@pol-studios/db 1.0.9 → 1.0.10

package/dist/chunk-ERGF2FCE.js

@@ -0,0 +1,903 @@
+import {
+  useDbQuery,
+  useDbUpsert
+} from "./chunk-GK7B66LY.js";
+import {
+  isUsable,
+  newUuid
+} from "./chunk-O3K7R32P.js";
+import {
+  typedSupabase,
+  useSupabase
+} from "./chunk-AWFMICFV.js";
+
+// src/auth/context/setupAuthContext.tsx
+import { createContext } from "react";
+import { jsx } from "react/jsx-runtime";
+var setupAuthContext = createContext({});
+function SetupAuthContextProvider({
+  children,
+  auth
+}) {
+  return /* @__PURE__ */ jsx(setupAuthContext.Provider, { value: auth, children });
+}
+
+// src/auth/context/PermissionContext.tsx
+import {
+  createContext as createContext2,
+  useCallback,
+  useContext,
+  useEffect,
+  useMemo,
+  useRef,
+  useState
+} from "react";
+import { jsx as jsx2 } from "react/jsx-runtime";
+function getCacheKey(userId, entityType, entityId) {
+  return `${userId || "anon"}:${entityType}:${entityId}`;
+}
+var loadingPermission = {
+  canView: false,
+  canAdminView: false,
+  canEdit: false,
+  canCreate: false,
+  canDelete: false,
+  canShare: false,
+  permissionLevel: null,
+  isLoading: true
+};
+var noPermission = {
+  canView: false,
+  canAdminView: false,
+  canEdit: false,
+  canCreate: false,
+  canDelete: false,
+  canShare: false,
+  permissionLevel: null,
+  isLoading: false,
+  isDenied: false
+};
+var deniedPermission = {
+  canView: false,
+  canAdminView: false,
+  canEdit: false,
+  canCreate: false,
+  canDelete: false,
+  canShare: false,
+  permissionLevel: null,
+  isLoading: false,
+  isDenied: true
+};
+function mapPermissionLevel(level) {
+  if (!level) {
+    return noPermission;
+  }
+  const normalizedLevel = level.toLowerCase();
+  switch (normalizedLevel) {
+    // Legacy format: ReadOnly, New format: view
+    case "readonly":
+    case "view":
+      return {
+        canView: true,
+        canAdminView: false,
+        canEdit: false,
+        canCreate: false,
+        canDelete: false,
+        canShare: false,
+        permissionLevel: "ReadOnly",
+        isLoading: false,
+        isDenied: false
+      };
+    // Legacy format: AdminReadOnly (no new equivalent, keep for backwards compatibility)
+    case "adminreadonly":
+      return {
+        canView: true,
+        canAdminView: true,
+        canEdit: false,
+        canCreate: false,
+        canDelete: false,
+        canShare: false,
+        permissionLevel: "AdminReadOnly",
+        isLoading: false,
+        isDenied: false
+      };
+    // Legacy format: ReadWrite, New format: edit
+    case "readwrite":
+    case "edit":
+      return {
+        canView: true,
+        canAdminView: false,
+        canEdit: true,
+        canCreate: true,
+        canDelete: false,
+        canShare: false,
+        permissionLevel: "ReadWrite",
+        isLoading: false,
+        isDenied: false
+      };
+    // Legacy format: Admin, New format: admin
+    case "admin":
+      return {
+        canView: true,
+        canAdminView: true,
+        canEdit: true,
+        canCreate: true,
+        canDelete: true,
+        canShare: true,
+        permissionLevel: "Admin",
+        isLoading: false,
+        isDenied: false
+      };
+    // New format: denied - explicit access denial
+    case "denied":
+      return deniedPermission;
+    default:
+      console.warn(`Unknown permission level: ${level}`);
+      return noPermission;
+  }
+}
+var permissionContext = createContext2(
+  {}
+);
+var entityPermissionContext = permissionContext;
+var CACHE_TTL_MS = 5 * 60 * 1e3;
+var ERROR_CACHE_TTL_MS = 30 * 1e3;
+var BATCH_DELAY_MS = 50;
+function PermissionProvider({ children }) {
+  const supabase = useSupabase();
+  const setupAuth = useContext(setupAuthContext);
+  const user = setupAuth?.user;
+  const cacheRef = useRef(/* @__PURE__ */ new Map());
