@jmruthers/pace-core 0.6.7 → 0.6.8

package/src/hooks/useFileUrl.ts

@@ -57,12 +57,21 @@ export function useFileUrl(
   const [isLoading, setIsLoading] = useState<boolean>(false);
   const [error, setError] = useState<Error | null>(null);
   const fileReferenceIdRef = useRef<string | null>(null);
+  const isLoadingRef = useRef<boolean>(false);
+  const urlRef = useRef<string | null>(null);
+
+  // Keep refs in sync with state
+  useEffect(() => {
+    isLoadingRef.current = isLoading;
+    urlRef.current = url;
+  }, [isLoading, url]);
 
   const loadUrl = useCallback(async () => {
     if (!fileReference) {
       setUrl(null);
       setIsLoading(false);
       setError(null);
+      fileReferenceIdRef.current = null;
       return;
     }
 
@@ -70,11 +79,12 @@ export function useFileUrl(
       setUrl(null);
       setIsLoading(false);
       setError(new Error('Supabase client is required for URL generation'));
+      fileReferenceIdRef.current = null;
       return;
     }
 
     // Skip if already loading or URL already exists for this file
-    if (isLoading || (url && fileReferenceIdRef.current === fileReference.id)) {
+    if (isLoadingRef.current || (urlRef.current && fileReferenceIdRef.current === fileReference.id)) {
       return;
     }
 
@@ -108,29 +118,63 @@ export function useFileUrl(
     } finally {
       setIsLoading(false);
     }
-  }, [fileReference, supabase, organisation_id, isLoading, url]);
+  }, [fileReference, supabase, organisation_id]);
 
   const clear = useCallback(() => {
     setUrl(null);
     setError(null);
     setIsLoading(false);
     fileReferenceIdRef.current = null;
+    urlRef.current = null;
   }, []);
 
   // Auto-load URL when fileReference changes
   useEffect(() => {
-    if (autoLoad) {
-      // Reset URL when file reference changes
-      if (fileReferenceIdRef.current !== fileReference?.id) {
+    if (!autoLoad) {
+      return;
+    }
+
+    const currentFileId = fileReference?.id ?? null;
+    const previousFileId = fileReferenceIdRef.current;
+
+    // Handle null file reference
+    if (!fileReference) {
+      if (previousFileId !== null) {
         setUrl(null);
         setError(null);
+        fileReferenceIdRef.current = null;
+        urlRef.current = null;
       }
-      
-      if (fileReference && !url && !isLoading) {
+      return;
+    }
+
+    // Reset URL when file reference ID changes (but not on initial mount)
+    if (previousFileId !== null && previousFileId !== currentFileId) {
+      setUrl(null);
+      setError(null);
+      fileReferenceIdRef.current = null;
+      urlRef.current = null; // Also reset the ref immediately
+      // Immediately try to load - loadUrl will check if already loading
+      loadUrl();
+      return;
+    }
+    
+    // Initial load or reload after clear: Load URL if we have a file reference and no URL is set
+    if (previousFileId === null && currentFileId !== null) {
+      // First time loading this file or reloading after clear - update ref and load
+      fileReferenceIdRef.current = currentFileId;
+      if (!isLoading && !url) {
         loadUrl();
       }
+    } else if (previousFileId === currentFileId && !url && !isLoading) {
+      // Same file but URL not loaded yet (e.g., after clear or initial mount edge case)
+      // Ensure ref is set correctly
+      if (fileReferenceIdRef.current !== currentFileId) {
+        fileReferenceIdRef.current = currentFileId;
+      }
+      loadUrl();
     }
-  }, [fileReference?.id, autoLoad, loadUrl, url, isLoading]);
+  }, [fileReference, autoLoad, loadUrl, url, isLoading]);
 
   return {
     url,

package/src/hooks/useOrganisationSecurity.test.ts

@@ -625,7 +625,8 @@ describe('useOrganisationSecurity', () => {
 
     it('handles permission retrieval errors gracefully', async () => {
       mockIsSuperAdmin.mockResolvedValue(false);
-      mockIsPermittedCached.mockRejectedValue(new Error('Permission retrieval failed'));
+      // getUserPermissions uses getPermissionMap, not isPermittedCached
+      mockGetPermissionMap.mockRejectedValue(new Error('Permission retrieval failed'));
 
       const consoleErrorSpy = vi.spyOn(console, 'error').mockImplementation(() => {});
 

package/src/providers/__tests__/ProviderLifecycle.test.tsx

@@ -82,7 +82,7 @@ describe('Provider Lifecycle Tests', () => {
       
       rerender(<TestComponent isVisible={false} />);
       
