npm - @jmruthers/pace-core - Versions diffs - 0.6.4 → 0.6.6 - Mend

@jmruthers/pace-core 0.6.4 → 0.6.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (387) hide show

package/CHANGELOG.md +104 -0
package/README.md +5 -403
package/core-usage-manifest.json +93 -0
package/cursor-rules/00-pace-core-compliance.mdc +128 -26
package/cursor-rules/01-standards-compliance.mdc +49 -8
package/cursor-rules/02-project-structure.mdc +6 -0
package/cursor-rules/03-solid-principles.mdc +2 -0
package/cursor-rules/04-testing-standards.mdc +2 -0
package/cursor-rules/05-bug-reports-and-features.mdc +2 -0
package/cursor-rules/06-code-quality.mdc +2 -0
package/cursor-rules/07-tech-stack-compliance.mdc +2 -0
package/cursor-rules/08-markup-quality.mdc +52 -27
package/cursor-rules/09-rbac-compliance.mdc +462 -0
package/cursor-rules/10-error-handling-patterns.mdc +179 -0
package/cursor-rules/11-performance-optimization.mdc +169 -0
package/cursor-rules/12-ci-cd-integration.mdc +150 -0
package/dist/{AuthService-Cb34EQs3.d.ts → AuthService-DmfO5rGS.d.ts} +10 -0
package/dist/{DataTable-BMRU8a1j.d.ts → DataTable-2N_tqbfq.d.ts} +1 -1
package/dist/DataTable-LRJL4IRV.js +15 -0
package/dist/{PublicPageProvider-DEMpysFR.d.ts → PublicPageProvider-BBH6Vqg7.d.ts} +72 -139
package/dist/UnifiedAuthProvider-ZT6TIGM7.js +7 -0
package/dist/api-Y4MQWOFW.js +4 -0
package/dist/audit-MYQXYZFU.js +3 -0
package/dist/{chunk-J36DSWQK.js → chunk-2HGJFNAH.js} +8 -28
package/dist/{chunk-OEWDTMG7.js → chunk-3O3WHILE.js} +38 -121
package/dist/{chunk-M43Y4SSO.js → chunk-3QC3KRHK.js} +1 -14
package/dist/{chunk-DGUM43GV.js → chunk-3RG5ZIWI.js} +1 -4
package/dist/{chunk-QXHPKYJV.js → chunk-4SXLQIZO.js} +1 -26
package/dist/chunk-4T7OBVTU.js +62 -0
package/dist/{chunk-E66EQZE6.js → chunk-6GLLNA6U.js} +3 -9
package/dist/{chunk-ZSAAAMVR.js → chunk-6QYDGKQY.js} +1 -4
package/dist/{chunk-NN6WWZ5U.js → chunk-7TYHROIV.js} +579 -563
package/dist/{chunk-M7MPQISP.js → chunk-A55DK444.js} +9 -16
package/dist/{chunk-63FOKYGO.js → chunk-AHU7G2R5.js} +2 -11
package/dist/{chunk-L4OXEN46.js → chunk-BVP2BCJF.js} +2 -16
package/dist/chunk-C7NSAPTL.js +1 -0
package/dist/{chunk-YKRAFF5K.js → chunk-FENMYN2U.js} +73 -149
package/dist/{chunk-AVMLPIM7.js → chunk-FTCRZOG2.js} +284 -432
package/dist/{chunk-G37KK66H.js → chunk-FYHN4DD5.js} +60 -19
package/dist/{chunk-VBXEHIUJ.js → chunk-HF6O3O37.js} +6 -88
package/dist/{chunk-I6DAQMWX.js → chunk-LAZMKTTF.js} +930 -891
package/dist/{chunk-5EC5MEWX.js → chunk-MAGBIDNS.js} +77 -222
package/dist/chunk-MBADTM7L.js +64 -0
package/dist/chunk-OHIK3MIO.js +994 -0
package/dist/{chunk-6SOIHG6Z.js → chunk-S7DKJPLT.js} +115 -44
package/dist/{chunk-FMUCXFII.js → chunk-SD6WQY43.js} +1 -5
package/dist/{chunk-PWLANIRT.js → chunk-TTRFSOKR.js} +1 -7
package/dist/{chunk-5DRSZLL2.js → chunk-UH3NTO3F.js} +1 -6
package/dist/{chunk-FFQEQTNW.js → chunk-UIYSCEV7.js} +134 -45
package/dist/{chunk-3LPHPB62.js → chunk-ZFYPMX46.js} +271 -87
package/dist/{chunk-7JPAB3T5.js → chunk-ZS5VO5JB.js} +1989 -1283
package/dist/components.d.ts +6 -6
package/dist/components.js +57 -267
package/dist/{database.generated-CzIvgcPu.d.ts → database.generated-CcnC_DRc.d.ts} +4795 -3691
package/dist/eslint-rules/index.cjs +22 -0
package/dist/eslint-rules/rules/compliance.cjs +348 -0
package/dist/eslint-rules/rules/components.cjs +113 -0
package/dist/eslint-rules/rules/imports.cjs +102 -0
package/dist/eslint-rules/rules/rbac.cjs +790 -0
package/dist/eslint-rules/utils/helpers.cjs +42 -0
package/dist/eslint-rules/utils/manifest-loader.cjs +75 -0
package/dist/hooks.d.ts +5 -5
package/dist/hooks.js +62 -270
package/dist/icons/index.d.ts +1 -0
package/dist/icons/index.js +1 -0
package/dist/index.d.ts +36 -26
package/dist/index.js +87 -690
package/dist/providers.d.ts +2 -2
package/dist/providers.js +8 -35
package/dist/rbac/eslint-rules.d.ts +46 -44
package/dist/rbac/eslint-rules.js +7 -4
package/dist/rbac/index.d.ts +124 -594
package/dist/rbac/index.js +14 -207
package/dist/styles/index.js +2 -12
package/dist/theming/runtime.js +3 -19
package/dist/{timezone-CHhWg6b4.d.ts → timezone-BZe_eUxx.d.ts} +175 -1
package/dist/{types-CkbwOr4Y.d.ts → types-B-K_5VnO.d.ts} +4 -0
package/dist/types-t9H8qKRw.d.ts +55 -0
package/dist/types.d.ts +1 -1
package/dist/types.js +7 -94
package/dist/{usePublicRouteParams-i3qtoBgg.d.ts → usePublicRouteParams-COZ28Mvq.d.ts} +9 -9
package/dist/utils.d.ts +24 -117
package/dist/utils.js +54 -392
package/docs/README.md +16 -6
package/docs/api/README.md +4 -402
package/docs/api/modules.md +454 -930
package/docs/api-reference/components.md +3 -1
package/docs/api-reference/deprecated.md +31 -6
package/docs/api-reference/rpc-functions.md +78 -3
package/docs/best-practices/accessibility.md +6 -3
package/docs/getting-started/cursor-rules.md +3 -23
package/docs/getting-started/dependencies.md +650 -0
package/docs/getting-started/installation-guide.md +20 -7
package/docs/getting-started/quick-start.md +23 -12
package/docs/implementation-guides/permission-enforcement.md +4 -0
package/docs/rbac/MIGRATION_GUIDE.md +819 -0
package/docs/rbac/RBAC_CONTRACT.md +724 -0
package/docs/rbac/README.md +12 -3
package/docs/rbac/edge-functions-guide.md +376 -0
package/docs/rbac/secure-client-protection.md +0 -34
package/docs/standards/00-pace-core-compliance.md +967 -0