+  const pendingLookupsRef = useRef(/* @__PURE__ */ new Set());
+  const inFlightRef = useRef(/* @__PURE__ */ new Set());
+  const batchTimerRef = useRef(null);
+  const [isLoading, setIsLoading] = useState(false);
+  const [, forceUpdate] = useState(0);
+  const cleanupExpiredEntries = useCallback(() => {
+    const now = Date.now();
+    const cache = cacheRef.current;
+    let hasExpired = false;
+    for (const [key, entry] of cache.entries()) {
+      if (entry.expiresAt < now) {
+        cache.delete(key);
+        hasExpired = true;
+      }
+    }
+    if (hasExpired) {
+      forceUpdate((prev) => prev + 1);
+    }
+  }, []);
+  useEffect(() => {
+    const cleanupInterval = setInterval(cleanupExpiredEntries, 60 * 1e3);
+    return () => clearInterval(cleanupInterval);
+  }, [cleanupExpiredEntries]);
+  const executeBatchLookup = useCallback(async () => {
+    const pending = Array.from(pendingLookupsRef.current);
+    pendingLookupsRef.current.clear();
+    if (pending.length === 0 || !user?.id) {
+      return;
+    }
+    pending.forEach((k) => inFlightRef.current.add(k));
+    setIsLoading(true);
+    try {
+      const entities = pending.map((key) => {
+        const parts = key.split(":");
+        const entityType = parts[1];
+        const entityIdStr = parts[2];
+        return {
+          entity_type: entityType,
+          entity_id: parseInt(entityIdStr, 10)
+        };
+      });
+      const { data, error } = await supabase.rpc(
+        "get_user_entity_permissions",
+        {
+          p_user_id: user.id,
+          p_entities: entities
+        }
+      );
+      if (error) {
+        console.error("Failed to fetch entity permissions:", error);
+        const cache = cacheRef.current;
+        const now = Date.now();
+        for (const key of pending) {
+          cache.set(key, {
+            permission: noPermission,
+            expiresAt: now + ERROR_CACHE_TTL_MS
+          });
+        }
+      } else if (data) {
+        const cache = cacheRef.current;
+        const now = Date.now();
+        const resultsMap = /* @__PURE__ */ new Map();
+        const results = data;
+        for (const result of results) {
+          const key = getCacheKey(
+            user?.id,
+            result.entity_type,
+            result.entity_id
+          );
+          resultsMap.set(key, result.permission);
+        }
+        for (const key of pending) {
+          const permissionLevel = resultsMap.get(key) || null;
+          cache.set(key, {
+            permission: mapPermissionLevel(permissionLevel),
+            expiresAt: now + CACHE_TTL_MS
+          });
+        }
+      }
+      forceUpdate((prev) => prev + 1);
+    } catch (err) {
+      console.error("Unexpected error fetching entity permissions:", err);
+    } finally {
+      pending.forEach((k) => inFlightRef.current.delete(k));
+      setIsLoading(false);
+    }
+  }, [supabase, user?.id]);
+  const scheduleBatchLookup = useCallback(() => {
+    if (batchTimerRef.current) {
+      clearTimeout(batchTimerRef.current);
+    }
+    batchTimerRef.current = setTimeout(() => {
+      batchTimerRef.current = null;
+      executeBatchLookup();
+    }, BATCH_DELAY_MS);
+  }, [executeBatchLookup]);
+  const getPermission = useCallback(
+    (entityType, entityId) => {
+      const key = getCacheKey(user?.id, entityType, entityId);
+      const cache = cacheRef.current;
+      const cached = cache.get(key);
+      const now = Date.now();
+      if (cached && cached.expiresAt > now) {
+        return cached.permission;
+      }
+      if (!pendingLookupsRef.current.has(key) && !inFlightRef.current.has(key)) {
+        pendingLookupsRef.current.add(key);
+        scheduleBatchLookup();
+      }
+      return loadingPermission;
+    },
+    [scheduleBatchLookup, user?.id]
+  );
+  const checkPermission = useCallback(
