npm - @jmruthers/pace-core - Versions diffs - 0.6.1 → 0.6.3 - Mend

@jmruthers/pace-core 0.6.1 → 0.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (549) hide show

package/CHANGELOG.md +88 -10
package/cursor-rules/00-pace-core-compliance.mdc +46 -87
package/cursor-rules/01-standards-compliance.mdc +16 -47
package/cursor-rules/02-project-structure.mdc +4 -4
package/cursor-rules/03-solid-principles.mdc +45 -164
package/cursor-rules/04-testing-standards.mdc +22 -69
package/cursor-rules/05-bug-reports-and-features.mdc +2 -2
package/cursor-rules/06-code-quality.mdc +42 -125
package/cursor-rules/07-tech-stack-compliance.mdc +33 -128
package/cursor-rules/08-markup-quality.mdc +452 -0
package/cursor-rules/CHANGELOG.md +18 -0
package/cursor-rules/README.md +2 -1
package/dist/{AuthService-DjnJHDtC.d.ts → AuthService-Cb34EQs3.d.ts} +63 -1
package/dist/{DataTable-CH1U5Tpy.d.ts → DataTable-BMRU8a1j.d.ts} +33 -1
package/dist/{DataTable-DQ7RSOHE.js → DataTable-THFPBKTP.js} +12 -10
package/dist/{PublicPageProvider-ce4xlHYA.d.ts → PublicPageProvider-DEMpysFR.d.ts} +394 -171
package/dist/{UnifiedAuthProvider-185Ih4dj.d.ts → UnifiedAuthProvider-CKvHP1MK.d.ts} +30 -8
package/dist/{UnifiedAuthProvider-ATAP5UTR.js → UnifiedAuthProvider-KAGUYQ4J.js} +5 -4
package/dist/{api-N774RPUA.js → api-IAGWF3ZG.js} +10 -10
package/dist/{audit-B5P6FFIR.js → audit-V53FV5AG.js} +2 -2
package/dist/{chunk-JBKQ3SAO.js → chunk-2T2IG7T7.js} +107 -57
package/dist/chunk-2T2IG7T7.js.map +1 -0
package/dist/{chunk-3QRJFVBR.js → chunk-6SOIHG6Z.js} +1 -1
package/dist/chunk-6SOIHG6Z.js.map +1 -0
package/dist/{chunk-3XTALGJF.js → chunk-6Z7LTB3D.js} +69 -240
package/dist/chunk-6Z7LTB3D.js.map +1 -0
package/dist/{chunk-4ZC4GX36.js → chunk-CNCQDFLN.js} +199 -46
package/dist/chunk-CNCQDFLN.js.map +1 -0
package/dist/chunk-DGUM43GV.js +11 -0
package/dist/{chunk-BYFSK72L.js → chunk-DWUBLJJM.js} +361 -187
package/dist/chunk-DWUBLJJM.js.map +1 -0
package/dist/{chunk-LXQLPRQ2.js → chunk-FFQEQTNW.js} +6 -8
package/dist/chunk-FFQEQTNW.js.map +1 -0
package/dist/chunk-FMUCXFII.js +76 -0
package/dist/chunk-FMUCXFII.js.map +1 -0
package/dist/{chunk-4N5C5XZU.js → chunk-HFZBI76P.js} +4 -4
package/dist/chunk-HFZBI76P.js.map +1 -0
package/dist/{chunk-SQGMNID3.js → chunk-L4OXEN46.js} +4 -5
package/dist/chunk-L4OXEN46.js.map +1 -0
package/dist/{chunk-R77UEZ4E.js → chunk-M43Y4SSO.js} +1 -1
package/dist/chunk-M43Y4SSO.js.map +1 -0
package/dist/{chunk-I7PSE6JW.js → chunk-M7MPQISP.js} +3 -76
package/dist/chunk-M7MPQISP.js.map +1 -0
package/dist/chunk-PQBSKX33.js +7793 -0
package/dist/chunk-PQBSKX33.js.map +1 -0
package/dist/chunk-QRPVRXYT.js +226 -0
package/dist/chunk-QRPVRXYT.js.map +1 -0
package/dist/{chunk-KNC55RTG.js → chunk-RWEBCB47.js} +194 -416
package/dist/chunk-RWEBCB47.js.map +1 -0
package/dist/{chunk-XM25TVIE.js → chunk-YDQHOZNA.js} +843 -388
package/dist/chunk-YDQHOZNA.js.map +1 -0
package/dist/{chunk-GLK6VM3F.js → chunk-ZNIWI3UC.js} +739 -737
package/dist/chunk-ZNIWI3UC.js.map +1 -0
package/dist/components.d.ts +5 -5
package/dist/components.js +18 -16
package/dist/components.js.map +1 -1
package/dist/contextValidator-3JNZKUTX.js +9 -0
package/dist/contextValidator-3JNZKUTX.js.map +1 -0
package/dist/eslint-rules/pace-core-compliance.cjs +106 -0
package/dist/{functions-D_kgHktt.d.ts → functions-DHebl8-F.d.ts} +1 -1
package/dist/hooks.d.ts +55 -122
package/dist/hooks.js +10 -13
package/dist/hooks.js.map +1 -1
package/dist/index.d.ts +60 -13
package/dist/index.js +30 -25
package/dist/index.js.map +1 -1
package/dist/providers.d.ts +21 -3
package/dist/providers.js +4 -3
package/dist/rbac/index.d.ts +210 -139
package/dist/rbac/index.js +17 -13
package/dist/styles/index.js +1 -1
package/dist/theming/runtime.d.ts +1 -13
package/dist/theming/runtime.js +2 -2
package/dist/{timezone-_pgH8qrY.d.ts → timezone-CHhWg6b4.d.ts} +3 -10
package/dist/{types-UU913iLA.d.ts → types-BeoeWV5I.d.ts} +8 -0
package/dist/{types-CEpcvwwF.d.ts → types-CkbwOr4Y.d.ts} +6 -0
package/dist/types.d.ts +2 -2
package/dist/types.js +1 -1
package/dist/{usePublicRouteParams-BJAlWfuJ.d.ts → usePublicRouteParams-i3qtoBgg.d.ts} +38 -17
package/dist/utils.d.ts +4 -5
package/dist/utils.js +17 -19
package/dist/utils.js.map +1 -1
package/docs/api/README.md +21 -17
package/docs/api/modules.md +4191 -2967
package/docs/architecture/database-schema-requirements.md +161 -0
package/docs/components/context-selector.md +126 -0
package/docs/core-concepts/rbac-system.md +3 -3
package/docs/documentation-index.md +2 -4
package/docs/getting-started/cursor-rules.md +2 -1
package/docs/migration/DOCUMENTATION_STRUCTURE.md +441 -0
package/docs/migration/MIGRATION_GUIDE.md +2 -24
package/docs/migration/RBAC_SCOPE_MIGRATION.md +385 -0
package/docs/migration/README.md +52 -6
package/docs/migration/V0.5.190_TO_V0.6.1_MIGRATION.md +1153 -0
package/docs/migration/database-changes-december-2025.md +3 -3
package/docs/pace-mint-fix-auto-selection.md +218 -0
package/docs/pace-mint-rbac-setup.md +391 -0
package/docs/rbac/event-based-apps.md +1 -1
package/docs/rbac/getting-started.md +1 -1
package/docs/rbac/quick-start.md +1 -1
package/docs/rbac/secure-client-protection.md +330 -0
package/docs/standards/README.md +1 -0
package/package.json +4 -3
package/scripts/audit/core/checks/accessibility.cjs +197 -0
package/scripts/audit/core/checks/api-usage.cjs +191 -0
package/scripts/audit/core/checks/bundle.cjs +142 -0
package/scripts/{check-pace-core-compliance.cjs → audit/core/checks/compliance.cjs} +784 -685
package/scripts/audit/core/checks/config.cjs +54 -0
package/scripts/audit/core/checks/coverage.cjs +84 -0
package/scripts/audit/core/checks/dependencies.cjs +985 -0
package/scripts/audit/core/checks/documentation.cjs +268 -0
package/scripts/audit/core/checks/environment.cjs +116 -0
package/scripts/audit/core/checks/error-handling.cjs +340 -0
package/scripts/audit/core/checks/forms.cjs +172 -0
package/scripts/audit/core/checks/heuristics.cjs +68 -0
package/scripts/audit/core/checks/hooks.cjs +334 -0
package/scripts/audit/core/checks/imports.cjs +244 -0
package/scripts/audit/core/checks/performance.cjs +325 -0
package/scripts/audit/core/checks/routes.cjs +117 -0
package/scripts/audit/core/checks/state.cjs +130 -0
package/scripts/audit/core/checks/structure.cjs +65 -0
package/scripts/audit/core/checks/style.cjs +584 -0
package/scripts/audit/core/checks/testing.cjs +122 -0
package/scripts/audit/core/checks/typescript.cjs +61 -0