-      expect(screen.queryByTestId('cleanup-test')).not.toBeInTheDocument();
+      expect(screen.queryByTestId('cleanup-test')).toBeNull();
     });
 
     it('should cleanup subscription listeners', () => {

package/src/rbac/__tests__/auth-rbac.e2e.test.tsx

@@ -109,9 +109,12 @@ describe('Auth/RBAC E2E Flows', () => {
           }
           return Promise.resolve({ data: false, error: null });
         },
-        util_app_resolve: (params?: any) => {
+        data_app_resolve: (params?: any) => {
           // Return app ID for TEST_APP
-          return Promise.resolve({ data: { id: 'app-123', name: 'TEST_APP' }, error: null });
+          return Promise.resolve({ 
+            data: [{ app_id: 'app-123', app_name: 'TEST_APP', is_active: true, has_access: true }], 
+            error: null 
+          });
         },
         data_user_organisation_roles_get: (params?: any) => {
           // Return organisation roles/memberships
@@ -241,8 +244,11 @@ describe('Auth/RBAC E2E Flows', () => {
           return Promise.resolve({ data: true, error: null });
         }
         // Handle other RPCs
-        if (functionName === 'util_app_resolve') {
-          return Promise.resolve({ data: { id: 'app-123', name: 'TEST_APP' }, error: null });
+        if (functionName === 'data_app_resolve') {
+          return Promise.resolve({ 
+            data: [{ app_id: 'app-123', app_name: 'TEST_APP', is_active: true, has_access: true }], 
+            error: null 
+          });
         }
         if (functionName === 'data_user_organisation_roles_get') {
           return Promise.resolve({ data: [], error: null });
@@ -419,8 +425,11 @@ describe('Auth/RBAC E2E Flows', () => {
           return Promise.resolve({ data: false, error: null });
         }
         // Handle other RPCs
-        if (functionName === 'util_app_resolve') {
-          return Promise.resolve({ data: { id: 'app-123', name: 'TEST_APP' }, error: null });
+        if (functionName === 'data_app_resolve') {
+          return Promise.resolve({ 
+            data: [{ app_id: 'app-123', app_name: 'TEST_APP', is_active: true, has_access: true }], 
+            error: null 
+          });
         }
         if (functionName === 'data_user_organisation_roles_get') {
           return Promise.resolve({

package/src/rbac/__tests__/rbac-functions.test.ts

@@ -430,7 +430,7 @@ describe('RBAC Functions', () => {
     });
   });
 
-  describe('rbac_roles_list', () => {
+  describe('data_rbac_roles_list', () => {
     it('should list all user roles', async () => {
       mockSupabase.rpc.mockResolvedValue({
         data: [
@@ -454,7 +454,7 @@ describe('RBAC Functions', () => {
         error: null
       });
 
-      const result = await mockSupabase.rpc('rbac_roles_list', {
+      const result = await mockSupabase.rpc('data_rbac_roles_list', {
         p_user_id: mockUser.id
       });
 
@@ -476,7 +476,7 @@ describe('RBAC Functions', () => {
         error: null
       });
 
-      const result = await mockSupabase.rpc('rbac_roles_list', {
+      const result = await mockSupabase.rpc('data_rbac_roles_list', {
         p_user_id: mockUser.id,
         p_organisation_id: mockOrganisation.id
       });

package/src/rbac/api.test.ts

@@ -191,6 +191,14 @@ describe('RBAC API', () => {
 
     it('handles engine creation errors gracefully', () => {
       const error = new Error('Engine creation error');
+      // Ensure createRBACConfig doesn't throw so we can test engine creation error
+      mockCreateRBACConfig.mockImplementation((config) => config);
+      mockGetRBACLogger.mockReturnValue({
+        info: vi.fn(),
+        warn: vi.fn(),
+        error: vi.fn(),
+        debug: vi.fn()
+      });
       mockCreateRBACEngine.mockImplementation(() => {
         throw error;
       });
@@ -202,6 +210,16 @@ describe('RBAC API', () => {
 
