Skip to content

feat: add security improvements and fixes to supabase schema #99

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Hebx wants to merge 1 commit into
base: pr-63-schema-corrections
Choose a base branch
from
Open

feat: add security improvements and fixes to supabase schema #99

Hebx wants to merge 1 commit into from

Conversation

@Hebx
Copy link
Contributor

@Hebx Hebx commented Nov 14, 2025

Description

This PR stacks on top of pr-63-schema-corrections and adds security improvements, idempotency fixes, and additional enhancements to the Supabase database schema migration.

Type of Change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation update
  • Release (version bump)

What's Changed

Security Enhancements

  • NOT NULL constraint on conversations.user_id: Prevents potential RLS bypass scenarios where NULL user_id could be inserted
  • SECURITY DEFINER functions with validation: Added SECURITY DEFINER to helper functions (get_conversation_with_messages, get_user_conversations) with explicit auth.uid() checks to ensure users can only access their own data
  • Tighter realtime broadcast policy: Removed public/shared channel allowance, now only allows user-specific channels (format: conversations:user:{userId} or messages:user:{userId})
  • Explicit function permissions: Added GRANT EXECUTE permissions for helper functions

Idempotency Improvements

  • DROP TRIGGER IF EXISTS: Added before all trigger creations to allow safe re-runs
  • Idempotent realtime publication: Wrapped ALTER PUBLICATION in a DO block with existence checks to prevent errors on re-runs
  • Idempotent column additions: Used ADD COLUMN IF NOT EXISTS for user preference columns

Bug Fixes

  • NULL handling in messages_changes() trigger: Added NULL check to handle CASCADE DELETE scenarios gracefully. When a conversation is deleted, messages are cascade-deleted, and the trigger would fail trying to broadcast for a non-existent conversation. Now it logs and skips the broadcast.
  • Token CA NULL handling: Added migration to set NULL token_ca values to default UUID and set default value for future inserts

New Features

  • User preference columns: Added instant_buy_amount (NUMERIC) and instayield_enabled (BOOLEAN) to users table
  • Comprehensive migrations README: Added detailed documentation in supabase/migrations/README.md with installation methods, troubleshooting, and verification steps

Documentation Improvements

  • Corrected message role comment: Clarified that tool data (tool_use, tool_result) is stored in metadata.parts, not as role values
  • Added function comments: Documented security considerations and usage for helper functions
  • Added data retention policy comment: Explicitly documented that users cannot delete their own profiles (no DELETE policy)

Files Changed

  • supabase/migrations/20250101000000_initial_schema.sql - Enhanced with security, idempotency, and bug fixes
  • supabase/migrations/README.md - New comprehensive migration documentation

Testing

The migration is idempotent and can be safely run multiple times. To test:

  1. Run migration on fresh database:

    -- Copy and paste entire migration file into Supabase SQL Editor
-- Should complete without errors

  2. Re-run migration (idempotency test):

    -- Run the same migration again
-- Should complete without errors (all IF NOT EXISTS checks should pass)

  3. Verify security:

    • Test that users can only access their own conversations/messages
    • Test that helper functions enforce user ownership
    • Test that realtime broadcasts only work for user-specific channels

  4. Verify NULL handling:

    • Create a conversation with messages
    • Delete the conversation
    • Verify no errors in logs (CASCADE DELETE should be handled gracefully)

Checklist

  • My code follows the project's style guidelines
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • My changes generate no new warnings or errors
  • Migration is idempotent and can be safely re-run
  • Security improvements maintain backward compatibility
  • Documentation is comprehensive and accurate

@Hebx
feat: add security improvements and fixes to supabase schema
6b34ead 
- Add idempotency improvements (DROP TRIGGER IF EXISTS, idempotent publication adds)
- Add security enhancements (NOT NULL constraints, SECURITY DEFINER functions, tighter RLS)
- Fix NULL handling in messages_changes() trigger for CASCADE DELETE scenarios
- Add user preference columns (instant_buy_amount, instayield_enabled)
- Fix token_ca NULL handling with default value
- Add comprehensive migrations README documentation
- Improve comments and documentation throughout
@vercel
Copy link

vercel bot commented Nov 14, 2025

@Hebx is attempting to deploy a commit to the dark Team on Vercel.

A member of the Team first needs to authorize it.

@Hebx
Copy link
Contributor Author

Hebx commented Nov 14, 2025

@edgarpavlovsky I've rebased my branch on top of your pr-63-schema-corrections branch. The description above outlines what I'm adding. Happy to adjust if you'd like.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Hebx