package/scripts/audit/core/scanner.cjs +199 -0
package/scripts/audit/core/utils.cjs +137 -0
package/scripts/audit/index.cjs +223 -0
package/scripts/audit/reporters/console.cjs +151 -0
package/scripts/audit/reporters/json.cjs +54 -0
package/scripts/audit/reporters/markdown.cjs +124 -0
package/scripts/audit-consuming-app.cjs +61 -936
package/scripts/build-docs/build-decision.js +240 -0
package/scripts/build-docs/cache-utils.js +105 -0
package/scripts/build-docs/content-normalization.js +150 -0
package/scripts/build-docs/file-utils.js +105 -0
package/scripts/build-docs/git-utils.js +86 -0
package/scripts/build-docs/hash-utils.js +116 -0
package/scripts/build-docs/typedoc-runner.js +220 -0
package/scripts/build-docs-incremental.js +77 -913
package/scripts/utils/command-runner.js +16 -11
package/scripts/validate-formats.js +61 -56
package/scripts/validate-master.js +74 -69
package/scripts/validate-pre-publish.js +70 -65
package/src/__tests__/hooks/usePermissions.test.ts +2 -2
package/src/components/Alert/Alert.test.tsx +12 -18
package/src/components/Alert/Alert.tsx +5 -7
package/src/components/Avatar/Avatar.test.tsx +4 -4
package/src/components/Badge/Badge.tsx +14 -0
package/src/components/Button/Button.tsx +22 -0
package/src/components/Calendar/Calendar.tsx +8 -2
package/src/components/Card/Card.tsx +4 -0
package/src/components/Checkbox/Checkbox.test.tsx +12 -12
package/src/components/Checkbox/Checkbox.tsx +2 -2
package/src/components/ContextSelector/ContextSelector.tsx +384 -0
package/src/components/ContextSelector/index.ts +3 -0
package/src/components/DataTable/DataTable.tsx +38 -4
package/src/components/DataTable/__tests__/DataTableCore.test-setup.ts +5 -6
package/src/components/DataTable/__tests__/pagination.modes.test.tsx +18 -4
package/src/components/DataTable/__tests__/test-utils/sharedTestUtils.tsx +2 -3
package/src/components/DataTable/components/AccessDeniedPage.tsx +16 -25
package/src/components/DataTable/components/ActionButtons.tsx +10 -7
package/src/components/DataTable/components/BulkOperationsDropdown.tsx +1 -1
package/src/components/DataTable/components/ColumnFilter.tsx +10 -0
package/src/components/DataTable/components/ColumnVisibilityDropdown.tsx +12 -0
package/src/components/DataTable/components/DataTableBody.tsx +8 -0
package/src/components/DataTable/components/DataTableCore.tsx +196 -554
package/src/components/DataTable/components/DataTableErrorBoundary.tsx +11 -0
package/src/components/DataTable/components/DataTableLayout.tsx +559 -0
package/src/components/DataTable/components/DataTableModals.tsx +8 -0
package/src/components/DataTable/components/DataTableToolbar.tsx +8 -0
package/src/components/DataTable/components/DraggableColumnHeader.tsx +12 -0
package/src/components/DataTable/components/EditFields.tsx +307 -0
package/src/components/DataTable/components/EditableRow.tsx +8 -0
package/src/components/DataTable/components/EmptyState.tsx +10 -0
package/src/components/DataTable/components/FilterRow.tsx +12 -0
package/src/components/DataTable/components/GroupHeader.tsx +12 -0
package/src/components/DataTable/components/GroupingDropdown.tsx +12 -0
package/src/components/DataTable/components/ImportModal.tsx +7 -0
package/src/components/DataTable/components/LoadingState.tsx +6 -0
package/src/components/DataTable/components/PaginationControls.tsx +16 -1
package/src/components/DataTable/components/RowComponent.tsx +391 -0
package/src/components/DataTable/components/UnifiedTableBody.tsx +63 -851
package/src/components/DataTable/components/VirtualizedDataTable.tsx +16 -4
package/src/components/DataTable/components/__tests__/AccessDeniedPage.test.tsx +4 -2
package/src/components/DataTable/components/cellValueUtils.ts +40 -0
package/src/components/DataTable/components/hooks/useImportModalFocus.ts +53 -0
package/src/components/DataTable/components/hooks/usePermissionTracking.ts +126 -0
package/src/components/DataTable/context/DataTableContext.tsx +50 -0
package/src/components/DataTable/core/ColumnFactory.ts +31 -0
package/src/components/DataTable/core/DataTableContext.tsx +32 -1
package/src/components/DataTable/hooks/useColumnOrderPersistence.ts +10 -0
package/src/components/DataTable/hooks/useColumnReordering.ts +12 -0
package/src/components/DataTable/hooks/useColumnVisibilityPersistence.ts +10 -0
package/src/components/DataTable/hooks/useDataTableDataPipeline.ts +16 -0
package/src/components/DataTable/hooks/useDataTablePermissions.ts +127 -33
package/src/components/DataTable/hooks/useDataTableState.ts +35 -1
package/src/components/DataTable/hooks/useEffectiveColumnOrder.ts +12 -0
package/src/components/DataTable/hooks/useServerSideDataEffect.ts +11 -0
package/src/components/DataTable/hooks/useTableColumns.ts +8 -0
package/src/components/DataTable/hooks/useTableHandlers.ts +14 -0
package/src/components/DataTable/styles.ts +6 -6
package/src/components/DataTable/types.ts +6 -10
package/src/components/DataTable/utils/a11yUtils.ts +7 -0
package/src/components/DataTable/utils/debugTools.ts +18 -113
package/src/components/DataTable/utils/errorHandling.ts +12 -0
package/src/components/DataTable/utils/exportUtils.ts +9 -0
package/src/components/DataTable/utils/flexibleImport.ts +12 -48
package/src/components/DataTable/utils/paginationUtils.ts +8 -0
package/src/components/DataTable/utils/performanceUtils.ts +5 -1
package/src/components/Dialog/Dialog.tsx +31 -3
package/src/components/ErrorBoundary/ErrorBoundary.test.tsx +180 -1
package/src/components/ErrorBoundary/ErrorBoundary.tsx +45 -5
package/src/components/ErrorBoundary/ErrorBoundaryContext.tsx +129 -0
package/src/components/ErrorBoundary/index.ts +27 -2
package/src/components/FileDisplay/FileDisplay.tsx +74 -28
package/src/components/FileUpload/FileUpload.tsx +22 -2
package/src/components/Footer/Footer.test.tsx +16 -16
package/src/components/Footer/Footer.tsx +14 -11
package/src/components/Form/Form.tsx +1 -0
package/src/components/Header/Header.test.tsx +43 -73
package/src/components/Header/Header.tsx +59 -49
package/src/components/Input/Input.test.tsx +2 -2
package/src/components/Input/Input.tsx +8 -4
package/src/components/LoadingSpinner/LoadingSpinner.test.tsx +4 -4
package/src/components/LoginForm/LoginForm.tsx +4 -0
package/src/components/NavigationMenu/NavigationMenu.tsx +14 -513
package/src/components/NavigationMenu/types.ts +56 -0
package/src/components/NavigationMenu/useNavigationFiltering.ts +390 -0