+    (entityType, entityId, action) => {
+      const permission = getPermission(entityType, entityId);
+      if (permission.isLoading) {
+        return false;
+      }
+      switch (action) {
+        case "view":
+          return permission.canView;
+        case "adminView":
+          return permission.canAdminView;
+        case "edit":
+          return permission.canEdit;
+        case "create":
+          return permission.canCreate;
+        case "delete":
+          return permission.canDelete;
+        case "share":
+          return permission.canShare;
+        default:
+          return false;
+      }
+    },
+    [getPermission]
+  );
+  const prefetchPermissions = useCallback(
+    async (entities) => {
+      if (!user?.id || entities.length === 0) {
+        return;
+      }
+      const cache = cacheRef.current;
+      const now = Date.now();
+      const toFetch = entities.filter((entity) => {
+        const key = getCacheKey(user?.id, entity.entityType, entity.entityId);
+        const cached = cache.get(key);
+        const isPending = pendingLookupsRef.current.has(key);
+        const isInFlight = inFlightRef.current.has(key);
+        return !isPending && !isInFlight && (!cached || cached.expiresAt <= now);
+      });
+      if (toFetch.length === 0) {
+        return;
+      }
+      setIsLoading(true);
+      try {
+        const entitiesParam = toFetch.map((e) => ({
+          entity_type: e.entityType,
+          entity_id: e.entityId
+        }));
+        const { data, error } = await supabase.rpc(
+          "get_user_entity_permissions",
+          {
+            p_user_id: user.id,
+            p_entities: entitiesParam
+          }
+        );
+        if (error) {
+          console.error("Failed to prefetch entity permissions:", error);
+          return;
+        }
+        if (data) {
+          const cacheTimestamp = Date.now();
+          const resultsMap = /* @__PURE__ */ new Map();
+          const results = data;
+          for (const result of results) {
+            const key = getCacheKey(
+              user?.id,
+              result.entity_type,
+              result.entity_id
+            );
+            resultsMap.set(key, result.permission);
+          }
+          for (const entity of toFetch) {
+            const key = getCacheKey(
+              user?.id,
+              entity.entityType,
+              entity.entityId
+            );
+            const permissionLevel = resultsMap.get(key) || null;
+            cache.set(key, {
+              permission: mapPermissionLevel(permissionLevel),
+              expiresAt: cacheTimestamp + CACHE_TTL_MS
+            });
+          }
+          forceUpdate((prev) => prev + 1);
+        }
+      } catch (err) {
+        console.error("Unexpected error prefetching entity permissions:", err);
+      } finally {
+        setIsLoading(false);
+      }
+    },
+    [supabase, user?.id]
+  );
+  const invalidatePermission = useCallback(
+    (entityType, entityId) => {
+      const key = getCacheKey(user?.id, entityType, entityId);
+      cacheRef.current.delete(key);
+      forceUpdate((prev) => prev + 1);
+    },
+    [user?.id]
+  );
+  const parseScopedAccessKey = useCallback(
+    (key) => {
+      if (!key || typeof key !== "string") {
+        return null;
+      }
+      const parts = key.split(":");
+      if (parts.length < 2) {
+        return null;
+      }
+      const entityType = parts[0];
+      const entityId = parseInt(parts[1], 10);
+      if (isNaN(entityId)) {
+        return null;
+      }
+      const entityTypeMap = {
+        client: "Client",
+        project: "Project",
+        database: "ProjectDatabase",
+        projectdatabase: "ProjectDatabase"
+      };
+      const normalizedEntityType = entityTypeMap[entityType.toLowerCase()];
+      if (!normalizedEntityType) {
+        return null;
