBACService.ts +0 -522
- package/src/services/__tests__/RBACService.test.ts +0 -492
- package/src/services/interfaces/IRBACService.ts +0 -62
- package/src/utils/appNameResolver.test 2.ts +0 -494
- /package/dist/{DataTable-4GAVPIEG.js.map → DataTable-ETGVF4Y5.js.map} +0 -0
- /package/dist/{UnifiedAuthProvider-3NKDOSOK.js.map → UnifiedAuthProvider-P5SOJAQ6.js.map} +0 -0
- /package/dist/{api-DDMUKIUD.js.map → api-KG4A2X7P.js.map} +0 -0
- /package/dist/{appNameResolver-UURKN7NF.js.map → audit-65VNHEV2.js.map} +0 -0
- /package/dist/{chunk-NTNILOBC.js.map → chunk-5BO3MI5Y.js.map} +0 -0
- /package/dist/{chunk-URUTVZ7N.js.map → chunk-FL4ZCQLD.js.map} +0 -0
- /package/dist/{chunk-LW7MMEAQ.js.map → chunk-FT2M4R4F.js.map} +0 -0
- /package/dist/{chunk-AFGTSUAD.js.map → chunk-VSOKOFRF.js.map} +0 -0
- /package/docs/{app.css.example → styles/app.css.example} +0 -0
|
@@ -1,11 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* RBAC Providers Public API
|
|
3
|
-
* @package @jmruthers/pace-core
|
|
4
|
-
* @module RBAC/Providers
|
|
5
|
-
* @since 2.0.0
|
|
6
|
-
*
|
|
7
|
-
* This module provides the public API for RBAC providers.
|
|
8
|
-
*/
|
|
9
|
-
|
|
10
|
-
export { RBACProvider, useRBAC as useRBACProvider } from './RBACProvider';
|
|
11
|
-
export type { RBACProviderProps, RBACContextType, UserEventAccess } from './RBACProvider';
|
|
@@ -1,522 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* @file RBAC Service
|
|
3
|
-
* @package @jmruthers/pace-core
|
|
4
|
-
* @module Services
|
|
5
|
-
* @since 0.1.0
|
|
6
|
-
*
|
|
7
|
-
* RBAC service implementation.
|
|
8
|
-
* Handles role-based access control, permissions, and event access management.
|
|
9
|
-
*/
|
|
10
|
-
|
|
11
|
-
import { type SupabaseClient, type User, type Session } from '@supabase/supabase-js';
|
|
12
|
-
import { BaseService } from './base/BaseService';
|
|
13
|
-
import { IRBACService, UserEventAccess, AppConfig } from './interfaces/IRBACService';
|
|
14
|
-
import { AccessLevel } from '../types/unified';
|
|
15
|
-
import { DebugLogger } from '../utils/debugLogger';
|
|
16
|
-
|
|
17
|
-
export class RBACService extends BaseService implements IRBACService {
|
|
18
|
-
private permissions: Record<string, boolean> = {};
|
|
19
|
-
private roles: string[] = [];
|
|
20
|
-
private accessLevel: AccessLevel = AccessLevel.VIEWER;
|
|
21
|
-
private rbacLoading = false;
|
|
22
|
-
private rbacError: Error | null = null;
|
|
23
|
-
private selectedEventId: string | null = null;
|
|
24
|
-
private appConfig: AppConfig | null = null;
|
|
25
|
-
private userEventAccess: UserEventAccess[] = [];
|
|
26
|
-
private eventAccessLoading = false;
|
|
27
|
-
private selectedOrganisationId: string | null = null;
|
|
28
|
-
|
|
29
|
-
// Dependencies
|
|
30
|
-
private supabaseClient: SupabaseClient | null = null;
|
|
31
|
-
private user: User | null = null;
|
|
32
|
-
private session: Session | null = null;
|
|
33
|
-
private appName: string = '';
|
|
34
|
-
|
|
35
|
-
constructor(supabaseClient: SupabaseClient, user: User | null, session: Session | null, appName: string) {