package/src/components/PaceAppLayout/PaceAppLayout.integration.test.tsx +10 -19
package/src/components/PaceAppLayout/PaceAppLayout.performance.test.tsx +2 -2
package/src/components/PaceAppLayout/PaceAppLayout.security.test.tsx +5 -5
package/src/components/PaceAppLayout/PaceAppLayout.test.tsx +13 -11
package/src/components/PaceAppLayout/PaceAppLayout.tsx +167 -44
package/src/components/PaceAppLayout/README.md +14 -17
package/src/components/PaceAppLayout/test-setup.tsx +3 -4
package/src/components/PaceLoginPage/PaceLoginPage.tsx +3 -0
package/src/components/PasswordChange/PasswordChangeForm.tsx +9 -0
package/src/components/ProtectedRoute/ProtectedRoute.tsx +3 -9
package/src/components/PublicLayout/PublicPageLayout.tsx +2 -5
package/src/components/PublicLayout/PublicPageProvider.tsx +4 -0
package/src/components/Select/Select.tsx +80 -434
package/src/components/Select/context.ts +23 -0
package/src/components/Select/hooks/useSelectEvents.ts +87 -0
package/src/components/Select/hooks/useSelectSearch.ts +91 -0
package/src/components/Select/hooks/useSelectState.ts +104 -0
package/src/components/Select/index.ts +9 -1
package/src/components/Select/types.ts +123 -0
package/src/components/Select/utils/text.ts +26 -0
package/src/components/SessionRestorationLoader/SessionRestorationLoader.tsx +4 -5
package/src/components/Switch/Switch.tsx +4 -4
package/src/components/Tabs/Tabs.tsx +1 -1
package/src/components/Toast/Toast.tsx +4 -0
package/src/components/Tooltip/Tooltip.tsx +2 -2
package/src/components/UserMenu/UserMenu.test.tsx +24 -11
package/src/components/UserMenu/UserMenu.tsx +21 -18
package/src/components/index.ts +7 -7
package/src/eslint-rules/pace-core-compliance.cjs +106 -0
package/src/hooks/__tests__/index.unit.test.ts +2 -5
package/src/hooks/__tests__/useAppConfig.unit.test.ts +4 -98
package/src/hooks/index.ts +1 -2
package/src/hooks/public/usePublicEvent.ts +4 -0
package/src/hooks/public/usePublicEventLogo.ts +4 -0
package/src/hooks/public/usePublicFileDisplay.ts +4 -0
package/src/hooks/public/usePublicRouteParams.ts +4 -0
package/src/hooks/services/useAuth.ts +32 -0
package/src/hooks/services/useCurrentEvent.ts +6 -0
package/src/hooks/services/useCurrentOrganisation.ts +6 -0
package/src/hooks/useAppConfig.ts +15 -30
package/src/hooks/useDebounce.ts +9 -0
package/src/hooks/useEventTheme.ts +6 -0
package/src/hooks/useFileDisplay.ts +81 -50
package/src/hooks/useFileReference.ts +25 -7
package/src/hooks/useFileUrl.ts +11 -1
package/src/hooks/useFocusManagement.ts +14 -0
package/src/hooks/useFocusTrap.ts +3 -0
package/src/hooks/useInactivityTracker.ts +3 -0
package/src/hooks/useKeyboardShortcuts.ts +4 -0
package/src/hooks/useOrganisationPermissions.ts +4 -0
package/src/hooks/useOrganisationSecurity.ts +4 -0
package/src/hooks/usePerformanceMonitor.ts +4 -0
package/src/hooks/usePermissionCache.ts +7 -0
package/src/hooks/useQueryCache.ts +12 -1
package/src/hooks/useSessionRestoration.ts +4 -0
package/src/hooks/useStorage.ts +4 -0
package/src/hooks/useToast.ts +1 -1
package/src/index.ts +6 -6
package/src/providers/__tests__/OrganisationProvider.test.tsx +92 -70
package/src/providers/services/AuthServiceProvider.tsx +35 -7
package/src/providers/services/EventServiceProvider.tsx +51 -5
package/src/providers/services/InactivityServiceProvider.tsx +18 -0
package/src/providers/services/OrganisationServiceProvider.tsx +18 -0
package/src/providers/services/UnifiedAuthProvider.tsx +126 -134
package/src/providers/services/__tests__/AuthServiceProvider.integration.test.tsx +29 -13
package/src/rbac/README.md +1 -1
package/src/rbac/__tests__/adapters.comprehensive.test.tsx +1 -1
package/src/rbac/__tests__/scenarios.user-role.test.tsx +4 -5
package/src/rbac/adapters.tsx +12 -3
package/src/rbac/api.test.ts +59 -51
package/src/rbac/api.ts +246 -167
package/src/rbac/components/NavigationProvider.tsx +4 -1
package/src/rbac/components/PagePermissionGuard.tsx +185 -17
package/src/rbac/components/RoleBasedRouter.tsx +5 -1
package/src/rbac/components/SecureDataProvider.test.tsx +84 -49
package/src/rbac/components/SecureDataProvider.tsx +20 -5
package/src/rbac/components/__tests__/PagePermissionGuard.race-condition.test.tsx +24 -14
package/src/rbac/components/__tests__/PagePermissionGuard.test.tsx +7 -0
package/src/rbac/components/__tests__/PagePermissionGuard.verification.test.tsx +14 -6
package/src/rbac/components/__tests__/RoleBasedRouter.test.tsx +15 -4
package/src/rbac/components/__tests__/SecureDataProvider.fixed.test.tsx +148 -24
package/src/rbac/components/__tests__/SecureDataProvider.test.tsx +81 -15
package/src/rbac/engine.ts +38 -14
package/src/rbac/hooks/__tests__/useSecureSupabase.test.ts +32 -21
package/src/rbac/hooks/permissions/index.ts +7 -0
package/src/rbac/hooks/permissions/useAccessLevel.ts +105 -0
package/src/rbac/hooks/permissions/useCachedPermissions.ts +79 -0
package/src/rbac/hooks/permissions/useCan.ts +377 -0
package/src/rbac/hooks/permissions/useHasAllPermissions.ts +90 -0
package/src/rbac/hooks/permissions/useHasAnyPermission.ts +90 -0
package/src/rbac/hooks/permissions/useMultiplePermissions.ts +93 -0
package/src/rbac/hooks/permissions/usePermissions.ts +253 -0
package/src/rbac/hooks/useCan.test.ts +64 -66
package/src/rbac/hooks/usePermissions.ts +14 -995
package/src/rbac/hooks/useRBAC.test.ts +1 -5
package/src/rbac/hooks/useRBAC.ts +36 -37
package/src/rbac/hooks/useResolvedScope.test.ts +120 -35
package/src/rbac/hooks/useResolvedScope.ts +35 -40
package/src/rbac/hooks/useResourcePermissions.test.ts +54 -18
package/src/rbac/hooks/useResourcePermissions.ts +14 -4
package/src/rbac/hooks/useSecureSupabase.ts +27 -7
package/src/rbac/index.ts +7 -0
package/src/rbac/permissions.ts +0 -30
package/src/rbac/secureClient.test.ts +22 -18
package/src/rbac/secureClient.ts +294 -68
package/src/rbac/security.ts +0 -17
package/src/rbac/types.ts +9 -0
package/src/rbac/utils/__tests__/contextValidator.test.ts +64 -86
package/src/rbac/utils/clientSecurity.ts +93 -0
package/src/rbac/utils/contextValidator.ts +77 -168
package/src/services/AuthService.ts +39 -7
package/src/services/EventService.ts +186 -54
package/src/services/OrganisationService.ts +81 -14
package/src/services/__tests__/EventService.test.ts +1 -2
package/src/services/base/BaseService.ts +3 -0
package/src/theming/__tests__/parseEventColours.test.ts +6 -9
package/src/theming/parseEventColours.ts +5 -19