package/docs/standards/01-standards-compliance.md +188 -0
package/docs/standards/02-project-structure.md +985 -0
package/docs/standards/03-solid-principles.md +39 -0
package/docs/standards/04-testing-standards.md +36 -0
package/docs/standards/05-bug-reports-and-features.md +27 -0
package/docs/standards/{04-code-style-standard.md → 06-code-quality.md} +2 -0
package/docs/standards/07-tech-stack-compliance.md +30 -0
package/docs/standards/08-markup-quality.md +345 -0
package/docs/standards/{07-rbac-and-rls-standard.md → 09-rbac-compliance.md} +149 -54
package/docs/standards/10-error-handling-patterns.md +401 -0
package/docs/standards/11-performance-optimization.md +348 -0
package/docs/standards/12-ci-cd-integration.md +370 -0
package/docs/standards/ALIGNMENT_REVIEW_SUMMARY.md +192 -0
package/docs/standards/README.md +62 -33
package/docs/troubleshooting/organisation-context-setup.md +42 -19
package/eslint-config-pace-core.cjs +20 -4
package/package.json +31 -21
package/scripts/audit/audit-compliance.cjs +1295 -0
package/scripts/audit/audit-components.cjs +260 -0
package/scripts/audit/audit-dependencies.cjs +395 -0
package/scripts/audit/audit-rbac.cjs +954 -0
package/scripts/audit/audit-standards.cjs +1268 -0
package/scripts/audit/index.cjs +1898 -194
package/scripts/install-cursor-rules.cjs +259 -8
package/scripts/validate-master.js +1 -1
package/src/__tests__/fixtures/supabase.ts +1 -1
package/src/__tests__/helpers/__tests__/component-test-utils.test.tsx +1 -1
package/src/__tests__/helpers/__tests__/optimized-test-setup.test.ts +1 -1
package/src/__tests__/helpers/__tests__/supabaseMock.test.ts +1 -1
package/src/__tests__/helpers/__tests__/test-utils.test.tsx +3 -3
package/src/__tests__/helpers/component-test-utils.tsx +1 -1
package/src/__tests__/helpers/supabaseMock.ts +2 -2
package/src/__tests__/public-recipe-view.test.ts +38 -9
package/src/components/Button/Button.tsx +5 -1
package/src/components/ContextSelector/ContextSelector.tsx +42 -39
package/src/components/DataTable/__tests__/keyboard.test.tsx +15 -2
package/src/components/DataTable/components/DataTableBody.tsx +55 -31
package/src/components/DataTable/components/DataTableCore.tsx +186 -13
package/src/components/DataTable/components/DataTableLayout.tsx +30 -5
package/src/components/DataTable/components/EditFields.tsx +23 -3
package/src/components/DataTable/components/EditableRow.tsx +7 -2
package/src/components/DataTable/components/ImportModal.tsx +4 -6
package/src/components/DataTable/components/RowComponent.tsx +12 -0
package/src/components/DataTable/components/ViewRowModal.tsx +4 -4
package/src/components/DataTable/components/__tests__/ImportModal.test.tsx +455 -96
package/src/components/DataTable/components/__tests__/ViewRowModal.test.tsx +122 -58
package/src/components/DataTable/components/hooks/usePermissionTracking.ts +0 -4
package/src/components/DataTable/core/DataTableContext.tsx +1 -1
package/src/components/DataTable/hooks/__tests__/useDataTableState.test.ts +51 -47
package/src/components/DataTable/hooks/useDataTablePermissions.ts +24 -21
package/src/components/DataTable/hooks/useDataTableState.ts +125 -9
package/src/components/DataTable/hooks/useTableColumns.ts +40 -2
package/src/components/DataTable/hooks/useTableHandlers.ts +11 -0
package/src/components/DataTable/types.ts +5 -0
package/src/components/DateTimeField/DateTimeField.tsx +20 -20
package/src/components/DateTimeField/README.md +5 -2
package/src/components/Dialog/Dialog.test.tsx +361 -318
package/src/components/Dialog/Dialog.tsx +1154 -323
package/src/components/Dialog/index.ts +3 -3
package/src/components/FileDisplay/FileDisplay.test.tsx +45 -2
package/src/components/FileDisplay/FileDisplay.tsx +28 -22
package/src/components/Form/Form.test.tsx +9 -10
package/src/components/Form/Form.tsx +369 -9
package/src/components/InactivityWarningModal/InactivityWarningModal.test.tsx +28 -28
package/src/components/InactivityWarningModal/InactivityWarningModal.tsx +40 -54
package/src/components/LoginForm/LoginForm.tsx +2 -2
package/src/components/NavigationMenu/NavigationMenu.test.tsx +14 -13
package/src/components/NavigationMenu/NavigationMenu.tsx +2 -2
package/src/components/NavigationMenu/useNavigationFiltering.ts +11 -21
package/src/components/PaceAppLayout/PaceAppLayout.test.tsx +6 -4
package/src/components/PaceAppLayout/PaceAppLayout.tsx +30 -41
package/src/components/PaceAppLayout/README.md +10 -9
package/src/components/PaceAppLayout/test-setup.tsx +40 -31
package/src/components/PaceLoginPage/PaceLoginPage.test.tsx +108 -61
package/src/components/PaceLoginPage/PaceLoginPage.tsx +27 -3
package/src/components/PasswordChange/PasswordChangeForm.test.tsx +61 -0
package/src/components/PasswordChange/PasswordChangeForm.tsx +20 -13
package/src/components/PublicLayout/PublicLayout.test.tsx +7 -3
package/src/components/PublicLayout/PublicPageLayout.tsx +5 -8
package/src/components/Select/Select.tsx +23 -21
package/src/components/Select/types.ts +1 -1
package/src/components/UserMenu/UserMenu.test.tsx +38 -6
package/src/components/UserMenu/UserMenu.tsx +39 -34
package/src/components/index.ts +3 -4
package/src/eslint-rules/index.cjs +22 -0
package/src/eslint-rules/rules/compliance.cjs +348 -0
package/src/eslint-rules/rules/components.cjs +113 -0
package/src/eslint-rules/rules/imports.cjs +102 -0