|
|
36
|
-
super();
|
|
37
|
-
this.supabaseClient = supabaseClient;
|
|
38
|
-
this.user = user;
|
|
39
|
-
this.session = session;
|
|
40
|
-
this.appName = appName;
|
|
41
|
-
}
|
|
42
|
-
|
|
43
|
-
// Update dependencies
|
|
44
|
-
updateDependencies(user: User | null, session: Session | null, appName: string): void {
|
|
45
|
-
this.user = user;
|
|
46
|
-
this.session = session;
|
|
47
|
-
this.appName = appName;
|
|
48
|
-
this.notify();
|
|
49
|
-
}
|
|
50
|
-
|
|
51
|
-
// RBAC state getters
|
|
52
|
-
getPermissions(): Record<string, boolean> {
|
|
53
|
-
return this.permissions;
|
|
54
|
-
}
|
|
55
|
-
|
|
56
|
-
getRoles(): string[] {
|
|
57
|
-
return this.roles;
|
|
58
|
-
}
|
|
59
|
-
|
|
60
|
-
getAccessLevel(): AccessLevel {
|
|
61
|
-
return this.accessLevel;
|
|
62
|
-
}
|
|
63
|
-
|
|
64
|
-
isLoading(): boolean {
|
|
65
|
-
return this.rbacLoading;
|
|
66
|
-
}
|
|
67
|
-
|
|
68
|
-
getError(): Error | null {
|
|
69
|
-
return this.rbacError;
|
|
70
|
-
}
|
|
71
|
-
|
|
72
|
-
getSelectedEventId(): string | null {
|
|
73
|
-
return this.selectedEventId;
|
|
74
|
-
}
|
|
75
|
-
|
|
76
|
-
getAppConfig(): AppConfig | null {
|
|
77
|
-
return this.appConfig;
|
|
78
|
-
}
|
|
79
|
-
|
|
80
|
-
getUserEventAccess(): UserEventAccess[] {
|
|
81
|
-
return this.userEventAccess;
|
|
82
|
-
}
|
|
83
|
-
|
|
84
|
-
isEventAccessLoading(): boolean {
|
|
85
|
-
return this.eventAccessLoading;
|
|
86
|
-
}
|
|
87
|
-
|
|
88
|
-
getSelectedOrganisationId(): string | null {
|
|
89
|
-
return this.selectedOrganisationId;
|
|
90
|
-
}
|
|
91
|
-
|
|
92
|
-
// RBAC methods
|
|
93
|
-
hasPermission(permission: string, orgId?: string): boolean {
|
|
94
|
-
return !!this.permissions[permission];
|
|
95
|
-
}
|
|
96
|
-
|
|
97
|
-
hasAnyPermission(permissions: string[], orgId?: string): boolean {
|
|
98
|
-
return permissions.some(p => !!this.permissions[p]);
|
|
99
|
-
}
|
|
100
|
-
|
|
101
|
-
hasAllPermissions(permissions: string[], orgId?: string): boolean {
|
|
102
|
-
return permissions.every(p => !!this.permissions[p]);
|
|
103
|
-
}
|
|
104
|
-
|
|
105
|
-
hasRole(role: string): boolean {
|
|
106
|
-
const isSuperAdmin = this.user?.user_metadata?.globalRole === 'super_admin';
|
|
107
|
-
if (role.toLowerCase() === 'super_admin' || role.toLowerCase() === 'super') {
|
|
108
|
-
return isSuperAdmin;
|
|
109
|
-
}
|
|
110
|
-
return this.roles.includes(role);
|
|
111
|
-
}
|
|
112
|
-
|
|
113
|
-
hasAccessLevel(level: AccessLevel): boolean {
|
|
114
|
-
const levels = Object.values(AccessLevel);
|
|
115
|
-
return levels.indexOf(this.accessLevel) >= levels.indexOf(level);
|
|
116
|
-
}
|
|
117
|
-
|
|
118
|
-
canAccess(resource: string, action: string, orgId?: string): boolean {
|
|
119
|
-
const permission = `${resource}:${action}`;
|
|
120
|
-
return this.hasPermission(permission, orgId);
|
|
121
|
-
}
|
|
122
|
-
|
|
123
|
-
async validatePermission(permission: string, orgId?: string): Promise<boolean> {
|
|
124
|
-
return this.hasPermission(permission, orgId);
|
|
125
|
-
}
|