package/src/types/vitest-globals.d.ts +51 -26
package/src/utils/__mocks__/supabaseMock.ts +1 -3
package/src/utils/__tests__/formatting.unit.test.ts +4 -4
package/src/utils/__tests__/index.unit.test.ts +2 -2
package/src/utils/audit/audit.ts +0 -3
package/src/utils/core/cn.ts +1 -1
package/src/utils/dynamic/dynamicUtils.ts +7 -4
package/src/utils/file-reference/index.ts +53 -1
package/src/utils/formatting/formatting.ts +8 -18
package/src/utils/index.ts +0 -1
package/dist/chunk-3QRJFVBR.js.map +0 -1
package/dist/chunk-3XTALGJF.js.map +0 -1
package/dist/chunk-4N5C5XZU.js.map +0 -1
package/dist/chunk-4ZC4GX36.js.map +0 -1
package/dist/chunk-7D4SUZUM.js +0 -38
package/dist/chunk-BYFSK72L.js.map +0 -1
package/dist/chunk-EXUD6RNJ.js +0 -451
package/dist/chunk-EXUD6RNJ.js.map +0 -1
package/dist/chunk-GLK6VM3F.js.map +0 -1
package/dist/chunk-I7PSE6JW.js.map +0 -1
package/dist/chunk-JBKQ3SAO.js.map +0 -1
package/dist/chunk-KNC55RTG.js.map +0 -1
package/dist/chunk-LXQLPRQ2.js.map +0 -1
package/dist/chunk-R77UEZ4E.js.map +0 -1
package/dist/chunk-SQGMNID3.js.map +0 -1
package/dist/chunk-T33XF5ZC.js +0 -12922
package/dist/chunk-T33XF5ZC.js.map +0 -1
package/dist/chunk-XM25TVIE.js.map +0 -1
package/docs/api/classes/ColumnFactory.md +0 -243
package/docs/api/classes/ErrorBoundary.md +0 -144
package/docs/api/classes/InvalidScopeError.md +0 -73
package/docs/api/classes/Logger.md +0 -178
package/docs/api/classes/MissingUserContextError.md +0 -66
package/docs/api/classes/OrganisationContextRequiredError.md +0 -66
package/docs/api/classes/PermissionDeniedError.md +0 -73
package/docs/api/classes/RBACAuditManager.md +0 -297
package/docs/api/classes/RBACCache.md +0 -322
package/docs/api/classes/RBACEngine.md +0 -171
package/docs/api/classes/RBACError.md +0 -76
package/docs/api/classes/RBACNotInitializedError.md +0 -66
package/docs/api/classes/SecureSupabaseClient.md +0 -160
package/docs/api/classes/StorageUtils.md +0 -328
package/docs/api/enums/FileCategory.md +0 -184
package/docs/api/enums/LogLevel.md +0 -54
package/docs/api/enums/RBACErrorCode.md +0 -228
package/docs/api/enums/RPCFunction.md +0 -118
package/docs/api/interfaces/AddressFieldProps.md +0 -241
package/docs/api/interfaces/AddressFieldRef.md +0 -94
package/docs/api/interfaces/AggregateConfig.md +0 -43
package/docs/api/interfaces/AutocompleteOptions.md +0 -75
package/docs/api/interfaces/AvatarProps.md +0 -128
package/docs/api/interfaces/BadgeProps.md +0 -27
package/docs/api/interfaces/ButtonProps.md +0 -53
package/docs/api/interfaces/CalendarProps.md +0 -70
package/docs/api/interfaces/CardProps.md +0 -66
package/docs/api/interfaces/ColorPalette.md +0 -7
package/docs/api/interfaces/ColorShade.md +0 -66
package/docs/api/interfaces/ComplianceResult.md +0 -30
package/docs/api/interfaces/DataAccessRecord.md +0 -96
package/docs/api/interfaces/DataRecord.md +0 -11
package/docs/api/interfaces/DataTableAction.md +0 -249
package/docs/api/interfaces/DataTableColumn.md +0 -504
package/docs/api/interfaces/DataTableProps.md +0 -625
package/docs/api/interfaces/DataTableToolbarButton.md +0 -96
package/docs/api/interfaces/DatabaseComplianceResult.md +0 -85
package/docs/api/interfaces/DatabaseIssue.md +0 -41
package/docs/api/interfaces/EmptyStateConfig.md +0 -61
package/docs/api/interfaces/EnhancedNavigationMenuProps.md +0 -235
package/docs/api/interfaces/EventAppRoleData.md +0 -71
package/docs/api/interfaces/ExportColumn.md +0 -90
package/docs/api/interfaces/ExportOptions.md +0 -126
package/docs/api/interfaces/FileDisplayProps.md +0 -249
package/docs/api/interfaces/FileMetadata.md +0 -129
package/docs/api/interfaces/FileReference.md +0 -118
package/docs/api/interfaces/FileSizeLimits.md +0 -7
package/docs/api/interfaces/FileUploadOptions.md +0 -139
package/docs/api/interfaces/FileUploadProps.md +0 -293
package/docs/api/interfaces/FooterProps.md +0 -105
package/docs/api/interfaces/FormFieldProps.md +0 -166
package/docs/api/interfaces/FormProps.md +0 -113
package/docs/api/interfaces/GrantEventAppRoleParams.md +0 -122
package/docs/api/interfaces/InactivityWarningModalProps.md +0 -115
package/docs/api/interfaces/InputProps.md +0 -53
package/docs/api/interfaces/LabelProps.md +0 -107
package/docs/api/interfaces/LoggerConfig.md +0 -62
package/docs/api/interfaces/LoginFormProps.md +0 -184
package/docs/api/interfaces/NavigationAccessRecord.md +0 -107
package/docs/api/interfaces/NavigationContextType.md +0 -164
package/docs/api/interfaces/NavigationGuardProps.md +0 -139
package/docs/api/interfaces/NavigationItem.md +0 -120
package/docs/api/interfaces/NavigationMenuProps.md +0 -221
package/docs/api/interfaces/NavigationProviderProps.md +0 -117
package/docs/api/interfaces/Organisation.md +0 -140
package/docs/api/interfaces/OrganisationContextType.md +0 -388
package/docs/api/interfaces/OrganisationMembership.md +0 -140
package/docs/api/interfaces/OrganisationProviderProps.md +0 -76
package/docs/api/interfaces/OrganisationSecurityError.md +0 -62
package/docs/api/interfaces/PaceAppLayoutProps.md +0 -406
package/docs/api/interfaces/PaceLoginPageProps.md +0 -47
package/docs/api/interfaces/PageAccessRecord.md +0 -85
package/docs/api/interfaces/PagePermissionContextType.md +0 -140
package/docs/api/interfaces/PagePermissionGuardProps.md +0 -153
package/docs/api/interfaces/PagePermissionProviderProps.md +0 -119
package/docs/api/interfaces/PaletteData.md +0 -41
package/docs/api/interfaces/ParsedAddress.md +0 -120
package/docs/api/interfaces/PermissionEnforcerProps.md +0 -153
package/docs/api/interfaces/ProgressProps.md +0 -42
package/docs/api/interfaces/ProtectedRouteProps.md +0 -97
package/docs/api/interfaces/PublicPageFooterProps.md +0 -112
package/docs/api/interfaces/PublicPageHeaderProps.md +0 -125
package/docs/api/interfaces/PublicPageLayoutProps.md +0 -198
package/docs/api/interfaces/QuickFix.md +0 -52
package/docs/api/interfaces/RBACAccessValidateParams.md +0 -52
package/docs/api/interfaces/RBACAccessValidateResult.md +0 -41
package/docs/api/interfaces/RBACAuditLogParams.md +0 -85
package/docs/api/interfaces/RBACAuditLogResult.md +0 -52
package/docs/api/interfaces/RBACConfig.md +0 -133
package/docs/api/interfaces/RBACContext.md +0 -52
package/docs/api/interfaces/RBACLogger.md +0 -112
package/docs/api/interfaces/RBACPageAccessCheckParams.md +0 -74
package/docs/api/interfaces/RBACPerformanceMetrics.md +0 -138
package/docs/api/interfaces/RBACPermissionCheckParams.md +0 -74