package/src/eslint-rules/rules/rbac.cjs +790 -0
package/src/eslint-rules/utils/helpers.cjs +42 -0
package/src/eslint-rules/utils/manifest-loader.cjs +75 -0
package/src/hooks/__tests__/hooks.integration.test.tsx +6 -8
package/src/hooks/__tests__/useAppConfig.unit.test.ts +129 -67
package/src/hooks/__tests__/usePublicEvent.simple.test.ts +149 -67
package/src/hooks/__tests__/usePublicEvent.test.ts +149 -79
package/src/hooks/__tests__/usePublicEvent.unit.test.ts +158 -109
package/src/hooks/__tests__/useSessionDraft.test.ts +163 -0
package/src/hooks/__tests__/useSessionRestoration.unit.test.tsx +10 -5
package/src/hooks/public/usePublicEvent.ts +62 -190
package/src/hooks/public/usePublicEventLogo.test.ts +70 -17
package/src/hooks/public/usePublicEventLogo.ts +19 -9
package/src/hooks/useAppConfig.ts +26 -24
package/src/hooks/useEventTheme.test.ts +211 -233
package/src/hooks/useEventTheme.ts +19 -28
package/src/hooks/useEvents.ts +11 -7
package/src/hooks/useKeyboardShortcuts.ts +1 -1
package/src/hooks/useOrganisationPermissions.ts +9 -11
package/src/hooks/useOrganisations.ts +13 -7
package/src/hooks/useQueryCache.ts +0 -1
package/src/hooks/useSessionDraft.ts +380 -0
package/src/hooks/useSessionRestoration.ts +3 -1
package/src/icons/index.ts +27 -0
package/src/index.ts +16 -1
package/src/providers/OrganisationProvider.tsx +23 -14
package/src/providers/services/EventServiceProvider.tsx +1 -24
package/src/providers/services/UnifiedAuthProvider.tsx +5 -48
package/src/providers/services/__tests__/UnifiedAuthProvider.integration.test.tsx +3 -0
package/src/rbac/README.md +20 -20
package/src/rbac/__tests__/adapters.comprehensive.test.tsx +7 -457
package/src/rbac/__tests__/auth-rbac.e2e.test.tsx +33 -7
package/src/rbac/adapters.tsx +7 -295
package/src/rbac/api.test.ts +44 -56
package/src/rbac/api.ts +10 -17
package/src/rbac/cache-invalidation.ts +0 -1
package/src/rbac/compliance/index.ts +10 -0
package/src/rbac/compliance/pattern-detector.ts +553 -0
package/src/rbac/compliance/runtime-compliance.ts +22 -0
package/src/rbac/components/AccessDenied.tsx +150 -0
package/src/rbac/components/NavigationGuard.tsx +12 -20
package/src/rbac/components/PagePermissionGuard.tsx +4 -24
package/src/rbac/components/__tests__/NavigationGuard.test.tsx +21 -8
package/src/rbac/components/index.ts +3 -41
package/src/rbac/eslint-rules.js +1 -1
package/src/rbac/hooks/index.ts +0 -3
package/src/rbac/hooks/permissions/index.ts +0 -3
package/src/rbac/hooks/permissions/useAccessLevel.ts +4 -8
package/src/rbac/hooks/usePermissions.ts +0 -3
package/src/rbac/hooks/useRBAC.test.ts +21 -3
package/src/rbac/hooks/useRBAC.ts +4 -3
package/src/rbac/hooks/useResolvedScope.test.ts +57 -47
package/src/rbac/hooks/useResolvedScope.ts +58 -140
package/src/rbac/hooks/useResourcePermissions.test.ts +241 -60
package/src/rbac/hooks/useResourcePermissions.ts +182 -63
package/src/rbac/hooks/useRoleManagement.test.ts +65 -22
package/src/rbac/hooks/useRoleManagement.ts +147 -19
package/src/rbac/hooks/useSecureSupabase.ts +4 -8
package/src/rbac/index.ts +7 -9
package/src/rbac/permissions.ts +17 -17
package/src/rbac/utils/contextValidator.ts +45 -7
package/src/services/AuthService.ts +132 -23
package/src/services/EventService.ts +4 -97
package/src/services/InactivityService.ts +155 -58
package/src/services/OrganisationService.ts +7 -44
package/src/services/__tests__/OrganisationService.test.ts +26 -8
package/src/services/base/BaseService.ts +0 -3
package/src/styles/core.css +4 -0
package/src/types/database.generated.ts +4733 -3809
package/src/utils/__tests__/organisationContext.unit.test.ts +9 -10
package/src/utils/context/organisationContext.test.ts +13 -28
package/src/utils/context/organisationContext.ts +21 -52
package/src/utils/dynamic/dynamicUtils.ts +1 -1
package/src/utils/file-reference/index.ts +39 -15
package/src/utils/formatting/formatDateTime.test.ts +3 -2
package/src/utils/formatting/formatTime.test.ts +3 -2
package/src/utils/google-places/loadGoogleMapsScript.ts +29 -4
package/src/utils/index.ts +4 -1
package/src/utils/persistence/__tests__/keyDerivation.test.ts +135 -0
package/src/utils/persistence/__tests__/sensitiveFieldDetection.test.ts +123 -0
package/src/utils/persistence/keyDerivation.ts +304 -0
package/src/utils/persistence/sensitiveFieldDetection.ts +212 -0
package/src/utils/security/secureStorage.ts +5 -5
package/src/utils/storage/helpers.ts +3 -3
package/src/utils/supabase/createBaseClient.ts +147 -0
package/src/utils/timezone/timezone.test.ts +1 -2
package/src/utils/timezone/timezone.ts +1 -1
package/src/utils/validation/csrf.ts +4 -4
package/cursor-rules/CHANGELOG.md +0 -119
package/cursor-rules/README.md +0 -192
package/dist/DataTable-E7YQZD7D.js +0 -175
package/dist/DataTable-E7YQZD7D.js.map +0 -1
package/dist/UnifiedAuthProvider-QPXO24B4.js +0 -18
package/dist/UnifiedAuthProvider-QPXO24B4.js.map +0 -1
package/dist/api-6LVZTHDS.js +0 -52
package/dist/api-6LVZTHDS.js.map +0 -1
package/dist/audit-V53FV5AG.js +0 -17
package/dist/audit-V53FV5AG.js.map +0 -1
package/dist/chunk-36LVWXB2.js +0 -227
package/dist/chunk-36LVWXB2.js.map +0 -1
package/dist/chunk-3LPHPB62.js.map +0 -1
package/dist/chunk-5DRSZLL2.js.map +0 -1
package/dist/chunk-5EC5MEWX.js.map +0 -1
package/dist/chunk-63FOKYGO.js.map +0 -1
package/dist/chunk-6SOIHG6Z.js.map +0 -1