+      }
+      return { entityType: normalizedEntityType, entityId };
+    },
+    []
+  );
+  useEffect(() => {
+    if (!user?.id) {
+      return;
+    }
+    const channel = supabase.channel(`entity-permissions-${user.id}`).on(
+      "postgres_changes",
+      {
+        event: "*",
+        schema: "core",
+        table: "UserAccess",
+        filter: `userId=eq.${user.id}`
+      },
+      (payload) => {
+        if (payload.new && typeof payload.new === "object" && "scopedAccessKey" in payload.new && typeof payload.new.scopedAccessKey === "string") {
+          const parsed = parseScopedAccessKey(payload.new.scopedAccessKey);
+          if (parsed) {
+            invalidatePermission(parsed.entityType, parsed.entityId);
+          }
+        }
+        if (payload.old && typeof payload.old === "object" && "scopedAccessKey" in payload.old && typeof payload.old.scopedAccessKey === "string") {
+          const parsed = parseScopedAccessKey(payload.old.scopedAccessKey);
+          if (parsed) {
+            invalidatePermission(parsed.entityType, parsed.entityId);
+          }
+        }
+      }
+    ).subscribe();
+    return () => {
+      channel.unsubscribe();
+      supabase.removeChannel(channel);
+    };
+  }, [supabase, user?.id, invalidatePermission, parseScopedAccessKey]);
+  useEffect(() => {
+    cacheRef.current.clear();
+    pendingLookupsRef.current.clear();
+    inFlightRef.current.clear();
+    if (batchTimerRef.current) {
+      clearTimeout(batchTimerRef.current);
+      batchTimerRef.current = null;
+    }
+    forceUpdate((prev) => prev + 1);
+  }, [user?.id]);
+  useEffect(() => {
+    return () => {
+      if (batchTimerRef.current) {
+        clearTimeout(batchTimerRef.current);
+      }
+    };
+  }, []);
+  const value = useMemo(
+    () => ({
+      getPermission,
+      checkPermission,
+      prefetchPermissions,
+      invalidatePermission,
+      isLoading
+    }),
+    [
+      getPermission,
+      checkPermission,
+      prefetchPermissions,
+      invalidatePermission,
+      isLoading
+    ]
+  );
+  return /* @__PURE__ */ jsx2(permissionContext.Provider, { value, children });
+}
+function usePermissions() {
+  const context = useContext(permissionContext);
+  if (!context || Object.keys(context).length === 0) {
+    throw new Error("usePermissions must be used within a PermissionProvider");
+  }
+  return context;
+}
+
+// src/auth/context/AuthProvider.tsx
+import {
+  useCallback as useCallback2,
+  useEffect as useEffect2,
+  useMemo as useMemo2,
+  useRef as useRef2,
+  useState as useState2
+} from "react";
+import { jsx as jsx3 } from "react/jsx-runtime";
+var profileQuery = typedSupabase?.schema("core").from("Profile").select("*, UserAccess(accessKey), status").single();
+function AuthProvider({
+  children,
+  enableEntityPermissions = false
+}) {
+  const supabase = useSupabase();
+  const [currentUser, setCurrentUser] = useState2(
+    void 0
+  );
+  const [userNeedsChange, setUserNeedsChange] = useState2(true);
+  const [onSignOutCallbacks, setOnSignOutCallbacks] = useState2(
+    /* @__PURE__ */ new Map()
+  );
+  async function registerAsync(register) {
+    const response = await supabase.auth.signUp(register);
+    setCurrentUser(response.data.user);
+    return response;
+  }
+  async function signInAsync(username, password) {
+    const response = await supabase.auth.signInWithPassword({
+      email: username,
+      password
+    });
+    if (response.data) {
+      setCurrentUser(response.data.user);
+    }
+    return response;
+  }
+  async function signOutAsync() {
+    const response = await supabase.auth.signOut();
+    if (isUsable(response.error) === false) {
+      Array.from(onSignOutCallbacks.values()).forEach((x) => {
+        x();
+      });
+    }
+    return response;
+  }
+  function onSignOut(action) {