package/docs/api/interfaces/RBACPermissionCheckResult.md +0 -52
package/docs/api/interfaces/RBACPermissionsGetParams.md +0 -63
package/docs/api/interfaces/RBACPermissionsGetResult.md +0 -63
package/docs/api/interfaces/RBACResult.md +0 -58
package/docs/api/interfaces/RBACRoleGrantParams.md +0 -63
package/docs/api/interfaces/RBACRoleGrantResult.md +0 -52
package/docs/api/interfaces/RBACRoleRevokeParams.md +0 -63
package/docs/api/interfaces/RBACRoleRevokeResult.md +0 -52
package/docs/api/interfaces/RBACRoleValidateParams.md +0 -52
package/docs/api/interfaces/RBACRoleValidateResult.md +0 -63
package/docs/api/interfaces/RBACRolesListParams.md +0 -52
package/docs/api/interfaces/RBACRolesListResult.md +0 -74
package/docs/api/interfaces/RBACSessionTrackParams.md +0 -74
package/docs/api/interfaces/RBACSessionTrackResult.md +0 -52
package/docs/api/interfaces/ResourcePermissions.md +0 -155
package/docs/api/interfaces/RevokeEventAppRoleParams.md +0 -100
package/docs/api/interfaces/RoleBasedRouterContextType.md +0 -151
package/docs/api/interfaces/RoleBasedRouterProps.md +0 -156
package/docs/api/interfaces/RoleManagementResult.md +0 -52
package/docs/api/interfaces/RouteAccessRecord.md +0 -107
package/docs/api/interfaces/RouteConfig.md +0 -134
package/docs/api/interfaces/RuntimeComplianceResult.md +0 -55
package/docs/api/interfaces/SecureDataContextType.md +0 -168
package/docs/api/interfaces/SecureDataProviderProps.md +0 -132
package/docs/api/interfaces/SessionRestorationLoaderProps.md +0 -34
package/docs/api/interfaces/SetupIssue.md +0 -41
package/docs/api/interfaces/StorageConfig.md +0 -41
package/docs/api/interfaces/StorageFileInfo.md +0 -74
package/docs/api/interfaces/StorageFileMetadata.md +0 -151
package/docs/api/interfaces/StorageListOptions.md +0 -99
package/docs/api/interfaces/StorageListResult.md +0 -41
package/docs/api/interfaces/StorageUploadOptions.md +0 -101
package/docs/api/interfaces/StorageUploadResult.md +0 -63
package/docs/api/interfaces/StorageUrlOptions.md +0 -60
package/docs/api/interfaces/StyleImport.md +0 -19
package/docs/api/interfaces/SwitchProps.md +0 -34
package/docs/api/interfaces/TabsContentProps.md +0 -9
package/docs/api/interfaces/TabsListProps.md +0 -9
package/docs/api/interfaces/TabsProps.md +0 -9
package/docs/api/interfaces/TabsTriggerProps.md +0 -50
package/docs/api/interfaces/TextareaProps.md +0 -53
package/docs/api/interfaces/ToastActionElement.md +0 -9
package/docs/api/interfaces/ToastProps.md +0 -9
package/docs/api/interfaces/UnifiedAuthContextType.md +0 -820
package/docs/api/interfaces/UnifiedAuthProviderProps.md +0 -171
package/docs/api/interfaces/UseFormDialogOptions.md +0 -62
package/docs/api/interfaces/UseFormDialogReturn.md +0 -117
package/docs/api/interfaces/UseInactivityTrackerOptions.md +0 -136
package/docs/api/interfaces/UseInactivityTrackerReturn.md +0 -123
package/docs/api/interfaces/UsePublicEventLogoOptions.md +0 -87
package/docs/api/interfaces/UsePublicEventLogoReturn.md +0 -81
package/docs/api/interfaces/UsePublicEventOptions.md +0 -34
package/docs/api/interfaces/UsePublicEventReturn.md +0 -68
package/docs/api/interfaces/UsePublicFileDisplayOptions.md +0 -47
package/docs/api/interfaces/UsePublicFileDisplayReturn.md +0 -120
package/docs/api/interfaces/UsePublicRouteParamsReturn.md +0 -94
package/docs/api/interfaces/UseResolvedScopeOptions.md +0 -47
package/docs/api/interfaces/UseResolvedScopeReturn.md +0 -47
package/docs/api/interfaces/UseResourcePermissionsOptions.md +0 -34
package/docs/api/interfaces/UserEventAccess.md +0 -118
package/docs/api/interfaces/UserMenuProps.md +0 -86
package/docs/api/interfaces/UserProfile.md +0 -63
package/docs/migration/quick-migration-guide.md +0 -356
package/docs/migration/service-architecture.md +0 -281
package/src/components/EventSelector/EventSelector.test.tsx +0 -720
package/src/components/EventSelector/EventSelector.tsx +0 -420
package/src/components/EventSelector/index.ts +0 -3
package/src/components/OrganisationSelector/OrganisationSelector.test.tsx +0 -784
package/src/components/OrganisationSelector/OrganisationSelector.tsx +0 -324
package/src/components/OrganisationSelector/index.ts +0 -9
package/src/hooks/__tests__/useSecureDataAccess.unit.test.tsx +0 -680
package/src/hooks/useSecureDataAccess.test.ts +0 -559
package/src/hooks/useSecureDataAccess.ts +0 -681
/package/dist/{DataTable-DQ7RSOHE.js.map → DataTable-THFPBKTP.js.map} +0 -0
/package/dist/{UnifiedAuthProvider-ATAP5UTR.js.map → UnifiedAuthProvider-KAGUYQ4J.js.map} +0 -0
/package/dist/{api-N774RPUA.js.map → api-IAGWF3ZG.js.map} +0 -0
/package/dist/{audit-B5P6FFIR.js.map → audit-V53FV5AG.js.map} +0 -0
/package/dist/{chunk-7D4SUZUM.js.map → chunk-DGUM43GV.js.map} +0 -0
/package/docs/migration/{organisation-context-timing-fix.md → V0.3.44_organisation-context-timing-fix.md} +0 -0
/package/docs/migration/{rbac-migration.md → V0.4.0_rbac-migration.md} +0 -0
/package/docs/migration/{person-scoped-profiles-migration-guide.md → V0.5.190_person-scoped-profiles-migration-guide.md} +0 -0
/package/docs/migration/{REACT_19_MIGRATION.md → V0.6.0_REACT_19_MIGRATION.md} +0 -0

package/src/rbac/hooks/permissions/useCan.ts ADDED Viewed

@@ -0,0 +1,377 @@
+import { useCallback, useEffect, useMemo, useRef, useState } from 'react';
+import { isPermitted, isPermittedCached } from '../../api';
+import { getRBACLogger } from '../../config';
+import { Permission, Scope, UUID } from '../../types';
+import { scopeEqual } from '../../utils/deep-equal';
+/**
+ * Hook to check if user can perform an action
+ *
+ * @param userId - User ID
+ * @param scope - Scope for permission checking
+ * @param permission - Permission to check
+ * @param pageId - Optional page ID
+ * @param useCache - Whether to use cached results
+ * @param appName - Optional app name (for PORTAL/ADMIN special case)
+ * @returns Permission check state and methods
+ *
+ * @example
+ * ```tsx
+ * function MyComponent() {
+ *   const { can, isLoading, error } = useCan(userId, scope, 'read:users');
+ *
+ *   if (isLoading) return <div>Checking permission...</div>;
+ *   if (error) return <div>Error: {error.message}</div>;
+ *
+ *   return can ? <UserList /> : <div>Access denied</div>;
+ * }
+ * ```
+ */
+export function useCan(
+  userId: UUID,
+  scope: Scope,
+  permission: Permission,
+  pageId?: UUID,
+  useCache: boolean = true,
+  /**
+   * Pre-computed super admin flag to avoid duplicate super admin checks.
