patrick/sojorn
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
sojorn/_legacy/supabase/migrations/20260113_security_remediations.sql
Patrick Britton 3c4680bdd7 Initial commit: Complete threaded conversation system with inline replies 
**Major Features Added:**
- **Inline Reply System**: Replace compose screen with inline reply boxes
- **Thread Navigation**: Parent/child navigation with jump functionality
- **Chain Flow UI**: Reply counts, expand/collapse animations, visual hierarchy
- **Enhanced Animations**: Smooth transitions, hover effects, micro-interactions

 **Frontend Changes:**
- **ThreadedCommentWidget**: Complete rewrite with animations and navigation
- **ThreadNode Model**: Added parent references and descendant counting
- **ThreadedConversationScreen**: Integrated navigation handlers
- **PostDetailScreen**: Replaced with threaded conversation view
- **ComposeScreen**: Added reply indicators and context
- **PostActions**: Fixed visibility checks for chain buttons

 **Backend Changes:**
- **API Route**: Added /posts/:id/thread endpoint
- **Post Repository**: Include allow_chain and visibility fields in feed
- **Thread Handler**: Support for fetching post chains

 **UI/UX Improvements:**
- **Reply Context**: Clear indication when replying to specific posts
- **Character Counting**: 500 character limit with live counter
- **Visual Hierarchy**: Depth-based indentation and styling
- **Smooth Animations**: SizeTransition, FadeTransition, hover states
- **Chain Navigation**: Parent/child buttons with visual feedback

 **Technical Enhancements:**
- **Animation Controllers**: Proper lifecycle management
- **State Management**: Clean separation of concerns
- **Navigation Callbacks**: Reusable navigation system
- **Error Handling**: Graceful fallbacks and user feedback

This creates a Reddit-style threaded conversation experience with smooth
animations, inline replies, and intuitive navigation between posts in a chain.
2026-01-30 07:40:19 -06:00

35 lines
1.3 KiB
SQL
Raw Blame History

-- Security lint remediations
-- 1) Make view_searchable_tags SECURITY INVOKER (avoid definer semantics)
create or replace view view_searchable_tags
with (security_invoker = true) as
select
unnest(tags) as tag,
count(*) as count
from posts
where deleted_at is null
and tags is not null
and array_length(tags, 1) > 0
group by unnest(tags)
order by count desc;
-- 2) Enable RLS on notifications with per-user visibility
alter table if exists notifications enable row level security;
drop policy if exists "Users can view own notifications" on notifications;
create policy "Users can view own notifications" on notifications
for select
using (user_id = auth.uid());
-- Allow inserts/updates/deletes via service role (if your functions need it)
drop policy if exists "Service role manages notifications" on notifications;
create policy "Service role manages notifications" on notifications
for all
using (auth.role() = 'service_role')
with check (auth.role() = 'service_role');
-- 3) Enforce RLS on spatial_ref_sys unconditionally (run as owner/superuser)
alter table spatial_ref_sys enable row level security;
drop policy if exists "Public read spatial_ref_sys" on spatial_ref_sys;
create policy "Public read spatial_ref_sys" on spatial_ref_sys
for select
using (true);
Reference in a new issue View git blame Copy permalink