Fix moderation queue issues

supabase/migrations/20251103164331_88758b01-6dd2-4d34-acab-f07e992eeba6.sql

@@ -0,0 +1,45 @@
+-- Fix security warning: Remove SECURITY DEFINER from view
+-- Views don't need SECURITY DEFINER as they inherit permissions from underlying tables
+
+-- The view was already created without SECURITY DEFINER in the previous migration
+-- This is just documenting that no action is needed
+
+-- For search_path mutable warning on get_submission_item_entity_data function:
+-- Add SET search_path to make it immutable
+CREATE OR REPLACE FUNCTION public.get_submission_item_entity_data(p_item_type text, p_item_data_id uuid)
+ RETURNS jsonb
+ LANGUAGE plpgsql
+ STABLE SECURITY DEFINER
+ SET search_path TO 'public'
+AS $function$
+DECLARE
+  v_result jsonb;
+BEGIN
+  CASE p_item_type
+    WHEN 'park' THEN
+      SELECT to_jsonb(ps.*) INTO v_result
+      FROM park_submissions ps
+      WHERE ps.id = p_item_data_id;
+    WHEN 'ride' THEN
+      SELECT to_jsonb(rs.*) INTO v_result
+      FROM ride_submissions rs
+      WHERE rs.id = p_item_data_id;
+    WHEN 'manufacturer', 'operator', 'designer', 'property_owner' THEN
+      SELECT to_jsonb(cs.*) INTO v_result
+      FROM company_submissions cs
+      WHERE cs.id = p_item_data_id;
+    WHEN 'ride_model' THEN
+      SELECT to_jsonb(rms.*) INTO v_result
+      FROM ride_model_submissions rms
+      WHERE rms.id = p_item_data_id;
+    WHEN 'photo' THEN
+      SELECT to_jsonb(ps.*) INTO v_result
+      FROM photo_submissions ps
+      WHERE ps.id = p_item_data_id;
+    ELSE
+      v_result := NULL;
+  END CASE;
+  
+  RETURN v_result;
+END;
+$function$;