package/dist/chunk-7JPAB3T5.js.map +0 -1
package/dist/chunk-ATKZM7RX.js +0 -2053
package/dist/chunk-ATKZM7RX.js.map +0 -1
package/dist/chunk-AVMLPIM7.js.map +0 -1
package/dist/chunk-DGUM43GV.js.map +0 -1
package/dist/chunk-E66EQZE6.js.map +0 -1
package/dist/chunk-FFQEQTNW.js.map +0 -1
package/dist/chunk-FMUCXFII.js.map +0 -1
package/dist/chunk-G37KK66H.js.map +0 -1
package/dist/chunk-I6DAQMWX.js.map +0 -1
package/dist/chunk-J36DSWQK.js.map +0 -1
package/dist/chunk-KQCRWDSA.js +0 -1
package/dist/chunk-KQCRWDSA.js.map +0 -1
package/dist/chunk-L4OXEN46.js.map +0 -1
package/dist/chunk-LMC26NLJ.js +0 -84
package/dist/chunk-LMC26NLJ.js.map +0 -1
package/dist/chunk-M43Y4SSO.js.map +0 -1
package/dist/chunk-M7MPQISP.js.map +0 -1
package/dist/chunk-NN6WWZ5U.js.map +0 -1
package/dist/chunk-OEWDTMG7.js.map +0 -1
package/dist/chunk-PWLANIRT.js.map +0 -1
package/dist/chunk-QXHPKYJV.js.map +0 -1
package/dist/chunk-VBXEHIUJ.js.map +0 -1
package/dist/chunk-YKRAFF5K.js.map +0 -1
package/dist/chunk-ZSAAAMVR.js.map +0 -1
package/dist/components.js.map +0 -1
package/dist/contextValidator-OOPCLPZW.js +0 -9
package/dist/contextValidator-OOPCLPZW.js.map +0 -1
package/dist/eslint-rules/pace-core-compliance.cjs +0 -510
package/dist/hooks.js.map +0 -1
package/dist/index.js.map +0 -1
package/dist/providers.js.map +0 -1
package/dist/rbac/eslint-rules.js.map +0 -1
package/dist/rbac/index.js.map +0 -1
package/dist/styles/index.js.map +0 -1
package/dist/theming/runtime.js.map +0 -1
package/dist/types.js.map +0 -1
package/dist/utils.js.map +0 -1
package/docs/standards/01-architecture-standard.md +0 -44
package/docs/standards/02-api-and-rpc-standard.md +0 -39
package/docs/standards/03-component-standard.md +0 -32
package/docs/standards/05-security-standard.md +0 -44
package/docs/standards/06-testing-and-docs-standard.md +0 -29
package/docs/standards/pace-core-compliance.md +0 -432
package/scripts/audit/core/checks/accessibility.cjs +0 -197
package/scripts/audit/core/checks/api-usage.cjs +0 -191
package/scripts/audit/core/checks/bundle.cjs +0 -142
package/scripts/audit/core/checks/compliance.cjs +0 -2706
package/scripts/audit/core/checks/config.cjs +0 -54
package/scripts/audit/core/checks/coverage.cjs +0 -84
package/scripts/audit/core/checks/dependencies.cjs +0 -994
package/scripts/audit/core/checks/documentation.cjs +0 -268
package/scripts/audit/core/checks/environment.cjs +0 -116
package/scripts/audit/core/checks/error-handling.cjs +0 -340
package/scripts/audit/core/checks/forms.cjs +0 -172
package/scripts/audit/core/checks/heuristics.cjs +0 -68
package/scripts/audit/core/checks/hooks.cjs +0 -334
package/scripts/audit/core/checks/imports.cjs +0 -244
package/scripts/audit/core/checks/performance.cjs +0 -325
package/scripts/audit/core/checks/routes.cjs +0 -117
package/scripts/audit/core/checks/state.cjs +0 -130
package/scripts/audit/core/checks/structure.cjs +0 -65
package/scripts/audit/core/checks/style.cjs +0 -584
package/scripts/audit/core/checks/testing.cjs +0 -122
package/scripts/audit/core/checks/typescript.cjs +0 -61
package/scripts/audit/core/scanner.cjs +0 -199
package/scripts/audit/core/utils.cjs +0 -137
package/scripts/audit/reporters/console.cjs +0 -151
package/scripts/audit/reporters/json.cjs +0 -54
package/scripts/audit/reporters/markdown.cjs +0 -124
package/scripts/audit-consuming-app.cjs +0 -86
package/src/eslint-rules/pace-core-compliance.cjs +0 -510
package/src/eslint-rules/pace-core-compliance.js +0 -638
package/src/rbac/components/EnhancedNavigationMenu.test.tsx +0 -555
package/src/rbac/components/EnhancedNavigationMenu.tsx +0 -293
package/src/rbac/components/NavigationProvider.test.tsx +0 -481
package/src/rbac/components/NavigationProvider.tsx +0 -345
package/src/rbac/components/PagePermissionProvider.test.tsx +0 -476
package/src/rbac/components/PagePermissionProvider.tsx +0 -279
package/src/rbac/components/PermissionEnforcer.tsx +0 -312
package/src/rbac/components/RoleBasedRouter.tsx +0 -440
package/src/rbac/components/SecureDataProvider.test.tsx +0 -543
package/src/rbac/components/SecureDataProvider.tsx +0 -339
package/src/rbac/components/__tests__/EnhancedNavigationMenu.test.tsx +0 -620
package/src/rbac/components/__tests__/NavigationProvider.test.tsx +0 -726
package/src/rbac/components/__tests__/PagePermissionProvider.test.tsx +0 -661
package/src/rbac/components/__tests__/PermissionEnforcer.test.tsx +0 -881
package/src/rbac/components/__tests__/RoleBasedRouter.test.tsx +0 -783
package/src/rbac/components/__tests__/SecureDataProvider.fixed.test.tsx +0 -645
package/src/rbac/components/__tests__/SecureDataProvider.test.tsx +0 -659
package/src/rbac/hooks/permissions/useCachedPermissions.ts +0 -79
package/src/rbac/hooks/permissions/useHasAllPermissions.ts +0 -90
package/src/rbac/hooks/permissions/useHasAnyPermission.ts +0 -90

package/src/hooks/public/usePublicEvent.ts CHANGED Viewed

@@ -115,18 +115,12 @@ export function usePublicEvent(
   const [isLoading, setIsLoading] = useState<boolean>(true);
   const [error, setError] = useState<Error | null>(null);
-  // Get environment variables from public page context or fallback to direct access
-  let environment: { supabaseUrl: string | null; supabaseKey: string | null };
-  try {
-    environment = usePublicPageContext().environment;
-  } catch {