     it('handles audit manager creation errors gracefully', () => {
       const error = new Error('Audit manager creation error');
+      // Ensure createRBACConfig doesn't throw so we can test audit manager creation error
+      mockCreateRBACConfig.mockImplementation((config) => config);
+      mockGetRBACLogger.mockReturnValue({
+        info: vi.fn(),
+        warn: vi.fn(),
+        error: vi.fn(),
+        debug: vi.fn()
+      });
+      const mockEngine = { id: 'test-engine' };
+      mockCreateRBACEngine.mockReturnValue(mockEngine as any);
       mockCreateAuditManager.mockImplementation(() => {
         throw error;
       });
@@ -309,6 +327,21 @@ describe('RBAC API', () => {
 
   describe('Error Handling', () => {
     it('handles missing supabase client', () => {
+      const mockEngine = { id: 'test-engine' };
+      const mockAuditManager = { id: 'test-audit' };
+      const mockLogger = {
+        info: vi.fn(),
+        warn: vi.fn(),
+        error: vi.fn(),
+        debug: vi.fn()
+      };
+
+      // Ensure mocks don't throw
+      mockCreateRBACConfig.mockImplementation((config) => config);
+      mockCreateRBACEngine.mockReturnValue(mockEngine as any);
+      mockCreateAuditManager.mockReturnValue(mockAuditManager as any);
+      mockGetRBACLogger.mockReturnValue(mockLogger);
+      
       // The function doesn't throw, it just creates config with null
       expect(() => {
         setupRBAC(null as any);
@@ -317,6 +350,20 @@ describe('RBAC API', () => {
 
     it('handles invalid supabase client', () => {
       const invalidSupabase = { invalid: 'client' };
+      const mockEngine = { id: 'test-engine' };
+      const mockAuditManager = { id: 'test-audit' };
+      const mockLogger = {
+        info: vi.fn(),
+        warn: vi.fn(),
+        error: vi.fn(),
+        debug: vi.fn()
+      };
+
+      // Ensure mocks don't throw
+      mockCreateRBACConfig.mockImplementation((config) => config);
+      mockCreateRBACEngine.mockReturnValue(mockEngine as any);
+      mockCreateAuditManager.mockReturnValue(mockAuditManager as any);
+      mockGetRBACLogger.mockReturnValue(mockLogger);
       
       // The function doesn't throw, it just creates config with invalid client
       expect(() => {
@@ -354,6 +401,21 @@ describe('RBAC API', () => {
 
   describe('Configuration Validation', () => {
     it('validates required supabase client', () => {
+      const mockEngine = { id: 'test-engine' };
+      const mockAuditManager = { id: 'test-audit' };
+      const mockLogger = {
+        info: vi.fn(),
+        warn: vi.fn(),
+        error: vi.fn(),
+        debug: vi.fn()
+      };
+
+      // Ensure mocks don't throw
+      mockCreateRBACConfig.mockImplementation((config) => config);
+      mockCreateRBACEngine.mockReturnValue(mockEngine as any);
+      mockCreateAuditManager.mockReturnValue(mockAuditManager as any);
+      mockGetRBACLogger.mockReturnValue(mockLogger);
+      
       // The function doesn't throw, it just creates config with undefined
       expect(() => {
         setupRBAC(undefined as any);
@@ -365,6 +427,20 @@ describe('RBAC API', () => {
         from: 'not-a-function',
         auth: 'not-an-object'
       };
+      const mockEngine = { id: 'test-engine' };
+      const mockAuditManager = { id: 'test-audit' };
+      const mockLogger = {
+        info: vi.fn(),
+        warn: vi.fn(),
+        error: vi.fn(),
+        debug: vi.fn()
+      };
+
+      // Ensure mocks don't throw
+      mockCreateRBACConfig.mockImplementation((config) => config);
+      mockCreateRBACEngine.mockReturnValue(mockEngine as any);
+      mockCreateAuditManager.mockReturnValue(mockAuditManager as any);
+      mockGetRBACLogger.mockReturnValue(mockLogger);
 