+   * Callers should check super admin once and pass the result to all useCan hooks.
+   * Pass null if not checked yet, false/true if checked.
+   * Defaults to null (not checked yet) - hook will check if needed.
+   */
+  precomputedSuperAdmin: boolean | null = null,
+  appName?: string,
+) {
+  // CRITICAL FIX: Initialize isSuperAdmin from precomputed value immediately
+  // This prevents permission checks from running when we already know the user is a super admin
+  // If precomputedSuperAdmin is true, we can immediately set can=true and isLoading=false
+  const [isSuperAdmin, setIsSuperAdmin] = useState<boolean | null>(precomputedSuperAdmin ?? null);
+  // For super admins, immediately grant permissions without waiting
+  const initialCan = precomputedSuperAdmin === true ? true : false;
+  const initialIsLoading = precomputedSuperAdmin === true ? false : true;
+  const [can, setCan] = useState<boolean>(initialCan);
+  const [isLoading, setIsLoading] = useState<boolean>(initialIsLoading);
+  const [error, setError] = useState<Error | null>(null);
+  // Validate scope parameter - handle undefined/null scope gracefully
+  const isValidScope = scope && typeof scope === 'object';
+  const organisationId = isValidScope ? scope.organisationId : undefined;
+  const eventId = isValidScope ? scope.eventId : undefined;
+  const appId = isValidScope ? scope.appId : undefined;
+  // CRITICAL FIX: Immediately update state when precomputedSuperAdmin changes to true
+  // This ensures super admins get immediate access without waiting for permission checks
+  useEffect(() => {
+    if (precomputedSuperAdmin === true && isSuperAdmin !== true) {
+      setIsSuperAdmin(true);
+      setCan(true);
+      setIsLoading(false);
+      setError(null);
+    } else if (precomputedSuperAdmin === false && isSuperAdmin !== false) {
+      setIsSuperAdmin(false);
+    }
+  }, [precomputedSuperAdmin, isSuperAdmin]);
+  // Check super-admin status - super admins bypass organisation context requirements
+  // PERFORMANCE OPTIMIZATION: Use precomputed value directly - no duplicate checks
+  // Callers must check super admin once and pass the result (null if not checked yet)
+  useEffect(() => {
+    // If precomputed value is null, it means not checked yet - check ourselves
+    if (precomputedSuperAdmin === null) {
+      if (!userId) {
+        setIsSuperAdmin(false);
+        return;
+      }
+      let cancelled = false;
+      const checkSuperAdmin = async () => {
+        const startTime = Date.now();
+        try {
+          const { isSuperAdmin: checkSuperAdmin } = await import('../../api');
+          // Add timeout warning
+          const timeoutWarning = setTimeout(() => {
+            if (!cancelled) {
+              console.warn('[useCan] Super admin check taking longer than 5 seconds', {
+                userId,
+                elapsedMs: Date.now() - startTime,
+              });
+            }
+          }, 5000);
+          const isSuper = await checkSuperAdmin(userId);
+          clearTimeout(timeoutWarning);
+          if (!cancelled) {
+            const elapsed = Date.now() - startTime;
+            if (elapsed > 1000) {
+              console.warn('[useCan] Super admin check took longer than expected', {
+                userId,
+                elapsedMs: elapsed,
+              });
+            }
+            setIsSuperAdmin(isSuper);
+            // If super admin, immediately grant permissions
+            if (isSuper) {
+              setCan(true);
+              setIsLoading(false);
+              setError(null);
+            }
+          }
+        } catch (err) {
+          if (!cancelled) {
+            const elapsed = Date.now() - startTime;
+            console.error('[useCan] Error checking super admin', {
+              userId,
+              error: err,
+              elapsedMs: elapsed,
+            });
+            setIsSuperAdmin(false);
+          }
+        }
+      };
+      checkSuperAdmin();
+      return () => {
+        cancelled = true;
+      };
+    }
+  }, [userId, precomputedSuperAdmin]);
+  // Add timeout for missing organisation context (3 seconds)
+  // Only apply timeout for resource-level permissions, not page-level (which can handle null orgs)
+  // Super admins bypass this check
+  useEffect(() => {
+    const isPagePermission = permission.includes(':page.') || !!pageId;
+    const requiresOrgId = !isPagePermission;
+    // Don't block if user is super-admin (they bypass context requirements)
+    if (isSuperAdmin === true) {
+      return;
+    }
+    if (requiresOrgId && (!isValidScope || !organisationId || organisationId === null || (typeof organisationId === 'string' && organisationId.trim() === ''))) {
+      const timeoutId = setTimeout(() => {
+        setError(new Error('Organisation context is required for permission checks'));
+        setIsLoading(false);
+        setCan(false);
+      }, 3000); // 3 seconds - typical permission check is < 1 second
+      return () => clearTimeout(timeoutId);
+    }
+    // Clear error if organisation context becomes available
+    if (error?.message === 'Organisation context is required for permission checks') {
+      setError(null);
+    }
+  }, [isValidScope, organisationId, error, permission, pageId, isSuperAdmin]);
+  // Use refs to track the last values to prevent unnecessary re-runs
+  const lastUserIdRef = useRef<UUID | null>(null);
+  const lastScopeRef = useRef<string | null>(null);
+  const lastPermissionRef = useRef<Permission | null>(null);
+  const lastPageIdRef = useRef<UUID | undefined | null>(null);
+  const lastUseCacheRef = useRef<boolean | null>(null);
+  const lastIsSuperAdminRef = useRef<boolean | null>(null);
+  // Create a stable scope object for comparison
+  const stableScope = useMemo(() => {
+    if (!isValidScope) {
+      return null;
+    }
+    return {
+      organisationId,
+      eventId,
+      appId,
+    };
+  }, [isValidScope, organisationId, eventId, appId]);
+  // Track previous scope for deep equality comparison
+  const prevScopeRef = useRef<Scope | null>(null);
+  useEffect(() => {
+    // Use deep equality check for scope to prevent unnecessary re-runs
+    const scopeChanged = !scopeEqual(prevScopeRef.current, stableScope);
+    // Only run if something has actually changed
+    // CRITICAL: Also check if isSuperAdmin changed - super admins bypass all checks
+    const isSuperAdminChanged = lastIsSuperAdminRef.current !== isSuperAdmin;
+    if (
+      lastUserIdRef.current !== userId ||
+      scopeChanged ||
+      lastPermissionRef.current !== permission ||
+      lastPageIdRef.current !== pageId ||
+      lastUseCacheRef.current !== useCache ||
+      isSuperAdminChanged
+    ) {
+      lastIsSuperAdminRef.current = isSuperAdmin;
+      lastUserIdRef.current = userId;
+      prevScopeRef.current = stableScope;
+      lastPermissionRef.current = permission;
+      lastPageIdRef.current = pageId;
+      lastUseCacheRef.current = useCache;
+      // Inline the permission check logic to avoid useCallback dependency issues
+      const checkPermission = async () => {
+        if (!userId) {
+          setCan(false);
+          setIsLoading(false);
+          return;