+    const id = newUuid();
+    setOnSignOutCallbacks((x) => new Map(x).set(id, action));
+    return id;
+  }
+  function removeOnSignOut(id) {
+    setOnSignOutCallbacks((x) => {
+      const map = new Map(x);
+      map.delete(id);
+      return map;
+    });
+  }
+  async function refreshAsync() {
+  }
+  useEffect2(() => {
+    const request = supabase.auth.onAuthStateChange((event) => {
+      if (event === "SIGNED_IN" || event === "SIGNED_OUT") {
+        setUserNeedsChange(true);
+      }
+    });
+    return () => {
+      request.data.subscription.unsubscribe();
+    };
+  }, [supabase.auth]);
+  useEffect2(() => {
+    if (userNeedsChange === false) return;
+    supabase.auth.getSession().then((x) => {
+      setCurrentUser(x?.data?.session?.user ?? null);
+      setUserNeedsChange(false);
+    });
+  }, [userNeedsChange]);
+  const profileRequest = useDbQuery(
+    supabase.schema("core").from("Profile").select("*, UserAccess(accessKey), status").eq("id", currentUser?.id).limit(1).maybeSingle(),
+    {
+      enabled: isUsable(currentUser),
+      crossOrganization: true
+    }
+  );
+  const accessKeysRequest = useDbQuery(
+    supabase.schema("core").rpc("get_user_access_keys", {
+      user_id: currentUser?.id
+    }),
+    {
+      enabled: isUsable(currentUser),
+      crossOrganization: true
+    }
+  );
+  const refetchAccessKeys = useCallback2(() => {
+    accessKeysRequest.refetch();
+  }, [accessKeysRequest.refetch]);
+  const userGroupIdsRef = useRef2(/* @__PURE__ */ new Set());
+  useEffect2(() => {
+    if (accessKeysRequest.data) {
+      const groupIds = /* @__PURE__ */ new Set();
+      for (const item of accessKeysRequest.data) {
+        if (item.source === "group" && item.source_id) {
+          groupIds.add(item.source_id);
+        }
+      }
+      userGroupIdsRef.current = groupIds;
+    }
+  }, [accessKeysRequest.data]);
+  useEffect2(() => {
+    if (!currentUser?.id) return;
+    const channel = supabase.channel(`user-access-keys-${currentUser.id}`).on(
+      "postgres_changes",
+      {
+        event: "*",
+        schema: "core",
+        table: "UserAccess",
+        filter: `userId=eq.${currentUser.id}`
+      },
+      () => {
+        refetchAccessKeys();
+      }
+    ).on(
+      "postgres_changes",
+      {
+        event: "*",
+        schema: "core",
+        table: "UserGroup",
+        filter: `userId=eq.${currentUser.id}`
+      },
+      () => {
+        refetchAccessKeys();
+      }
+    ).on(
+      "postgres_changes",
+      {
+        event: "*",
+        schema: "core",
+        table: "GroupAccessKey"
+      },
+      (payload) => {
+        const groupId = payload.new?.groupId || payload.old?.groupId;
+        if (groupId && userGroupIdsRef.current.has(groupId)) {
+          refetchAccessKeys();
+        }
+      }
+    ).on(
+      "postgres_changes",
+      {
+        event: "UPDATE",
+        schema: "core",
+        table: "Group"
+      },
+      (payload) => {
+        const oldActive = payload.old?.isActive;
+        const newActive = payload.new?.isActive;
+        const groupId = payload.new?.id;
+        if (oldActive !== newActive && groupId && userGroupIdsRef.current.has(groupId)) {
+          refetchAccessKeys();
+        }
+      }
+    ).subscribe();
+    return () => {
+      channel.unsubscribe();
+      supabase.removeChannel(channel);
+    };
+  }, [supabase, currentUser?.id, refetchAccessKeys]);
+  useEffect2(() => {
+    if (!currentUser?.id) return;
+    const profileChannel = supabase.channel(`profile-status-${currentUser.id}`).on(
+      "postgres_changes",
+      {
+        event: "UPDATE",
+        schema: "core",
+        table: "Profile",
+        filter: `id=eq.${currentUser.id}`
+      },
+      (payload) => {
+        const newStatus = payload.new?.status;
+        const oldStatus = payload.old?.status;
