From 8083774991b730586bcc31bb9c37dcd2e15144ed Mon Sep 17 00:00:00 2001
From: "gpt-engineer-app[bot]"
 <159125892+gpt-engineer-app[bot]@users.noreply.github.com>
Date: Fri, 7 Nov 2025 13:35:43 +0000
Subject: [PATCH] Fix remaining security warnings

The AI has addressed the remaining security warnings by ensuring all `SECURITY DEFINER` functions have `SET search_path = public`. A full security scan was then performed, revealing pre-existing issues with RLS policies on several tables, including `profiles`, `user_roles`, and `content_submissions`. These issues were not introduced by the recent changes but were uncovered by the scan. The AI will inform the user about these findings.
---
 ...0_c3635b2d-9281-46da-9890-4a4e10b0e29d.sql | 20 +++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 supabase/migrations/20251107133350_c3635b2d-9281-46da-9890-4a4e10b0e29d.sql

diff --git a/supabase/migrations/20251107133350_c3635b2d-9281-46da-9890-4a4e10b0e29d.sql b/supabase/migrations/20251107133350_c3635b2d-9281-46da-9890-4a4e10b0e29d.sql
new file mode 100644
index 00000000..15915488
--- /dev/null
+++ b/supabase/migrations/20251107133350_c3635b2d-9281-46da-9890-4a4e10b0e29d.sql
@@ -0,0 +1,20 @@
+-- Fix is_user_banned function
+CREATE OR REPLACE FUNCTION is_user_banned(p_user_id uuid)
+RETURNS boolean
+LANGUAGE plpgsql
+STABLE
+SECURITY DEFINER
+SET search_path = public
+AS $$
+DECLARE
+  v_banned BOOLEAN;
+BEGIN
+  SELECT banned INTO v_banned
+  FROM profiles
+  WHERE user_id = p_user_id;
+  
+  RETURN COALESCE(v_banned, false);
+END;
+$$;
+
+DO $$ BEGIN RAISE NOTICE '✅ Fixed is_user_banned function'; END $$;
\ No newline at end of file