|
126
|
-
|
|
127
|
-
async validateAccess(resource: string, action: string, orgId?: string): Promise<boolean> {
|
|
128
|
-
return this.canAccess(resource, action, orgId);
|
|
129
|
-
}
|
|
130
|
-
|
|
131
|
-
async refreshPermissions(eventId?: string, orgId?: string): Promise<void> {
|
|
132
|
-
if (!this.supabaseClient || !this.user || !this.appConfig || !this.session) {
|
|
133
|
-
DebugLogger.log('RBACService', 'refreshPermissions: Missing required dependencies, clearing permissions');
|
|
134
|
-
this.permissions = {};
|
|
135
|
-
this.roles = [];
|
|
136
|
-
this.accessLevel = AccessLevel.VIEWER;
|
|
137
|
-
this.notify();
|
|
138
|
-
return;
|
|
139
|
-
}
|
|
140
|
-
|
|
141
|
-
// Check for super admin first - admin override should happen regardless of app configuration
|
|
142
|
-
const isSuperAdmin = this.user?.user_metadata?.globalRole === 'super_admin';
|
|
143
|
-
if (isSuperAdmin) {
|
|
144
|
-
this.permissions = {
|
|
145
|
-
'admin:create': true,
|
|
146
|
-
'admin:read': true,
|
|
147
|
-
'admin:update': true,
|
|
148
|
-
'admin:delete': true,
|
|
149
|
-
'users:create': true,
|
|
150
|
-
'users:read': true,
|
|
151
|
-
'users:update': true,
|
|
152
|
-
'users:delete': true,
|
|
153
|
-
'events:create': true,
|
|
154
|
-
'events:read': true,
|
|
155
|
-
'events:update': true,
|
|
156
|
-
'events:delete': true
|
|
157
|
-
};
|
|
158
|
-
this.roles = ['super_admin'];
|
|
159
|
-
this.accessLevel = AccessLevel.ADMIN;
|
|
160
|
-
this.notify();
|
|
161
|
-
return;
|
|
162
|
-
}
|
|
163
|
-
|
|
164
|
-
// Determine if we should load permissions without an event
|
|
165
|
-
const shouldLoadDirectPermissions = !eventId && !this.appConfig.requires_event;
|
|
166
|
-
const shouldLoadEventPermissions = eventId;
|
|
167
|
-
const shouldClearPermissions = !eventId && this.appConfig.requires_event;
|
|
168
|
-
|
|
169
|
-
// If no eventId and app requires events, clear permissions
|
|
170
|
-
if (shouldClearPermissions) {
|
|
171
|
-
this.permissions = {};
|
|
172
|
-
this.roles = [];
|
|
173
|
-
this.accessLevel = AccessLevel.VIEWER;
|
|
174
|
-
this.notify();
|
|
175
|
-
return;
|
|
176
|
-
}
|
|
177
|
-
|
|
178
|
-
// Only proceed if we should load permissions
|
|
179
|
-
if (!shouldLoadDirectPermissions && !shouldLoadEventPermissions) {
|
|
180
|
-
return;
|
|
181
|
-
}
|
|
182
|
-
|
|
183
|
-
this.rbacLoading = true;
|
|
184
|
-
this.rbacError = null;
|
|
185
|
-
this.notify();
|
|
186
|
-
|
|
187
|
-
try {
|
|
188
|
-
// Use the same app name resolution as PagePermissionGuard
|
|
189
|
-
const { getCurrentAppName } = await import('../utils/appNameResolver');
|
|
190
|
-
const resolvedAppName = getCurrentAppName() || this.appName;
|
|
191
|
-
|
|
192
|
-
// First resolve app name to app_id
|
|
193
|
-
const { data: appData, error: appError } = await this.supabaseClient
|
|
194
|
-
.from('rbac_apps')
|
|
195
|
-
.select('id')
|
|
196
|
-
.eq('name', resolvedAppName)
|
|
197
|
-
.eq('is_active', true)
|
|
198
|
-
.single();
|
|
199
|
-
|
|
200
|
-
if (appError || !appData) {
|
|
201
|
-