       // The function doesn't throw, it just creates config with invalid client
       expect(() => {
@@ -415,6 +491,32 @@ describe('RBAC API', () => {
     });
   });
 
+  describe('Type Safety', () => {
+    it('accepts valid Supabase client types', () => {
+      const validSupabase = {
+        from: vi.fn(),
+        auth: { getUser: vi.fn() },
+        rpc: vi.fn()
+      };
+      const mockEngine = { id: 'test-engine' };
+      const mockAuditManager = { id: 'test-audit' };
+      const mockLogger = {
+        info: vi.fn(),
+        warn: vi.fn(),
+        error: vi.fn(),
+        debug: vi.fn()
+      };
+
+      mockCreateRBACEngine.mockReturnValue(mockEngine as any);
+      mockCreateAuditManager.mockReturnValue(mockAuditManager as any);
+      mockGetRBACLogger.mockReturnValue(mockLogger);
+
+      expect(() => {
+        setupRBAC(validSupabase as any);
+      }).not.toThrow();
+    });
+  });
+
   describe('Cache Integration', () => {
     it('initializes cache correctly', () => {
       const mockEngine = { id: 'test-engine' };
@@ -456,6 +558,8 @@ describe('RBAC API', () => {
         debug: vi.fn()
       };
 
+      // Ensure mocks don't throw
+      mockCreateRBACConfig.mockImplementation((config) => config);
       mockCreateRBACEngine.mockReturnValue(mockEngine as any);
       mockCreateAuditManager.mockReturnValue(mockAuditManager as any);
       mockGetRBACLogger.mockReturnValue(mockLogger);

package/src/rbac/engine.ts

@@ -440,7 +440,7 @@ export class RBACEngine {
   async resolveAppContext(input: { userId: UUID; appName: string }): Promise<RBACAppContext | null> {
     try {
       const { userId, appName } = input;
-      const { data, error } = await (this.supabase as any).rpc('util_app_resolve', {
+      const { data, error } = await (this.supabase as any).rpc('data_app_resolve', {
         p_user_id: userId,
         p_app_name: appName,
       });

package/src/rbac/hooks/useCan.test.ts

@@ -647,7 +647,7 @@ describe('useCan Hook', () => {
       }, { timeout: 20000 });
     });
 
-    it('times out after 3 seconds when organisationId is missing', async () => {
+    it('times out after 3 seconds when organisationId is missing', { timeout: 10000 }, async () => {
       vi.useFakeTimers({ shouldAdvanceTime: true });
       
       const emptyScope = {} as any;
@@ -672,7 +672,7 @@ describe('useCan Hook', () => {
         expect(result.current.error).not.toBeNull();
         expect(result.current.error?.message).toBe('Organisation context is required for permission checks');
       }, { timeout: 2000 });
-    }, { timeout: 10000 });
+    });
 
     it('handles null userId', async () => {
       const { result } = renderHook(() => 

package/src/rbac/secureClient.ts

@@ -536,7 +536,7 @@ export class SecureSupabaseClient {
     // 2. Add it here with the parameters it accepts
     const rpcContextWhitelist: Record<string, Set<string>> = {
       // RPCs that accept all three context parameters
-      'rbac_roles_list': new Set(['p_organisation_id', 'p_event_id', 'p_app_id']),
+      'data_rbac_roles_list': new Set(['p_organisation_id', 'p_event_id', 'p_app_id']),
       
       // RPCs that accept only p_organisation_id (not p_app_id or p_event_id)
       'data_file_reference_by_category_list': new Set(['p_organisation_id']),

package/src/rbac/types/functions.ts

@@ -185,7 +185,7 @@ export enum RPCFunction {
   // Role Management Functions
   RBAC_ROLE_GRANT = 'rbac_role_grant',
   RBAC_ROLE_REVOKE = 'rbac_role_revoke',
-  RBAC_ROLES_LIST = 'rbac_roles_list',
+  RBAC_ROLES_LIST = 'data_rbac_roles_list',
   RBAC_ROLE_VALIDATE = 'rbac_role_validate',
   