+        }
+        // CRITICAL: Super admins bypass all permission checks - grant immediately
+        // This must be checked BEFORE any other validation to avoid unnecessary API calls
+        if (isSuperAdmin === true) {
+          setCan(true);
+          setIsLoading(false);
+          setError(null);
+          return;
+        }
+        // If super admin status is still being checked (null), wait for it to complete
+        // Don't proceed with permission check until we know if user is super admin
+        if (isSuperAdmin === null) {
+          setIsLoading(true);
+          setCan(false);
+          setError(null);
+          return;
+        }
+        // Validate scope before accessing properties
+        if (!isValidScope) {
+          setIsLoading(true);
+          setCan(false);
+          setError(null);
+          // Timeout is handled in separate useEffect
+          return;
+        }
+        // For page-level permissions, allow undefined/null organisationId (database function handles it)
+        // For resource-level permissions, organisationId is required
+        const isPagePermission = permission.includes(':page.') || !!pageId;
+        const requiresOrgId = !isPagePermission;
+        // Check if pageId is a pageName (not a UUID) - if so, we need appId to resolve it
+        const isPageName = pageId && typeof pageId === 'string' && !/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i.test(pageId);
+        const needsAppIdForPageName = isPagePermission && isPageName;
+        // Don't check permissions if scope is invalid and orgId is required
+        // Wait for organisation context to resolve (unless it's a page permission that can handle null orgs)
+        if (requiresOrgId && (!organisationId || organisationId === null || (typeof organisationId === 'string' && organisationId.trim() === ''))) {
+          // Not super-admin (already checked above) - wait for org context
+          setIsLoading(true);
+          setCan(false);
+          setError(null);
+          // Timeout is handled in separate useEffect (Phase 1.4)
+          return;
+        }
+        // For page-level permissions with pageName (not UUID), we need appId to resolve the pageName to pageId
+        // Wait for appId to be available before checking permissions
+        if (needsAppIdForPageName && (!appId || appId === null || (typeof appId === 'string' && appId.trim() === ''))) {
+          setIsLoading(true);
+          setCan(false);
+          setError(null);
+          // Will re-run when appId becomes available (via scope change detection)
+          return;
+        }
+        try {
+          setIsLoading(true);
+          setError(null);
+          // Create a valid scope object for the API call
+          // For page-level permissions, organisationId can be undefined (database handles it)
+          const validScope: Scope = {
+            ...(organisationId ? { organisationId } : {}),
+            ...(eventId ? { eventId } : {}),
+            ...(appId ? { appId } : {})
+          };
+          // Pass super admin status to avoid duplicate check in isPermitted
+          // Note: isPermittedCached doesn't support precomputedSuperAdmin, but the check will be cached
+          // If we know user is NOT super admin (isSuperAdmin === false), pass false to skip the check
+          const result = useCache
+            ? await isPermittedCached({ userId, scope: validScope, permission, pageId }, appName)
+            : await isPermitted({ userId, scope: validScope, permission, pageId }, appName, isSuperAdmin === false ? false : null);
+          setCan(result);
+        } catch (err) {
+          const logger = getRBACLogger();
+          logger.error('Permission check error:', { permission, error: err });
+          console.error('[useCan] Permission check error', { userId, permission, error: err });
+          setError(err instanceof Error ? err : new Error('Failed to check permission'));
+          setCan(false);
+        } finally {
+          setIsLoading(false);
+        }
+      };
+      checkPermission();
+    }
+  }, [userId, stableScope, permission, pageId, useCache, appName, isSuperAdmin]);
+  const refetch = useCallback(async () => {
+    if (!userId) {
+      setCan(false);
+      setIsLoading(false);
+      return;
+    }
+    // Validate scope before accessing properties
+    if (!isValidScope) {
+      setCan(false);
+      setIsLoading(true);
+      setError(null);
+      return;
+    }
+    // For page-level permissions, allow undefined/null organisationId (database function handles it)
+    // For resource-level permissions, organisationId is required
+    const isPagePermission = permission.includes(':page.') || !!pageId;
+    const requiresOrgId = !isPagePermission;
+    // Don't check permissions if scope is invalid and orgId is required
+    if (requiresOrgId && (!organisationId || organisationId === null || (typeof organisationId === 'string' && organisationId.trim() === ''))) {
+      setCan(false);
+      setIsLoading(true);
+      setError(null);
+      return;
+    }
+    try {
+      setIsLoading(true);
+      setError(null);
+      // Create a valid scope object for the API call
+      // For page-level permissions, organisationId can be undefined (database handles it)
+      const validScope: Scope = {
+        ...(organisationId ? { organisationId } : {}),
+        ...(eventId ? { eventId } : {}),
+        ...(appId ? { appId } : {})
+      };
+      const result = useCache
+        ? await isPermittedCached({ userId, scope: validScope, permission, pageId }, appName)
+        : await isPermitted({ userId, scope: validScope, permission, pageId }, appName, null);
+      setCan(result);
+    } catch (err) {
+      setError(err instanceof Error ? err : new Error('Failed to check permission'));
+      setCan(false);
+    } finally {
+      setIsLoading(false);
+    }
+  }, [userId, isValidScope, organisationId, eventId, appId, permission, pageId, useCache, appName]);
+  // Memoize the return object to prevent unnecessary re-renders
+  return useMemo(() => ({
+    can,
+    isLoading,
+    error,
+    refetch
+  }), [can, isLoading, error, refetch]);
+}

package/src/rbac/hooks/permissions/useHasAllPermissions.ts ADDED Viewed

@@ -0,0 +1,90 @@
+import { useCallback, useEffect, useMemo, useState } from 'react';
+import { isPermitted, isPermittedCached } from '../../api';
+import { Permission, Scope, UUID } from '../../types';
+/**
+ * Hook to check if user has all of the specified permissions
+ *
+ * @param userId - User ID
+ * @param scope - Scope for permission checking
+ * @param permissions - Array of permissions to check
+ * @param useCache - Whether to use cached results
+ * @returns Whether user has all of the permissions
+ *
+ * @example
+ * ```tsx
+ * function MyComponent() {
+ *   const { hasAll, isLoading, error } = useHasAllPermissions(
+ *     userId,
+ *     scope,
+ *     ['read:users', 'create:users', 'update:users']
+ *   );
+ *
+ *   if (isLoading) return <div>Checking permissions...</div>;
+ *   if (error) return <div>Error: {error.message}</div>;
+ *
+ *   return hasAll ? <FullUserManagementPanel /> : <div>Insufficient permissions</div>;