console.warn('App not found or inactive:', resolvedAppName);
|
|
202
|
-
this.rbacLoading = false;
|
|
203
|
-
this.notify();
|
|
204
|
-
return;
|
|
205
|
-
}
|
|
206
|
-
|
|
207
|
-
const { data, error } = await this.supabaseClient.rpc('rbac_permissions_get', {
|
|
208
|
-
p_user_id: this.user.id,
|
|
209
|
-
p_app_id: appData.id,
|
|
210
|
-
p_event_id: eventId || null,
|
|
211
|
-
p_organisation_id: orgId || this.selectedOrganisationId || null
|
|
212
|
-
});
|
|
213
|
-
|
|
214
|
-
if (error) {
|
|
215
|
-
throw error;
|
|
216
|
-
}
|
|
217
|
-
|
|
218
|
-
const { permissions, roles, access_level } = this.transformRBACPermissions(data, this.appName);
|
|
219
|
-
|
|
220
|
-
this.permissions = permissions;
|
|
221
|
-
this.roles = roles;
|
|
222
|
-
this.accessLevel = access_level;
|
|
223
|
-
} catch (err: any) {
|
|
224
|
-
this.rbacError = err;
|
|
225
|
-
} finally {
|
|
226
|
-
this.rbacLoading = false;
|
|
227
|
-
this.notify();
|
|
228
|
-
}
|
|
229
|
-
}
|
|
230
|
-
|
|
231
|
-
setSelectedEventId(eventId: string | null): void {
|
|
232
|
-
this.selectedEventId = eventId;
|
|
233
|
-
this.notify();
|
|
234
|
-
}
|
|
235
|
-
|
|
236
|
-
async loadUserEventAccess(orgId?: string): Promise<void> {
|
|
237
|
-
if (!this.supabaseClient || !this.user || !this.session) {
|
|
238
|
-
DebugLogger.log('RBACService', 'loadUserEventAccess: Missing required dependencies, clearing event access');
|
|
239
|
-
this.userEventAccess = [];
|
|
240
|
-
this.notify();
|
|
241
|
-
return;
|
|
242
|
-
}
|
|
243
|
-
|
|
244
|
-
this.eventAccessLoading = true;
|
|
245
|
-
this.notify();
|
|
246
|
-
|
|
247
|
-
try {
|
|
248
|
-
// Use the same app name resolution as PagePermissionGuard
|
|
249
|
-
const { getCurrentAppName } = await import('../utils/appNameResolver');
|
|
250
|
-
const resolvedAppName = getCurrentAppName() || this.appName;
|
|
251
|
-
|
|
252
|
-
// First resolve app name to app_id
|
|
253
|
-
const { data: appData, error: appError } = await this.supabaseClient
|
|
254
|
-
.from('rbac_apps')
|
|
255
|
-
.select('id')
|
|
256
|
-
.eq('name', resolvedAppName)
|
|
257
|
-
.eq('is_active', true)
|
|
258
|
-
.single();
|
|
259
|
-
|
|
260
|
-
if (appError || !appData) {
|
|
261
|
-
console.warn('App not found or inactive:', resolvedAppName);
|
|
262
|
-
this.eventAccessLoading = false;
|
|
263
|
-
this.notify();
|
|
264
|
-
return;
|
|
265
|
-
}
|
|
266
|
-
|
|
267
|
-
const { data, error } = await this.supabaseClient
|
|
268
|
-
.from('rbac_event_app_roles')
|
|
269
|
-
.select(`
|
|
270
|
-
event_id,
|
|
271
|
-
role,
|
|
272
|
-
granted_at
|
|
273
|
-
`)
|
|
274
|
-
.eq('user_id', this.user.id)
|
|
275
|
-
.eq('app_id', appData.id);
|
|
276
|
-
|
|
277
|
-
if (error) {
|
|
278
|
-
console.error('Failed to load user event access:', error);
|
|
279
|
-
this.userEventAccess = [];
|
|
280
|
-
this.notify();
|
|
281
|
-
return;
|
|
282
|
-
}
|
|
283
|
-
|
|
284
|
-
const eventAccess = data?.map(item => ({
|
|
285
|
-
event_id: item.event_id,
|
|
286
|
-
event_name: (item as any).event_name || 'Unknown Event', // Event details not available in this query