   // Session & Audit Functions

package/src/theming/__tests__/parseEventColours.test.ts

@@ -88,7 +88,7 @@ describe('parseAndNormalizeEventColours', () => {
   });
 
   describe('Standard format only', () => {
-    it('normalizes legacy format with ev-main, ev-sec, ev-acc keys to standard format', () => {
+    it('supports ev-main, ev-sec, ev-acc keys and normalizes them', () => {
       const input = {
         'ev-main': { 500: { L: 0.5, C: 0.2, H: 0 } },
         'ev-sec': { 500: { L: 0.5, C: 0.2, H: 120 } },
@@ -96,14 +96,11 @@ describe('parseAndNormalizeEventColours', () => {
       };
 
       const result = parseAndNormalizeEventColours(input);
-      // Legacy format is normalized to standard format (ev-main -> main, etc.)
+      // ev-main, ev-sec, ev-acc keys are supported and normalized to main, sec, acc
       expect(result).not.toBeNull();
-      expect(result).toHaveProperty('main');
-      expect(result).toHaveProperty('sec');
-      expect(result).toHaveProperty('acc');
-      expect(result?.main).toHaveProperty('500');
-      expect(result?.sec).toHaveProperty('500');
-      expect(result?.acc).toHaveProperty('500');
+      expect(result?.main[500]).toEqual({ L: 0.5, C: 0.2, H: 0 });
+      expect(result?.sec[500]).toEqual({ L: 0.5, C: 0.2, H: 120 });
+      expect(result?.acc[500]).toEqual({ L: 0.5, C: 0.2, H: 240 });
     });
 
     it('uses standard keys when provided', () => {
@@ -198,6 +195,118 @@ describe('parseAndNormalizeEventColours', () => {
     });
   });
 