+ * }
+ * ```
+ */
+export function useHasAllPermissions(
+  userId: UUID,
+  scope: Scope,
+  permissions: Permission[],
+  useCache: boolean = true
+): {
+  hasAll: boolean;
+  isLoading: boolean;
+  error: Error | null;
+  refetch: () => Promise<void>;
+} {
+  const [hasAll, setHasAll] = useState<boolean>(false);
+  const [isLoading, setIsLoading] = useState(true);
+  const [error, setError] = useState<Error | null>(null);
+  const checkAllPermissions = useCallback(async () => {
+    if (!userId || permissions.length === 0) {
+      setHasAll(false);
+      setIsLoading(false);
+      return;
+    }
+    try {
+      setIsLoading(true);
+      setError(null);
+      let hasAllPermissions = true;
+      for (const permission of permissions) {
+        const result = useCache
+          ? await isPermittedCached({ userId, scope, permission })
+          : await isPermitted({ userId, scope, permission });
+        if (!result) {
+          hasAllPermissions = false;
+          break;
+        }
+      }
+      setHasAll(hasAllPermissions);
+    } catch (err) {
+      setError(err instanceof Error ? err : new Error('Failed to check permissions'));
+      setHasAll(false);
+    } finally {
+      setIsLoading(false);
+    }
+  }, [userId, scope.organisationId, scope.eventId, scope.appId, permissions, useCache]);
+  useEffect(() => {
+    checkAllPermissions();
+  }, [checkAllPermissions]);
+  // Memoize the return object to prevent unnecessary re-renders
+  return useMemo(() => ({
+    hasAll,
+    isLoading,
+    error,
+    refetch: checkAllPermissions
+  }), [hasAll, isLoading, error, checkAllPermissions]);
+}

package/src/rbac/hooks/permissions/useHasAnyPermission.ts ADDED Viewed

@@ -0,0 +1,90 @@
+import { useCallback, useEffect, useMemo, useState } from 'react';
+import { isPermitted, isPermittedCached } from '../../api';
+import { Permission, Scope, UUID } from '../../types';
+/**
+ * Hook to check if user has any of the specified permissions
+ *
+ * @param userId - User ID
+ * @param scope - Scope for permission checking
+ * @param permissions - Array of permissions to check
+ * @param useCache - Whether to use cached results
+ * @returns Whether user has any of the permissions
+ *
+ * @example
+ * ```tsx
+ * function MyComponent() {
+ *   const { hasAny, isLoading, error } = useHasAnyPermission(
+ *     userId,
+ *     scope,
+ *     ['read:users', 'create:users']
+ *   );
+ *
+ *   if (isLoading) return <div>Checking permissions...</div>;
+ *   if (error) return <div>Error: {error.message}</div>;
+ *
+ *   return hasAny ? <UserManagementPanel /> : <div>No user permissions</div>;
+ * }
+ * ```
+ */
+export function useHasAnyPermission(
+  userId: UUID,
+  scope: Scope,
+  permissions: Permission[],
+  useCache: boolean = true
+): {
+  hasAny: boolean;
+  isLoading: boolean;
+  error: Error | null;
+  refetch: () => Promise<void>;
+} {
+  const [hasAny, setHasAny] = useState<boolean>(false);
+  const [isLoading, setIsLoading] = useState(true);
+  const [error, setError] = useState<Error | null>(null);
+  const checkAnyPermission = useCallback(async () => {
+    if (!userId || permissions.length === 0) {
+      setHasAny(false);
+      setIsLoading(false);
+      return;
+    }
+    try {
+      setIsLoading(true);
+      setError(null);
+      let hasAnyPermission = false;
+      for (const permission of permissions) {
+        const result = useCache
+          ? await isPermittedCached({ userId, scope, permission })
+          : await isPermitted({ userId, scope, permission });
+        if (result) {
+          hasAnyPermission = true;
+          break;
+        }
+      }
+      setHasAny(hasAnyPermission);
+    } catch (err) {
+      setError(err instanceof Error ? err : new Error('Failed to check permissions'));
+      setHasAny(false);
+    } finally {
+      setIsLoading(false);
+    }
+  }, [userId, scope.organisationId, scope.eventId, scope.appId, permissions, useCache]);
+  useEffect(() => {
+    checkAnyPermission();
+  }, [checkAnyPermission]);
+  // Memoize the return object to prevent unnecessary re-renders
+  return useMemo(() => ({
+    hasAny,
+    isLoading,
+    error,
+    refetch: checkAnyPermission
+  }), [hasAny, isLoading, error, checkAnyPermission]);
+}

package/src/rbac/hooks/permissions/useMultiplePermissions.ts ADDED Viewed

@@ -0,0 +1,93 @@
+import { useCallback, useEffect, useMemo, useState } from 'react';
+import { isPermitted, isPermittedCached } from '../../api';
+import { Permission, Scope, UUID } from '../../types';
+/**
+ * Hook to check multiple permissions at once
+ *
+ * @param userId - User ID
+ * @param scope - Scope for permission checking
+ * @param permissions - Array of permissions to check
+ * @param useCache - Whether to use cached results
+ * @returns Multiple permission check results
+ *
+ * @example
+ * ```tsx
+ * function MyComponent() {
+ *   const { results, isLoading, error } = useMultiplePermissions(
+ *     userId,
+ *     scope,
+ *     ['read:users', 'create:users', 'update:users']
+ *   );
+ *
+ *   if (isLoading) return <div>Checking permissions...</div>;
+ *   if (error) return <div>Error: {error.message}</div>;
+ *
+ *   return (
+ *     <div>
+ *       {results['read:users'] && <UserList />}
+ *       {results['create:users'] && <CreateUserButton />}
+ *       {results['update:users'] && <EditUserButton />}
+ *     </div>
+ *   );
+ * }
+ * ```
+ */
+export function useMultiplePermissions(
+  userId: UUID,
+  scope: Scope,
+  permissions: Permission[],
+  useCache: boolean = true
+): {
+  results: Record<Permission, boolean>;
+  isLoading: boolean;
+  error: Error | null;
+  refetch: () => Promise<void>;
+} {
+  const [results, setResults] = useState<Record<Permission, boolean>>({} as Record<Permission, boolean>);
+  const [isLoading, setIsLoading] = useState(true);
+  const [error, setError] = useState<Error | null>(null);
+  const checkPermissions = useCallback(async () => {
+    if (!userId || permissions.length === 0) {
+      setResults({} as Record<Permission, boolean>);
+      setIsLoading(false);
+      return;
+    }
+    try {
+      setIsLoading(true);
+      setError(null);
+      const permissionResults: Record<Permission, boolean> = {} as Record<Permission, boolean>;
+      // Check each permission
+      for (const permission of permissions) {
+        const result = useCache
+          ? await isPermittedCached({ userId, scope, permission })
+          : await isPermitted({ userId, scope, permission });
+        permissionResults[permission] = result;
+      }
+      setResults(permissionResults);
+    } catch (err) {
+      setError(err instanceof Error ? err : new Error('Failed to check permissions'));
+      setResults({} as Record<Permission, boolean>);
+    } finally {
+      setIsLoading(false);
+    }
+  }, [userId, scope.organisationId, scope.eventId, scope.appId, permissions, useCache]);
+  useEffect(() => {
+    checkPermissions();
+  }, [checkPermissions]);
+  // Memoize the return object to prevent unnecessary re-renders
+  return useMemo(() => ({
+    results,
+    isLoading,
+    error,
+    refetch: checkPermissions
+  }), [results, isLoading, error, checkPermissions]);
+}