-    // Fallback to direct environment variable access if not in PublicPageProvider
-    environment = {
-      supabaseUrl: (import.meta as any).env?.VITE_SUPABASE_URL || (import.meta as any).env?.NEXT_PUBLIC_SUPABASE_URL || null,
-      supabaseKey: (import.meta as any).env?.VITE_SUPABASE_PUBLISHABLE_KEY || (import.meta as any).env?.NEXT_PUBLIC_SUPABASE_PUBLISHABLE_KEY || null
-    };
-  }
+  // Call hook unconditionally - if provider is missing, it will throw
+  // Errors should be handled by error boundaries at a higher level
+  // We cannot conditionally call hooks
+  // For public pages, PublicPageProvider should always be present
+  const publicPageContext = usePublicPageContext();
+  const environment = publicPageContext.environment;
   // Create a simple Supabase client for public access
   const supabase = useMemo(() => {
@@ -140,17 +134,6 @@ export function usePublicEvent(
     return createClient<Database>(environment.supabaseUrl, environment.supabaseKey);
   }, [environment.supabaseUrl, environment.supabaseKey]);
-  // Helper function to try refreshing schema cache
-  const refreshSchemaCache = useCallback(async () => {
-    try {
-      // Try to trigger a schema refresh by querying a system table
-      await (supabase as any).from('information_schema.routines').select('routine_name').limit(1);
-    } catch (error) {
-      // Ignore errors, this is just an attempt to refresh cache
-      logger.debug('usePublicEvent', 'Schema cache refresh attempt failed:', error);
-    }
-  }, [supabase]);
   const fetchEvent = useCallback(async (): Promise<void> => {
     if (!eventCode || !supabase) {
       setError(new Error('Invalid event code or Supabase client not available'));
@@ -174,177 +157,66 @@ export function usePublicEvent(
       setIsLoading(true);
       setError(null);
-      let eventData: any = null;
-      try {
-        // Try to call the public event RPC function first
-        const response = await (supabase as any).rpc('get_public_event_by_code', {
-          event_code_param: eventCode
-        });
-        const data = response?.data;
-        const rpcError = response?.error;
-        if (rpcError) {
-          // If RPC function doesn't exist or schema cache issue, try refresh first, then fallback
-          if (rpcError.message?.includes('Could not find the function') ||
-              rpcError.message?.includes('does not exist') ||
-              rpcError.message?.includes('schema cache')) {
-            logger.warn('usePublicEvent', 'RPC function not found or schema cache issue, attempting refresh:', rpcError.message);
-            // Try to refresh schema cache first
-            await refreshSchemaCache();
-            // Try RPC call one more time after refresh
-            try {
-              const retryResponse = await (supabase as any).rpc('get_public_event_by_code', {
-                event_code_param: eventCode
-              });
-              const retryData = retryResponse?.data;
-              const retryError = retryResponse?.error;
-              if (!retryError && retryData && retryData.length > 0) {
-                eventData = retryData[0];
-              } else {
-                throw new Error('RPC still failing after cache refresh');
-              }
-            } catch (retryError) {
-              logger.warn('usePublicEvent', 'RPC still failing after cache refresh, falling back to direct table access');
-              // Fallback: Direct table access with public RLS policy
-            const tableResponse2 = await (supabase as any)
-              .from('core_events')
-              .select(`
-                event_id,
-                event_name,
-                event_date,
-                event_venue,
-                event_participants,
-                event_colours,
-                organisation_id,
-                event_days,
-                event_typicalunit,
-                event_rounddown,
-                event_youthmultiplier,
-                event_catering_email,
-                event_news,
-                event_billing,
-                event_email
-              `)
-              .eq('event_code', eventCode)
-              .eq('is_visible', true)
-              .not('organisation_id', 'is', null)
-              .limit(1)
-              .single();
-            const tableData = tableResponse2?.data;
-            const tableError = tableResponse2?.error;
-            if (tableError) {
-              throw new Error(tableError?.message || 'Failed to fetch event from table');
-            }
-            if (!tableData) {
-              setEvent(null);
-              setError(new Error('Event not found'));
-              return;
-            }
+      // Use direct table query (removed legacy RPC get_public_event_by_code)
+      const tableResponse = await (supabase as any)
+        .from('core_events')
+        .select(`
+          event_id,
+          event_name,
+          event_date,
+          event_venue,
+          event_participants,
+          event_colours,
+          organisation_id,
+          event_days,
+          event_typicalunit,
+          event_rounddown,
+          event_youthmultiplier,
+          event_catering_email,
+          event_news,
+          event_billing,
+          event_email
+        `)
+        .eq('event_code', eventCode)