|
|
287
|
-
event_description: (item as any).event_description || null, // Not available in this schema
|
|
288
|
-
start_date: (item as any).start_date || '', // Event date not available in this query
|
|
289
|
-
end_date: (item as any).end_date || '', // Event date not available in this query
|
|
290
|
-
event_status: (item as any).event_status || 'unknown', // Not available in this schema
|
|
291
|
-
app_id: (item as any).app_id || appData.id,
|
|
292
|
-
access_level: (item as any).access_level || item.role, // Map role to access_level
|
|
293
|
-
granted_at: item.granted_at,
|
|
294
|
-
organisation_id: (item as any).organisation_id || '' // Will be populated from event's organisation_id if needed
|
|
295
|
-
})) || [];
|
|
296
|
-
|
|
297
|
-
this.userEventAccess = eventAccess;
|
|
298
|
-
} catch (error) {
|
|
299
|
-
console.error('Error loading user event access:', error);
|
|
300
|
-
this.userEventAccess = [];
|
|
301
|
-
} finally {
|
|
302
|
-
this.eventAccessLoading = false;
|
|
303
|
-
this.notify();
|
|
304
|
-
}
|
|
305
|
-
}
|
|
306
|
-
|
|
307
|
-
getUserEventAccessById(eventId: string): UserEventAccess | undefined {
|
|
308
|
-
return this.userEventAccess.find(access => access.event_id === eventId);
|
|
309
|
-
}
|
|
310
|
-
|
|
311
|
-
requireOrganisationContext(): string {
|
|
312
|
-
if (!this.selectedOrganisationId) {
|
|
313
|
-
throw new Error('Organisation context is required but not available');
|
|
314
|
-
}
|
|
315
|
-
return this.selectedOrganisationId;
|
|
316
|
-
}
|
|
317
|
-
|
|
318
|
-
// Lifecycle methods
|
|
319
|
-
async initialize(): Promise<void> {
|
|
320
|
-
await super.initialize();
|
|
321
|
-
await this.loadAppConfig();
|
|
322
|
-
|
|
323
|
-
// Load permissions for regular users after app config is loaded
|
|
324
|
-
const isSuperAdmin = this.user?.user_metadata?.globalRole === 'super_admin';
|
|
325
|
-
if (!isSuperAdmin && this.appConfig) {
|
|
326
|
-
await this.refreshPermissions(this.selectedEventId || undefined);
|
|
327
|
-
}
|
|
328
|
-
|
|
329
|
-
await this.loadPersistedState();
|
|
330
|
-
}
|
|
331
|
-
|
|
332
|
-
cleanup(): void {
|
|
333
|
-
super.cleanup();
|
|
334
|
-
}
|
|
335
|
-
|
|
336
|
-
protected async doInitialize(): Promise<void> {
|
|
337
|
-
// Set super admin roles and permissions based on user metadata
|
|
338
|
-
const isSuperAdmin = this.user?.user_metadata?.globalRole === 'super_admin';
|
|
339
|
-
if (isSuperAdmin) {
|
|
340
|
-
this.roles = ['super_admin'];
|
|
341
|
-
this.accessLevel = AccessLevel.ADMIN;
|
|
342
|
-
// Set super admin permissions immediately
|
|
343
|
-
this.permissions = {
|
|
344
|
-
'admin:create': true,
|
|
345
|
-
'admin:read': true,
|
|
346
|
-
'admin:update': true,
|
|
347
|
-
'admin:delete': true,
|
|
348
|
-
'users:create': true,
|
|
349
|
-
'users:read': true,
|
|
350
|
-
'users:update': true,
|
|
351
|
-
'users:delete': true,
|
|
352
|
-
'events:create': true,
|
|
353
|
-
'events:read': true,
|
|
354
|
-
'events:update': true,
|
|
355
|
-
'events:delete': true
