From 7830b92571dcff0d0190192e69c61acb42d52151 Mon Sep 17 00:00:00 2001 From: Karli Date: Wed, 24 Sep 2025 14:54:53 +0300 Subject: [PATCH 1/2] feat(MED-97): migrations fix timestamps --- ...3162326_analysis_response_elements_fix.sql | 2 +- ...145250_create_account_balance_entries.sql} | 0 ...5251_fix_benefit_distribution_trigger.sql} | 0 ...sql => 20250924145252_fix_permissions.sql} | 0 ... => 20250924145253_fix_upsert_and_rls.sql} | 22 ++++--------------- 5 files changed, 5 insertions(+), 19 deletions(-) rename supabase/migrations/{20250101000000_create_account_balance_entries.sql => 20250924145250_create_account_balance_entries.sql} (100%) rename supabase/migrations/{20250101000001_fix_benefit_distribution_trigger.sql => 20250924145251_fix_benefit_distribution_trigger.sql} (100%) rename supabase/migrations/{20250101000002_fix_permissions.sql => 20250924145252_fix_permissions.sql} (100%) rename supabase/migrations/{20250101000003_fix_upsert_and_rls.sql => 20250924145253_fix_upsert_and_rls.sql} (85%) diff --git a/supabase/migrations/20250923162326_analysis_response_elements_fix.sql b/supabase/migrations/20250923162326_analysis_response_elements_fix.sql index cd82c5b..219895d 100644 --- a/supabase/migrations/20250923162326_analysis_response_elements_fix.sql +++ b/supabase/migrations/20250923162326_analysis_response_elements_fix.sql @@ -1,7 +1,7 @@ -- Drop existing constraint and index for analysis_response_elements -DROP INDEX IF EXISTS "medreport"."analysis_response_elements_unique_by_response_and_element"; ALTER TABLE "medreport"."analysis_response_elements" DROP CONSTRAINT IF EXISTS "analysis_response_elements_unique_by_response_and_element"; +DROP INDEX IF EXISTS "medreport"."analysis_response_elements_unique_by_response_and_element"; -- Create proper unique constraint that works with ON CONFLICT ALTER TABLE "medreport"."analysis_response_elements" diff --git a/supabase/migrations/20250101000000_create_account_balance_entries.sql b/supabase/migrations/20250924145250_create_account_balance_entries.sql similarity index 100% rename from supabase/migrations/20250101000000_create_account_balance_entries.sql rename to supabase/migrations/20250924145250_create_account_balance_entries.sql diff --git a/supabase/migrations/20250101000001_fix_benefit_distribution_trigger.sql b/supabase/migrations/20250924145251_fix_benefit_distribution_trigger.sql similarity index 100% rename from supabase/migrations/20250101000001_fix_benefit_distribution_trigger.sql rename to supabase/migrations/20250924145251_fix_benefit_distribution_trigger.sql diff --git a/supabase/migrations/20250101000002_fix_permissions.sql b/supabase/migrations/20250924145252_fix_permissions.sql similarity index 100% rename from supabase/migrations/20250101000002_fix_permissions.sql rename to supabase/migrations/20250924145252_fix_permissions.sql diff --git a/supabase/migrations/20250101000003_fix_upsert_and_rls.sql b/supabase/migrations/20250924145253_fix_upsert_and_rls.sql similarity index 85% rename from supabase/migrations/20250101000003_fix_upsert_and_rls.sql rename to supabase/migrations/20250924145253_fix_upsert_and_rls.sql index f3b7595..d6d7589 100644 --- a/supabase/migrations/20250101000003_fix_upsert_and_rls.sql +++ b/supabase/migrations/20250924145253_fix_upsert_and_rls.sql @@ -50,23 +50,10 @@ begin end; $$; --- 2. Add RLS policy for authenticated users to read distribution schedules -create policy "Users can view distribution schedules for their companies" - on "medreport"."benefit_distribution_schedule" - for select - to authenticated - using ( - company_id in ( - select account_id - from medreport.accounts_memberships - where user_id = auth.uid() - ) - ); - --- 3. Grant permissions to authenticated users +-- 2. Grant permissions to authenticated users grant select, insert, update, delete on table "medreport"."benefit_distribution_schedule" to