+        .eq('is_visible', true)
+        .not('organisation_id', 'is', null)
+        .limit(1)
+        .single();
+      const tableData = tableResponse?.data;
+      const tableError = tableResponse?.error;
+      if (tableError) {
+        // Transform "No rows found" to user-friendly "Event not found"
+        const errorMessage = tableError.message === 'No rows found' || tableError.code === 'PGRST116'
+          ? 'Event not found'
+          : (tableError?.message || 'Failed to fetch event from table');
+        throw new Error(errorMessage);
+      }
-            // Get event logo from core_file_references
-            const logoResponse = await (supabase as any)
-              .from('core_file_references')
-              .select('file_path')
-              .eq('table_name', 'core_events')
-              .eq('record_id', tableData.event_id)
-              .eq('is_public', true)
-              .eq('file_metadata->>category', 'event_logos')
-              .limit(1)
-              .single();
-            const logoData = logoResponse?.data;
+      if (!tableData) {
+        setEvent(null);
+        setError(new Error('Event not found'));
+        return;
+      }
-            eventData = {
-              ...tableData,
-              event_logo: logoData?.file_path || null
-            };
-            }
-          } else {
-            // For RPC errors that aren't schema cache issues, throw immediately without fallback
-            const errorMessage = rpcError?.message || rpcError?.toString() || 'Failed to fetch event';
-            setEvent(null);
-            setError(new Error(errorMessage));
-            setIsLoading(false);
-            return;
-          }
-        } else {
-          if (!data || data.length === 0 || !data[0]) {
-            setEvent(null);
-            setError(new Error('Event not found'));
-            return;
-          }
-          eventData = data[0];
-        }
-      } catch (rpcError) {
-        // If RPC call fails for any reason (including schema cache issues), try direct table access
-        logger.warn('usePublicEvent', 'RPC call failed, falling back to direct table access:', rpcError);
+      // Get event logo from core_file_references
+      const logoResponse = await (supabase as any)
+        .from('core_file_references')
+        .select('file_path')
+        .eq('table_name', 'core_events')
+        .eq('record_id', tableData.event_id)
+        .eq('is_public', true)
+        .eq('file_metadata->>category', 'event_logos')
+        .limit(1)
+        .single();
-        const tableResponse = await (supabase as any)
-          .from('core_events')
-          .select(`
-            event_id,
-            event_name,
-            event_date,
-            event_venue,
-            event_participants,
-            event_colours,
-            organisation_id,
-            event_days,
-            event_typicalunit,
-            event_rounddown,
-            event_youthmultiplier,
-            event_catering_email,
-            event_news,
-            event_billing,
-            event_email
-          `)
-          .eq('event_code', eventCode)
-          .eq('is_visible', true)
-          .not('organisation_id', 'is', null)
-          .limit(1)
-          .single();
-        const tableData = tableResponse?.data;
-        const tableError = tableResponse?.error;
+      const logoData = logoResponse?.data;
-        if (tableError) {
-          throw new Error(tableError?.message || 'Failed to fetch event from table');
-        }
-        if (!tableData) {
-          setEvent(null);
-          setError(new Error('Event not found'));
-          return;
-        }
-        // Get event logo from core_file_references
-        const logoResponse = await (supabase as any)
-          .from('core_file_references')
-          .select('file_path')
-          .eq('table_name', 'core_events')
-          .eq('record_id', tableData.event_id)
-          .eq('is_public', true)
-          .eq('file_metadata->>category', 'event_logos')
-          .limit(1)
-          .single();
-        const logoData = logoResponse?.data;
-        eventData = {
-          ...tableData,
-          event_logo: logoData?.file_path || null
-        };
-      }
+      const eventData = {
+        ...tableData,
+        event_logo: logoData?.file_path || null
+      };
       // Transform to Event type
       const transformedEvent: Event = {

package/src/hooks/public/usePublicEventLogo.test.ts CHANGED Viewed

@@ -33,6 +33,15 @@ describe('usePublicEventLogo', () => {
     fetchMock = vi.fn().mockResolvedValue({ ok: true });
     (globalThis as any).fetch = fetchMock;
     clearPublicLogoCache();
+    // Setup default mock for the query chain: .from('core_file_references').select(...).eq(...).eq(...).eq(...).eq(...).limit(1).single()
+    const mockQueryBuilder = {
+      select: vi.fn().mockReturnThis(),
+      eq: vi.fn().mockReturnThis(),
+      limit: vi.fn().mockReturnThis(),
+      single: vi.fn().mockResolvedValue({ data: null, error: null })
+    };
+    (mockSupabase.from as any).mockReturnValue(mockQueryBuilder);
   });
   afterEach(() => {
@@ -44,9 +53,19 @@ describe('usePublicEventLogo', () => {
     (globalThis as any).fetch = originalFetch;
   });
