Closed absolutegravitas closed 1 week ago
@pontusab
Managed to make my local build of the dashboard to work with most of the functionality intact. Various mods to the migrations which are incorrect / cause issues. Especially:
handle_new_user
is created but there's nothing to actually transpose supabase auth.user fields to the user
table on public schema. This requires the creation of the actual trigger
-- trigger the update user table function every time a user is created
create trigger on_auth_user_created
after insert on auth.users
for each row execute procedure public.handle_new_user();
authenticated
users to view current_user_teams
-- these may be very hacky / overly permissive but will leave it to you to bake into the product (I cant do pull requests unfortunately atm)
GRANT USAGE ON SCHEMA public TO authenticated;
GRANT USAGE ON SCHEMA private TO authenticated;
GRANT SELECT ON public.users_on_team TO authenticated;
GRANT SELECT ON public.current_user_teams TO authenticated;
GRANT SELECT ON private.current_user_teams TO authenticated;
CREATE OR REPLACE POLICY "Team Member Access"
ON public.users_on_team
FOR SELECT
TO authenticated
USING (user_id = auth.uid());
cleaned up the actual migration that creates the current_user_team views, policies and actually set the check_function_bodies back to ON after being done
-- Set function body checking off for faster execution
SET check_function_bodies = OFF;
-- Create or replace view in private schema
CREATE OR REPLACE VIEW private.current_user_teams AS
SELECT auth.uid() AS user_id, t.team_id
FROM users_on_team t
WHERE t.user_id = auth.uid();
-- Create or replace view in public schema
CREATE OR REPLACE VIEW public.current_user_teams AS
SELECT auth.uid() AS user_id, t.team_id
FROM users_on_team t
WHERE t.user_id = auth.uid();
-- Create or replace function to get current user's team ID CREATE OR REPLACE FUNCTION public.get_current_user_team_id() RETURNS uuid LANGUAGE plpgsql AS $$ BEGIN RETURN (SELECT team_id FROM users WHERE id = auth.uid()); END; $$;
-- Drop existing policy DROP POLICY IF EXISTS "Enable read access for all users" ON public.users_on_team;
-- Create new policy CREATE POLICY "Team Member Access" ON public.users_on_team AS PERMISSIVE FOR SELECT TO authenticated USING ( EXISTS ( SELECT 1 FROM private.current_user_teams cut WHERE cut.user_id = auth.uid() AND cut.team_id = users_on_team.team_id ) );
-- Re-enable function body checking SET check_function_bodies = ON;
- i gave up on trigger.dev complaining about private API key being used and just commented affected <TriggerProvider and other code out for the dashboard to actually show a UI. Can't find any references online or in their docs and also tried removing `NEXT_PUBLIC_` prefix in case that was the issue to no effect.
![image](https://github.com/user-attachments/assets/d864f7a4-de4c-4149-9e82-2c63771c8643)
PostgrestError: permission denied for view current_user_teams when intially signing up / logging in on a local version of the repo with local supabase. Possibly related to https://github.com/midday-ai/midday/issues/185 as when i force go to /setup obviously I bypass the inbox / teams etc. routes and go through intial setup as expected.
Steps: 1 - start local supabase db via supabase cli using
supabase start
2 - update / add env vars
3 - update
config.toml
to include oAuth credentials / redirects4 - run
supabase db reset
to run migrations and seed script -- these appear to run without errors5 - run
bun dev
to test just dashboard part of the apps suite in/src/apps/dashboard
.6 - Go to localhost:3001/login to do oAuth flow
7- Auth flow works, user is redirected to localhost per config.toml as expected however page doesnt render due to the below error. This looks like one or more of the following migration sqls do not run even though the console screenshots above indicate otherwise. Specifically permissions on the current_user_teams view for the just authenticated user.