+  describe('ev- prefix handling for shade names', () => {
+    it('strips ev- prefix from shade names', () => {
+      const input = {
+        main: {
+          'ev-main-500': { L: 0.5, C: 0.2, H: 0 },
+          'ev-main-100': { L: 0.9, C: 0.1, H: 0 }
+        },
+        acc: {
+          'ev-acc-500': { L: 0.5, C: 0.2, H: 240 }
+        }
+      };
+
+      const result = parseAndNormalizeEventColours(input);
+      expect(result).not.toBeNull();
+      
+      // ev- prefix should be stripped from shade names
+      expect(result?.main['main-500']).toEqual({ L: 0.5, C: 0.2, H: 0 });
+      expect(result?.main['main-100']).toEqual({ L: 0.9, C: 0.1, H: 0 });
+      expect(result?.acc['acc-500']).toEqual({ L: 0.5, C: 0.2, H: 240 });
+      
+      // Original keys with ev- prefix should not exist
+      expect(result?.main['ev-main-500']).toBeUndefined();
+      expect(result?.main['ev-main-100']).toBeUndefined();
+      expect(result?.acc['ev-acc-500']).toBeUndefined();
+    });
+
+    it('handles mixed ev- prefixed and non-prefixed shade names', () => {
+      const input = {
+        main: {
+          'ev-main-500': { L: 0.5, C: 0.2, H: 0 },
+          100: { L: 0.9, C: 0.1, H: 0 },
+          raw: { L: 0.55, C: 0.25, H: 5 }
+        }
+      };
+
+      const result = parseAndNormalizeEventColours(input);
+      expect(result).not.toBeNull();
+      
+      // ev- prefixed shade should be normalized
+      expect(result?.main['main-500']).toEqual({ L: 0.5, C: 0.2, H: 0 });
+      
+      // Non-prefixed shades should remain unchanged
+      expect(result?.main[100]).toEqual({ L: 0.9, C: 0.1, H: 0 });
+      expect(result?.main.raw).toEqual({ L: 0.55, C: 0.25, H: 5 });
+    });
+
+    it('handles ev- prefixed shade names in sec palette', () => {
+      const input = {
+        sec: {
+          'ev-sec-500': { L: 0.5, C: 0.2, H: 120 },
+          'ev-sec-200': { L: 0.8, C: 0.15, H: 120 }
+        }
+      };
+
+      const result = parseAndNormalizeEventColours(input);
+      expect(result).not.toBeNull();
+      
+      expect(result?.sec['sec-500']).toEqual({ L: 0.5, C: 0.2, H: 120 });
+      expect(result?.sec['sec-200']).toEqual({ L: 0.8, C: 0.15, H: 120 });
+    });
+
+    it('preserves shade names that do not start with ev-', () => {
+      const input = {
+        main: {
+          500: { L: 0.5, C: 0.2, H: 0 },
+          'main-500': { L: 0.6, C: 0.3, H: 0 },
+          raw: { L: 0.55, C: 0.25, H: 5 }
+        }
+      };
+
+      const result = parseAndNormalizeEventColours(input);
+      expect(result).not.toBeNull();
+      
+      // All shades should be preserved as-is (no ev- prefix to strip)
+      expect(result?.main[500]).toEqual({ L: 0.5, C: 0.2, H: 0 });
+      expect(result?.main['main-500']).toEqual({ L: 0.6, C: 0.3, H: 0 });
+      expect(result?.main.raw).toEqual({ L: 0.55, C: 0.25, H: 5 });
+    });
+
+    it('normalizes both palette keys and shade names with ev- prefix together', () => {
+      const input = {
+        'ev-main': {
+          'ev-main-raw': { L: 0.55, C: 0.25, H: 5 },
+          'ev-main-200': { L: 0.8, C: 0.15, H: 0 }
+        },
+        'ev-sec': {
+          'ev-sec-200': { L: 0.8, C: 0.15, H: 120 },
+          'ev-sec-500': { L: 0.5, C: 0.2, H: 120 }
+        },
+        'ev-acc': {
+          'ev-acc-800': { L: 0.3, C: 0.2, H: 240 }
+        }
+      };
+
+      const result = parseAndNormalizeEventColours(input);
+      expect(result).not.toBeNull();
+      
+      // Palette keys should be normalized: ev-main -> main, ev-sec -> sec, ev-acc -> acc
+      // Shade names should be normalized: ev-main-raw -> main-raw, ev-sec-200 -> sec-200, etc.
+      expect(result?.main['main-raw']).toEqual({ L: 0.55, C: 0.25, H: 5 });
+      expect(result?.main['main-200']).toEqual({ L: 0.8, C: 0.15, H: 0 });
+      expect(result?.sec['sec-200']).toEqual({ L: 0.8, C: 0.15, H: 120 });
+      expect(result?.sec['sec-500']).toEqual({ L: 0.5, C: 0.2, H: 120 });
+      expect(result?.acc['acc-800']).toEqual({ L: 0.3, C: 0.2, H: 240 });
+      
+      // Original keys should not exist
+      expect(result?.main['ev-main-raw']).toBeUndefined();
+      expect(result?.sec['ev-sec-200']).toBeUndefined();
+      expect(result?.acc['ev-acc-800']).toBeUndefined();
+    });
+  });
+
   describe('Error handling', () => {
     it('handles malformed color objects gracefully', () => {
       const input = {