-  it('fetches and caches the logo when RPC succeeds', async () => {
+  it('fetches and caches the logo when query succeeds', async () => {
     const logoUrl = 'https://cdn.example.com/logo.png';
-    (mockSupabase.rpc as any).mockResolvedValue({ data: [{ logo_url: logoUrl }], error: null });
+    // usePublicEventLogo uses: .from('core_file_references').select('file_path').eq(...).eq(...).eq(...).eq(...).limit(1).single()
+    const mockQueryBuilder = {
+      select: vi.fn().mockReturnThis(),
+      eq: vi.fn().mockReturnThis(),
+      limit: vi.fn().mockReturnThis(),
+      single: vi.fn().mockResolvedValue({
+        data: { file_path: logoUrl },
+        error: null
+      })
+    };
+    (mockSupabase.from as any).mockReturnValue(mockQueryBuilder);
     const { result } = renderHook(() =>
       usePublicEventLogo('event-123', 'Big Event', VALID_ORG_ID, {
@@ -54,7 +73,7 @@ describe('usePublicEventLogo', () => {
       })
     );
-    await waitFor(() => expect(result.current.logoUrl).toBe(logoUrl));
+    await waitFor(() => expect(result.current.logoUrl).toBe(logoUrl), { timeout: 2000 });
     expect(result.current.fallbackText).toBe('BE');
     expect(fetchMock).toHaveBeenCalledWith(logoUrl, { method: 'HEAD' });
@@ -66,9 +85,16 @@ describe('usePublicEventLogo', () => {
   it('refetch clears cache and requests fresh data', async () => {
     const firstUrl = 'https://cdn.example.com/logo.png';
     const secondUrl = 'https://cdn.example.com/logo-2.png';
-    (mockSupabase.rpc as any)
-      .mockResolvedValueOnce({ data: [{ logo_url: firstUrl }], error: null })
-      .mockResolvedValueOnce({ data: [{ logo_url: secondUrl }], error: null });
+    const mockQueryBuilder = {
+      select: vi.fn().mockReturnThis(),
+      eq: vi.fn().mockReturnThis(),
+      limit: vi.fn().mockReturnThis(),
+      single: vi.fn()
+        .mockResolvedValueOnce({ data: { file_path: firstUrl }, error: null })
+        .mockResolvedValueOnce({ data: { file_path: secondUrl }, error: null })
+    };
+    (mockSupabase.from as any).mockReturnValue(mockQueryBuilder);
     const { result } = renderHook(() =>
       usePublicEventLogo('event-123', 'Big Event', VALID_ORG_ID, {
@@ -76,18 +102,27 @@ describe('usePublicEventLogo', () => {
       })
     );
-    await waitFor(() => expect(result.current.logoUrl).toBe(firstUrl));
+    await waitFor(() => expect(result.current.logoUrl).toBe(firstUrl), { timeout: 2000 });
     await act(async () => {
       await result.current.refetch();
     });
-    await waitFor(() => expect(result.current.logoUrl).toBe(secondUrl));
-    expect((mockSupabase.rpc as any)).toHaveBeenCalledTimes(2);
+    await waitFor(() => expect(result.current.logoUrl).toBe(secondUrl), { timeout: 2000 });
+    expect(mockQueryBuilder.single).toHaveBeenCalledTimes(2);
   });
-  it('exposes error state when RPC fails', async () => {
-    (mockSupabase.rpc as any).mockResolvedValue({ data: null, error: { message: 'RPC failed' } });
+  it('exposes error state when query fails', async () => {
+    const mockQueryBuilder = {
+      select: vi.fn().mockReturnThis(),
+      eq: vi.fn().mockReturnThis(),
+      limit: vi.fn().mockReturnThis(),
+      single: vi.fn().mockResolvedValue({
+        data: null,
+        error: { message: 'Query failed', code: 'PGRST116' }
+      })
+    };
+    (mockSupabase.from as any).mockReturnValue(mockQueryBuilder);
     const { result } = renderHook(() =>
       usePublicEventLogo('event-123', 'Big Event', VALID_ORG_ID, {
@@ -95,15 +130,24 @@ describe('usePublicEventLogo', () => {
       })
     );
-    await waitFor(() => expect(result.current.isLoading).toBe(false));
+    await waitFor(() => expect(result.current.isLoading).toBe(false), { timeout: 2000 });
     expect(result.current.logoUrl).toBeNull();
-    expect(result.current.error).toEqual(new Error('RPC failed'));
+    expect(result.current.error).toBeNull(); // No error for PGRST116 (not found)
     expect(fetchMock).not.toHaveBeenCalled();
   });
   it('skips image validation when disabled', async () => {
     const logoUrl = 'https://cdn.example.com/logo.png';
-    (mockSupabase.rpc as any).mockResolvedValue({ data: [{ logo_url: logoUrl }], error: null });
+    const mockQueryBuilder = {
+      select: vi.fn().mockReturnThis(),
+      eq: vi.fn().mockReturnThis(),
+      limit: vi.fn().mockReturnThis(),
+      single: vi.fn().mockResolvedValue({
+        data: { file_path: logoUrl },
+        error: null
+      })
+    };
+    (mockSupabase.from as any).mockReturnValue(mockQueryBuilder);
     const { result } = renderHook(() =>
       usePublicEventLogo('event-123', 'Big Event', VALID_ORG_ID, {
@@ -112,7 +156,7 @@ describe('usePublicEventLogo', () => {
       })
     );
-    await waitFor(() => expect(result.current.logoUrl).toBe(logoUrl));
+    await waitFor(() => expect(result.current.logoUrl).toBe(logoUrl), { timeout: 2000 });
     expect(fetchMock).not.toHaveBeenCalled();
   });
@@ -130,7 +174,16 @@ describe('usePublicEventLogo', () => {
   it('clears cached logo entries when clearPublicLogoCache is called', async () => {
     const logoUrl = 'https://cdn.example.com/logo.png';
-    (mockSupabase.rpc as any).mockResolvedValue({ data: [{ logo_url: logoUrl }], error: null });
+    const mockQueryBuilder = {
+      select: vi.fn().mockReturnThis(),