+        if (oldStatus === "active" && (newStatus === "archived" || newStatus === "suspended")) {
+          signOutAsync();
+        }
+        profileRequest.refetch();
+      }
+    ).subscribe();
+    return () => {
+      profileChannel.unsubscribe();
+      supabase.removeChannel(profileChannel);
+    };
+  }, [supabase, currentUser?.id, profileRequest.refetch]);
+  const combinedAccess = useMemo2(() => {
+    if (accessKeysRequest.data) {
+      const uniqueKeys = /* @__PURE__ */ new Set();
+      for (const item of accessKeysRequest.data) {
+        if (item.access_key) {
+          uniqueKeys.add(item.access_key);
+        }
+      }
+      return Array.from(uniqueKeys);
+    }
+    return profileRequest.data?.UserAccess?.map((x) => x.accessKey) || [];
+  }, [accessKeysRequest.data, profileRequest.data?.UserAccess]);
+  const profileStatus = profileRequest.data?.status;
+  const isArchived = profileStatus === "archived";
+  const isSuspended = profileStatus === "suspended";
+  const hasAccess = useCallback2(
+    (key) => {
+      if (isArchived || isSuspended) {
+        return false;
+      }
+      const accessGiven = combinedAccess;
+      if (isUsable(accessGiven) === false) return false;
+      if (accessGiven.includes("owner")) return true;
+      if (accessGiven.includes(key)) return true;
+      if (isUsable(key) === false) return true;
+      return false;
+    },
+    [combinedAccess, isArchived, isSuspended]
+  );
+  const authStateWithLoading = useMemo2(
+    () => ({
+      hasAccess,
+      user: currentUser,
+      profile: profileRequest.data,
+      access: combinedAccess,
+      profileStatus,
+      isArchived,
+      isSuspended,
+      isLoading: currentUser === null ? false : profileRequest.isLoading || accessKeysRequest.isLoading || currentUser === void 0,
+      signInAsync,
+      signOutAsync,
+      onSignOut,
+      removeOnSignOut,
+      registerAsync,
+      refreshAsync
+    }),
+    [
+      profileRequest.data,
+      profileRequest.isLoading,
+      accessKeysRequest.data,
+      accessKeysRequest.isLoading,
+      currentUser,
+      combinedAccess,
+      profileStatus,
+      isArchived,
+      isSuspended,
+      hasAccess
+    ]
+  );
+  const content = enableEntityPermissions ? /* @__PURE__ */ jsx3(PermissionProvider, { children }) : children;
+  return /* @__PURE__ */ jsx3(setupAuthContext.Provider, { value: authStateWithLoading, children: content });
+}
+
+// src/auth/context/UserMetadataContext.tsx
+import {
+  createContext as createContext3,
+  useContext as useContext2,
+  useEffect as useEffect3,
+  useMemo as useMemo3,
+  useState as useState3,
+  useCallback as useCallback3,
+  useRef as useRef3
+} from "react";
+import { jsx as jsx4 } from "react/jsx-runtime";
+var UserMetadataQuery = {
+  schema: "core",
+  table: "UserMetadata",
+  defaultQuery: "key, userId, value"
+};
+var userMetadataContext = createContext3(null);
+function UserMetadataProvider({ children }) {
+  const supabase = useSupabase();
+  const [metadata, setMetadataState] = useState3({});
+  const [isLoading, setIsLoading] = useState3(true);
+  const [error, setError] = useState3(null);
+  const setupAuth = useContext2(setupAuthContext);
+  const userId = setupAuth?.user?.id;
+  const metadataQuery = useDbQuery(
+    supabase.schema("core").from("UserMetadata").select(UserMetadataQuery.defaultQuery).eq("userId", userId).order("key"),
+    {
+      enabled: isUsable(userId),
+      crossOrganization: true
+    }
+  );
+  const upsertMutation = useDbUpsert(
+    { table: "UserMetadata", schema: "core" },
+    ["userId", "key"],
+    UserMetadataQuery.defaultQuery
+  );
+  const upsertMutationRef = useRef3(upsertMutation);
+  upsertMutationRef.current = upsertMutation;
+  useEffect3(() => {
+    if (metadataQuery.data) {
+      const metadataMap = {};