|
|
356
|
-
};
|
|
357
|
-
} else {
|
|
358
|
-
this.roles = [];
|
|
359
|
-
this.accessLevel = AccessLevel.VIEWER;
|
|
360
|
-
this.permissions = {};
|
|
361
|
-
}
|
|
362
|
-
}
|
|
363
|
-
|
|
364
|
-
protected doCleanup(): void {
|
|
365
|
-
// No specific cleanup needed
|
|
366
|
-
}
|
|
367
|
-
|
|
368
|
-
private async loadAppConfig(): Promise<void> {
|
|
369
|
-
if (!this.supabaseClient) return;
|
|
370
|
-
|
|
371
|
-
try {
|
|
372
|
-
// Use the same app name resolution as PagePermissionGuard
|
|
373
|
-
const { getCurrentAppName } = await import('../utils/appNameResolver');
|
|
374
|
-
const resolvedAppName = getCurrentAppName() || this.appName;
|
|
375
|
-
|
|
376
|
-
// First resolve app name to app_id
|
|
377
|
-
const { data: appData, error: appError } = await this.supabaseClient
|
|
378
|
-
.from('rbac_apps')
|
|
379
|
-
.select('id')
|
|
380
|
-
.eq('name', resolvedAppName)
|
|
381
|
-
.eq('is_active', true)
|
|
382
|
-
.single();
|
|
383
|
-
|
|
384
|
-
if (appError || !appData) {
|
|
385
|
-
console.warn('App not found or inactive:', resolvedAppName);
|
|
386
|
-
this.appConfig = {
|
|
387
|
-
supports_direct_access: false,
|
|
388
|
-
requires_event: true
|
|
389
|
-
};
|
|
390
|
-
return;
|
|
391
|
-
}
|
|
392
|
-
|
|
393
|
-
const response = await this.supabaseClient.rpc('get_app_config', {
|
|
394
|
-
app_id: appData.id
|
|
395
|
-
});
|
|
396
|
-
|
|
397
|
-
const { data } = response || {};
|
|
398
|
-
|
|
399
|
-
if (data && data.length > 0) {
|
|
400
|
-
this.appConfig = {
|
|
401
|
-
supports_direct_access: false,
|
|
402
|
-
requires_event: data[0].requires_event
|
|
403
|
-
};
|
|
404
|
-
} else {
|
|
405
|
-
// Default configuration if app not found
|
|
406
|
-
this.appConfig = {
|
|
407
|
-
supports_direct_access: false,
|
|
408
|
-
requires_event: true
|
|
409
|
-
};
|
|
410
|
-
}
|
|
411
|
-
} catch (error) {
|
|
412
|
-
console.warn('Failed to load app configuration:', error);
|
|
413
|
-
// Default configuration on error
|
|
414
|
-
this.appConfig = {
|
|
415
|
-
supports_direct_access: false,
|
|
416
|
-
requires_event: true
|
|
417
|
-
};
|
|
418
|
-
}
|
|
419
|
-
}
|
|
420
|
-
|
|
421
|
-
private async loadPersistedState(): Promise<void> {
|
|
422
|
-
try {
|
|
423
|
-
const persistedEvent = localStorage.getItem('pace-core-selected-event');
|
|
424
|
-
if (persistedEvent) {
|
|
425
|
-
this.selectedEventId = JSON.parse(persistedEvent);
|
|
426
|
-
}
|
|
427
|
-
} catch (error) {
|
|
428
|
-
console.warn("Clearing corrupted localStorage data");
|
|
429
|
-
localStorage.removeItem('pace-core-selected-event');
|
|
430
|
-
}
|
|
431
|
-
}
|
|
432
|
-
|
|
433
|
-
private transformRBACPermissions(rbacData: any[], appName: string) {
|
|
434
|
-
const permissions: Record<string, boolean> = {};
|
|
435
|
-
let roles: string[] = [];
|
|
436
|
-
let access_level: AccessLevel = AccessLevel.VIEWER;
|
|
437
|
-
|
|
438
|
-
if (!rbacData || !Array.isArray(rbacData)) {
|
|
439
|
-
return { permissions: {}, roles: ['viewer'], access_level: AccessLevel.VIEWER };
|
|
440
|
-
}
|
|
441