+      eq: vi.fn().mockReturnThis(),
+      limit: vi.fn().mockReturnThis(),
+      single: vi.fn().mockResolvedValue({
+        data: { file_path: logoUrl },
+        error: null
+      })
+    };
+    (mockSupabase.from as any).mockReturnValue(mockQueryBuilder);
     const { result } = renderHook(() =>
       usePublicEventLogo('event-123', 'Big Event', VALID_ORG_ID, {
@@ -138,7 +191,7 @@ describe('usePublicEventLogo', () => {
       })
     );
-    await waitFor(() => expect(result.current.logoUrl).toBe(logoUrl));
+    await waitFor(() => expect(result.current.logoUrl).toBe(logoUrl), { timeout: 2000 });
     expect(getPublicLogoCacheStats().size).toBe(1);
     clearPublicLogoCache();

package/src/hooks/public/usePublicEventLogo.ts CHANGED Viewed

@@ -183,22 +183,32 @@ export function usePublicEventLogo(
       setIsLoading(true);
       setError(null);
-      // Call the public logo RPC function
-      const { data, error: rpcError } = await (supabase as any).rpc('get_public_event_logo', {
-        event_id_param: eventId,
-        organisation_id_param: organisationId
-      });
+      // Query logo directly from core_file_references (removed legacy RPC get_public_event_logo)
+      const { data: logoData, error: queryError } = await (supabase as any)
+        .from('core_file_references')
+        .select('file_path')
+        .eq('table_name', 'core_events')
+        .eq('record_id', eventId)
+        .eq('is_public', true)
+        .eq('file_metadata->>category', 'event_logos')
+        .limit(1)
+        .single();
-      if (rpcError) {
-        throw new Error(rpcError.message || 'Failed to fetch logo');
+      if (queryError) {
+        // If no logo found, that's okay - return null
+        if (queryError.code === 'PGRST116') {
+          setLogoUrl(null);
+          return;
+        }
+        throw new Error(queryError.message || 'Failed to fetch logo');
       }
-      if (!data || data.length === 0 || !data[0] || !data[0].logo_url) {
+      if (!logoData || !logoData.file_path) {
         setLogoUrl(null);
         return;
       }
-      const logoUrl = data[0].logo_url;
+      const logoUrl = logoData.file_path;
       // Validate image existence if requested
       if (validateImage) {

package/src/hooks/useAppConfig.ts CHANGED Viewed

@@ -22,7 +22,7 @@
  */
 import { useMemo, useContext } from 'react';
-import { useUnifiedAuth } from '../providers/services/UnifiedAuthProvider';
+import { useUnifiedAuth, UnifiedAuthContext } from '../providers/services/UnifiedAuthProvider';
 import { useIsPublicPage, PublicPageContext } from '../components/PublicLayout/PublicPageProvider';
 export interface UseAppConfigReturn {
@@ -36,6 +36,8 @@ export interface UseAppConfigReturn {
  * @returns App configuration and loading state
  */
 export function useAppConfig(): UseAppConfigReturn {
+  // Call all hooks unconditionally at the top level
+  // Hooks must be called in the same order on every render
   // Check if we're in a public page context first
   const isPublicPage = useIsPublicPage();
@@ -43,10 +45,20 @@ export function useAppConfig(): UseAppConfigReturn {
   const publicPageContext = useContext(PublicPageContext);
   const hasPublicContext = publicPageContext !== undefined;
   const contextAppName = publicPageContext?.appName || null;
+  // For authenticated pages, use UnifiedAuthProvider
+  // Use useContext directly to handle missing provider gracefully
+  // This allows the hook to work in test environments without providers
+  const authContext = useContext(UnifiedAuthContext);
+  const authAppName = authContext?.appName;
   const getNodeEnvVar = (key: string): string | undefined =>
     typeof process !== 'undefined' && process.env ? process.env[key] : undefined;
-  if (isPublicPage) {
+  // Call all useMemo hooks unconditionally - use conditional logic only for computed values
+  const publicAppName = useMemo(() => {
+    if (!isPublicPage) return null;
     const getAppName = (): string => {
       // When tests mock public mode without the provider, default to PACE
       if (!hasPublicContext) {
@@ -82,27 +94,17 @@ export function useAppConfig(): UseAppConfigReturn {
       return 'PACE';
     };
-    return useMemo(() => ({
-      appName: getAppName(),
-      isLoading: false
-    }), [contextAppName, hasPublicContext]);
-  }
+    return getAppName();
+  }, [isPublicPage, contextAppName, hasPublicContext]);
-  // For authenticated pages, use UnifiedAuthProvider
-  try {
-    const { appName } = useUnifiedAuth();
-    return useMemo(() => ({
-      appName,
-      isLoading: false
-    }), [appName]);
-  } catch (error) {
-    // Fallback if UnifiedAuthProvider is not available
-    return useMemo(() => ({
-      appName: contextAppName ||
-        getNodeEnvVar('VITE_APP_NAME') ||
-        getNodeEnvVar('NEXT_PUBLIC_APP_NAME') ||
-        'PACE',
-      isLoading: false
-    }), [contextAppName]);
-  }
+  const authenticatedAppName = useMemo(() => {
+    if (isPublicPage) return null;
+    return authAppName || 'PACE';
+  }, [isPublicPage, authAppName]);
+  // Return the appropriate value based on context
+  return useMemo(() => ({
+    appName: publicAppName || authenticatedAppName || 'PACE',
+    isLoading: false
+  }), [publicAppName, authenticatedAppName]);
 }