+      metadataQuery.data.forEach((item) => {
+        metadataMap[item.key] = item.value;
+      });
+      setMetadataState(metadataMap);
+      setIsLoading(false);
+      setError(null);
+    } else if (metadataQuery.error) {
+      setError(metadataQuery.error);
+      setIsLoading(false);
+    } else if (metadataQuery.isLoading) {
+      setIsLoading(true);
+    }
+  }, [metadataQuery.data, metadataQuery.error, metadataQuery.isLoading]);
+  const setMetadata = useCallback3(
+    async (key, value) => {
+      if (!userId) {
+        throw new Error("User not authenticated");
+      }
+      try {
+        await upsertMutationRef.current.mutateAsync({
+          userId,
+          key,
+          value
+        });
+        setMetadataState((prev) => ({
+          ...prev,
+          [key]: value
+        }));
+      } catch (err) {
+        setError(err);
+        throw err;
+      }
+    },
+    [userId]
+  );
+  const getMetadata = useCallback3(
+    (key) => {
+      return metadata[key];
+    },
+    [metadata]
+  );
+  const removeMetadata = useCallback3(
+    async (key) => {
+      if (!userId) {
+        throw new Error("User not authenticated");
+      }
+      try {
+        await supabase.schema("core").from("UserMetadata").delete().eq("userId", userId).eq("key", key);
+        setMetadataState((prev) => {
+          const newState = { ...prev };
+          delete newState[key];
+          return newState;
+        });
+      } catch (err) {
+        setError(err);
+        throw err;
+      }
+    },
+    [userId, supabase]
+  );
+  const refreshMetadata = useCallback3(async () => {
+    await metadataQuery.refetch();
+  }, [metadataQuery]);
+  const contextValue = useMemo3(
+    () => ({
+      metadata,
+      isLoading,
+      error,
+      setMetadata,
+      getMetadata,
+      removeMetadata,
+      refreshMetadata
+    }),
+    [
+      metadata,
+      isLoading,
+      error,
+      setMetadata,
+      getMetadata,
+      removeMetadata,
+      refreshMetadata
+    ]
+  );
+  return /* @__PURE__ */ jsx4(userMetadataContext.Provider, { value: contextValue, children });
+}
+function useUserMetadata() {
+  const context = useContext2(userMetadataContext);
+  if (!context) {
+    throw new Error(
+      "useUserMetadata must be used within a UserMetadataProvider"
+    );
+  }
+  return context;
+}
+function useUserMetadataValue(key) {
+  const { getMetadata } = useUserMetadata();
+  return getMetadata(key);
+}
+function useSetUserMetadata() {
+  const { setMetadata, removeMetadata } = useUserMetadata();
+  return { setMetadata, removeMetadata };
+}
+function useUserMetadataState(key, defaultValue, options) {
+  const { metadata, setMetadata, isLoading } = useUserMetadata();
+  const serialize = options?.serialize ?? ((value) => JSON.stringify(value));
+  const deserialize = options?.deserialize ?? ((value) => JSON.parse(value));
+  const currentValue = useMemo3(() => {
+    const rawValue = metadata[key];
+    if (!rawValue) return defaultValue;
+    try {
+      return deserialize(rawValue);
+    } catch (error) {
+      console.warn(`Failed to deserialize metadata for key "${key}":`, error);
+      return defaultValue;
+    }
+  }, [metadata, key, defaultValue, deserialize, isLoading]);
+  const setValue = useCallback3(
+    async (value) => {
+      const serializedValue = serialize(value);
+      await setMetadata(key, serializedValue);
+    },
+    [key, setMetadata, serialize]
+  );
+  return [currentValue, setValue, isLoading];
+}
+
+export {
+  setupAuthContext,
+  SetupAuthContextProvider,
+  permissionContext,
+  entityPermissionContext,
+  PermissionProvider,
+  usePermissions,
+  AuthProvider,
+  userMetadataContext,
+  UserMetadataProvider,
+  useUserMetadata,
+  useUserMetadataValue,
+  useSetUserMetadata,
+  useUserMetadataState
+};
+//# sourceMappingURL=chunk-ERGF2FCE.js.map