package/src/theming/parseEventColours.ts

@@ -15,12 +15,21 @@
  * Supports input formats:
  * - Object with 'main', 'sec', 'acc' keys (standard format)
  * - Object with 'ev-main', 'ev-sec', 'ev-acc' keys (database format with prefix)
+ * - Shade names with 'ev-' prefix (e.g., 'ev-acc-500' -> 'acc-500', 'ev-main-raw' -> 'main-raw')
  * - JSON string that will be parsed
  * 
  * Only includes explicitly defined color values. Does not fill
  * missing shades - only shades that are present in the input will
  * be included in the output.
  * 
+ * The parser automatically strips 'ev-' prefixes from BOTH palette keys and shade names
+ * for future-proofing, allowing distinction between event colors and organization colors
+ * (org colors not yet implemented).
+ * 
+ * Normalization rules:
+ * - Palette keys: 'ev-main' -> 'main', 'ev-sec' -> 'sec', 'ev-acc' -> 'acc'
+ * - Shade names: 'ev-main-raw' -> 'main-raw', 'ev-sec-200' -> 'sec-200', 'ev-acc-800' -> 'acc-800'
+ * 
  * @param input - Event colours from database (JSONB field)
  * @returns Normalized palette data with main, sec, acc palettes, or null if invalid
  * 
@@ -38,7 +47,7 @@
  * 
  * @example
  * ```ts
- * // Database format with ev- prefix
+ * // Database format with ev- prefix on palette keys
  * const colours = {
  *   'ev-main': { 500: { L: 0.5, C: 0.2, H: 0 } },
  *   'ev-sec': { 500: { L: 0.5, C: 0.2, H: 120 } },
@@ -48,6 +57,44 @@
  * // Returns: { main: { 500: {...} }, sec: { 500: {...} }, acc: { 500: {...} } }
  * ```
  * 
+ * @example
+ * ```ts
+ * // Future-proofing: ev- prefix on shade names
+ * const colours = {
+ *   main: { 
+ *     'ev-main-500': { L: 0.5, C: 0.2, H: 0 },
+ *     'ev-main-raw': { L: 0.55, C: 0.25, H: 5 }
+ *   },
+ *   sec: {
+ *     'ev-sec-200': { L: 0.8, C: 0.15, H: 120 }
+ *   },
+ *   acc: { 
+ *     'ev-acc-800': { L: 0.3, C: 0.2, H: 240 }
+ *   }
+ * };
+ * const palette = parseAndNormalizeEventColours(colours);
+ * // Returns: { main: { 'main-500': {...}, 'main-raw': {...} }, sec: { 'sec-200': {...} }, acc: { 'acc-800': {...} } }
+ * ```
+ * 
+ * @example
+ * ```ts
+ * // Both palette keys and shade names with ev- prefix
+ * const colours = {
+ *   'ev-main': { 
+ *     'ev-main-raw': { L: 0.55, C: 0.25, H: 5 },
+ *     'ev-main-200': { L: 0.8, C: 0.15, H: 0 }
+ *   },
+ *   'ev-sec': {
+ *     'ev-sec-500': { L: 0.5, C: 0.2, H: 120 }
+ *   },
+ *   'ev-acc': { 
+ *     'ev-acc-800': { L: 0.3, C: 0.2, H: 240 }
+ *   }
+ * };
+ * const palette = parseAndNormalizeEventColours(colours);
+ * // Returns: { main: { 'main-raw': {...}, 'main-200': {...} }, sec: { 'sec-500': {...} }, acc: { 'acc-800': {...} } }
+ * ```
+ * 
  */
 export function parseAndNormalizeEventColours(input: unknown): { main: any; sec: any; acc: any } | null {
   try {
@@ -78,6 +125,8 @@ export function parseAndNormalizeEventColours(input: unknown): { main: any; sec:
 
     // Helper: only include explicitly defined color values
     // This ensures we don't include undefined shades in the palette
+    // Also strips 'ev-' prefix from shade names for future-proofing (to distinguish event colors from org colors)
+    // Palette keys are normalized above (ev-main -> main), shade names are normalized here (ev-main-raw -> main-raw)
     const fill = (p: any) => {
       if (!p || typeof p !== 'object') return {} as any;
       const out: any = {};
@@ -88,7 +137,12 @@ export function parseAndNormalizeEventColours(input: unknown): { main: any; sec:
         // Only include the key if it has a defined value (not null, undefined, or empty)
         const value = p[key];
         if (value !== null && value !== undefined && value !== '') {
-          out[key] = value;
+          // Strip 'ev-' prefix from shade names for future-proofing
+          // e.g., 'ev-acc-500' -> 'acc-500', 'ev-main-raw' -> 'main-raw', 'ev-sec-200' -> 'sec-200'
+          const normalizedKey = typeof key === 'string' && key.startsWith('ev-') 
+            ? key.substring(3) 
+            : key;
+          out[normalizedKey] = value;
         }
       }
       

package/src/types/supabase.ts

@@ -128,7 +128,7 @@ export type RPCFunction =
   | 'rbac_page_access_check'
   | 'rbac_role_grant'
   | 'rbac_role_revoke'
-  | 'rbac_roles_list'
+  | 'data_rbac_roles_list'
   | 'rbac_role_validate'
   | 'rbac_session_track'
   | 'rbac_audit_log'
@@ -137,8 +137,7 @@ export type RPCFunction =
   | 'data_user_organisation_roles_get'
   | 'data_user_organisations_get'
   | 'data_cake_meals_get'
-  // Utility Functions
-  | 'util_app_resolve'
+  | 'data_app_resolve'
   | 'debug_auth_context'
   | 'handle_new_user'
   // Other functions