authenticated; --- 4. Grant execute permissions to all functions +-- 3. Grant execute permissions to all functions grant execute on function medreport.get_account_balance(uuid) to authenticated; grant execute on function medreport.distribute_health_benefits(uuid, numeric, text) to authenticated; grant execute on function medreport.consume_account_balance(uuid, numeric, text, text) to authenticated; @@ -76,7 +63,7 @@ grant execute on function medreport.trigger_benefit_distribution(uuid) to authen grant execute on function medreport.trigger_distribute_benefits() to authenticated; grant execute on function medreport.process_periodic_benefit_distributions() to authenticated; --- 5. Ensure trigger function has security definer +-- 4. Ensure trigger function has security definer create or replace function medreport.trigger_distribute_benefits() returns trigger language plpgsql @@ -109,6 +96,5 @@ begin end; $$; --- 6. Grant execute permission to the updated trigger function +-- 5. Grant execute permission to the updated trigger function grant execute on function medreport.trigger_distribute_benefits() to authenticated, service_role; - From a520c04a02ed430d7350fbf379a66c2f06406606 Mon Sep 17 00:00:00 2001 From: Karli Date: Wed, 24 Sep 2025 14:57:52 +0300 Subject: [PATCH 2/2] feat(MED-97): clean up --- .../20250924145253_fix_upsert_and_rls.sql | 46 ------------------- 1 file changed, 46 deletions(-) diff --git a/supabase/migrations/20250924145253_fix_upsert_and_rls.sql b/supabase/migrations/20250924145253_fix_upsert_and_rls.sql index d6d7589..b03c9c0 100644 --- a/supabase/migrations/20250924145253_fix_upsert_and_rls.sql +++ b/supabase/migrations/20250924145253_fix_upsert_and_rls.sql @@ -52,49 +52,3 @@ $$; -- 2. Grant permissions to authenticated users grant select, insert, update, delete on table "medreport"."benefit_distribution_schedule" to authenticated; - --- 3. Grant execute permissions to all functions -grant execute on function medreport.get_account_balance(uuid) to authenticated; -grant execute on function medreport.distribute_health_benefits(uuid, numeric, text) to authenticated; -grant execute on function medreport.consume_account_balance(uuid, numeric, text, text) to authenticated; -grant execute on function medreport.upsert_benefit_distribution_schedule(uuid, numeric, text) to authenticated; -grant execute on function medreport.calculate_next_distribution_date(text, timestamp with time zone) to authenticated; -grant execute on function medreport.trigger_benefit_distribution(uuid) to authenticated; -grant execute on function medreport.trigger_distribute_benefits() to authenticated; -grant execute on function medreport.process_periodic_benefit_distributions() to authenticated; - --- 4. Ensure trigger function has security definer -create or replace function medreport.trigger_distribute_benefits() -returns trigger -language plpgsql -security definer -as $$ -begin - -- Only distribute if benefit_amount is set and greater than 0 - if new.benefit_amount is not null and new.benefit_amount > 0 then - -- Distribute benefits to all company members immediately - perform medreport.distribute_health_benefits( - new.account_id, - new.benefit_amount, - coalesce(new.benefit_occurance, 'yearly') - ); - - -- Create or update the distribution schedule for future distributions - perform medreport.upsert_benefit_distribution_schedule( - new.account_id, - new.benefit_amount, - coalesce(new.benefit_occurance, 'yearly') - ); - else - -- If benefit_amount is 0 or null, deactivate the schedule - update medreport.benefit_distribution_schedule - set is_active = false, updated_at = now() - where company_id = new.account_id; - end if; - - return new; -end; -$$; - --- 5. Grant execute permission to the updated trigger function -grant execute on function medreport.trigger_distribute_benefits() to authenticated, service_role;