|
-
|
|
442
|
-
// Check for super admin first
|
|
443
|
-
const superAdminPerm = rbacData.find((p: any) => p.permission_type === 'all_permissions');
|
|
444
|
-
if (superAdminPerm) {
|
|
445
|
-
return {
|
|
446
|
-
permissions: { 'all:all': true } as Record<string, boolean>,
|
|
447
|
-
roles: ['super'],
|
|
448
|
-
access_level: AccessLevel.SUPER
|
|
449
|
-
};
|
|
450
|
-
}
|
|
451
|
-
|
|
452
|
-
// Process event-app permissions
|
|
453
|
-
const eventAppPerms = rbacData.filter((p: any) => p.permission_type === 'event_app_access');
|
|
454
|
-
if (eventAppPerms.length > 0) {
|
|
455
|
-
const role = eventAppPerms[0].role_name;
|
|
456
|
-
|
|
457
|
-
// Map RBAC roles to AccessLevel
|
|
458
|
-
switch (role) {
|
|
459
|
-
case 'event_admin':
|
|
460
|
-
access_level = AccessLevel.ADMIN;
|
|
461
|
-
roles = ['admin'];
|
|
462
|
-
break;
|
|
463
|
-
case 'planner':
|
|
464
|
-
access_level = AccessLevel.PLANNER;
|
|
465
|
-
roles = ['planner'];
|
|
466
|
-
break;
|
|
467
|
-
case 'participant':
|
|
468
|
-
access_level = AccessLevel.PARTICIPANT;
|
|
469
|
-
roles = ['participant'];
|
|
470
|
-
break;
|
|
471
|
-
case 'editor':
|
|
472
|
-
access_level = AccessLevel.EDITOR;
|
|
473
|
-
roles = ['editor'];
|
|
474
|
-
break;
|
|
475
|
-
case 'viewer':
|
|
476
|
-
default:
|
|
477
|
-
access_level = AccessLevel.VIEWER;
|
|
478
|
-
roles = ['viewer'];
|
|
479
|
-
break;
|
|
480
|
-
}
|
|
481
|
-
|
|
482
|
-
// Set permissions from the RPC response
|
|
483
|
-
eventAppPerms.forEach((perm: any) => {
|
|
484
|
-
if (perm.permission) {
|
|
485
|
-
permissions[perm.permission] = true;
|
|
486
|
-
}
|
|
487
|
-
});
|
|
488
|
-
|
|
489
|
-
// For now, we'll set basic permissions based on role
|
|
490
|
-
// In a full implementation, you'd want to fetch page-specific permissions
|
|
491
|
-
const basePermissions = ['read'];
|
|
492
|
-
if (['event_admin', 'planner'].includes(role)) {
|
|
493
|
-
basePermissions.push('create', 'update');
|
|
494
|
-
}
|
|
495
|
-
if (role === 'event_admin') {
|
|
496
|
-
basePermissions.push('delete');
|
|
497
|
-
}
|
|
498
|
-
|
|
499
|
-
// Set permissions for all pages (simplified approach)
|
|
500
|
-
// In a real implementation, you'd want to get actual page permissions
|
|
501
|
-
basePermissions.forEach(operation => {
|
|
502
|
-
permissions[`default:${operation}`] = true;
|
|
503
|
-
});
|
|
504
|
-
}
|
|
505
|
-
|
|
506
|
-
// Process organisation permissions
|
|
507
|
-
const orgPerms = rbacData.filter((p: any) => p.permission_type === 'organisation_access');
|
|
508
|
-
if (orgPerms.length > 0) {
|
|
509
|
-
const role = orgPerms[0].role_name;
|
|
510
|
-
if (role === 'org_admin') {
|
|
511
|
-
access_level = AccessLevel.ADMIN;
|
|
512
|
-
roles = ['admin'];
|
|
513
|
-
// Org admins get all permissions
|
|
514
|
-
['create', 'read', 'update', 'delete'].forEach(operation => {
|
|
515
|
-
permissions[`default:${operation}`] = true;
|
|
516
|
-
});
|
|
517
|
-
}
|
|
518
|
-
}
|
|
519
|
-
|
|
520
|
-
return { permissions, roles, access_level };
|
|
521
|
-
}
|
|
522
|
-
}
|