k4rli/medreport_mrb2b
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1275f23bb1a754f62c532f769e41cad7a2360d98
medreport_mrb2b/supabase/migrations/20250924145252_fix_permissions.sql

49 lines
2.2 KiB
PL/PgSQL
Raw Blame History

-- Quick fix for RLS permissions issue
-- Run this immediately to fix the permission denied error
-- Grant execute permissions to authenticated users for all benefit distribution functions
grant execute on function medreport.get_account_balance(uuid) to authenticated;
grant execute on function medreport.distribute_health_benefits(uuid, numeric, text) to authenticated;
grant execute on function medreport.consume_account_balance(uuid, numeric, text, text) to authenticated;
grant execute on function medreport.upsert_benefit_distribution_schedule(uuid, numeric, text) to authenticated;
grant execute on function medreport.calculate_next_distribution_date(text, timestamp with time zone) to authenticated;
grant execute on function medreport.trigger_benefit_distribution(uuid) to authenticated;
grant execute on function medreport.trigger_distribute_benefits() to authenticated;
grant execute on function medreport.process_periodic_benefit_distributions() to authenticated;
-- Also ensure the trigger function has security definer
create or replace function medreport.trigger_distribute_benefits()
returns trigger
language plpgsql
security definer
as $$
begin
-- Only distribute if benefit_amount is set and greater than 0
if new.benefit_amount is not null and new.benefit_amount > 0 then
-- Distribute benefits to all company members immediately
perform medreport.distribute_health_benefits(
new.account_id,
new.benefit_amount,
coalesce(new.benefit_occurance, 'yearly')
);
-- Create or update the distribution schedule for future distributions
perform medreport.upsert_benefit_distribution_schedule(
new.account_id,
new.benefit_amount,
coalesce(new.benefit_occurance, 'yearly')
);
else
-- If benefit_amount is 0 or null, deactivate the schedule
update medreport.benefit_distribution_schedule
set is_active = false, updated_at = now()
where company_id = new.account_id;
end if;
return new;
end;
$$;
-- Grant execute permission to the updated trigger function
grant execute on function medreport.trigger_distribute_benefits() to authenticated, service_role;
Reference in New Issue View Git Blame Copy Permalink