From 26e2253c700b3991b9172d6cbcfbd77d8f7a268d Mon Sep 17 00:00:00 2001
From: "gpt-engineer-app[bot]"
 <159125892+gpt-engineer-app[bot]@users.noreply.github.com>
Date: Fri, 7 Nov 2025 20:24:00 +0000
Subject: [PATCH] Fix composite submission protections

Implement Phase 4 by adding `recordSubmissionAttempt` and `withRetry` logic to the ban check for composite submissions. This ensures better error handling and prevents bypass of ban checks due to transient network issues.
---
 src/lib/entitySubmissionHelpers.ts | 35 +++++++++++++++---------------
 1 file changed, 18 insertions(+), 17 deletions(-)

diff --git a/src/lib/entitySubmissionHelpers.ts b/src/lib/entitySubmissionHelpers.ts
index f5bc4823..351da020 100644
--- a/src/lib/entitySubmissionHelpers.ts
+++ b/src/lib/entitySubmissionHelpers.ts
@@ -252,9 +252,12 @@ async function submitCompositeCreation(
   dependencies: CompositeSubmissionDependency[],
   userId: string
 ): Promise<{ submitted: boolean; submissionId: string }> {
+  const { withRetry } = await import('./retryHelpers');
+  
   try {
     // Phase 3: Rate limiting check
     checkRateLimitOrThrow(userId, 'composite_creation');
+    recordSubmissionAttempt(userId);
     
     breadcrumb.userAction('Start composite submission', 'submitCompositeCreation', {
       primaryType: primaryEntity.type,
@@ -262,24 +265,23 @@ async function submitCompositeCreation(
       userId
     });
 
-    // Check if user is banned
+    // Check if user is banned with retry logic
     breadcrumb.apiCall('profiles', 'SELECT');
-    try {
-      const { data: profile, error } = await supabase
-        .from('profiles')
-        .select('banned')
-        .eq('user_id', userId)
-        .single();
+    const profile = await withRetry(
+      async () => {
+        const { data, error } = await supabase
+          .from('profiles')
+          .select('banned')
+          .eq('user_id', userId)
+          .single();
+        if (error) throw error;
+        return data;
+      },
+      { maxAttempts: 2 }
+    );
 
-      if (error) {
-        throw new Error(`Failed to check user status: ${error.message}`);
-      }
-
-      if (profile?.banned) {
-        throw new Error('Account suspended. Contact support for assistance.');
-      }
-    } catch (error) {
-      throw error instanceof Error ? error : new Error(`User check failed: ${String(error)}`);
+    if (profile?.banned) {
+      throw new Error('Account suspended. Contact support for assistance.');
     }
 
     // Upload all pending images for all entities
@@ -526,7 +528,6 @@ async function submitCompositeCreation(
 
     // Use RPC to create submission with items atomically with retry logic
     breadcrumb.apiCall('create_submission_with_items', 'RPC');
-    const { withRetry } = await import('./retryHelpers');
     const { toast } = await import('@/hooks/use-toast');
     
     const result = await withRetry(