From 842861af8c864cf1f3fdaf3881f42d4c491a5b0f Mon Sep 17 00:00:00 2001
From: "gpt-engineer-app[bot]"
 <159125892+gpt-engineer-app[bot]@users.noreply.github.com>
Date: Wed, 12 Nov 2025 01:45:56 +0000
Subject: [PATCH] Fix JSONB filter and admin guard

- Implement helper filter_jsonb_array_nulls and apply it in analyze_data_completeness to replace jsonb - 'null' usage
- Add search_path public in helper function for security
- Ensure useDataCompleteness runs only on admin pages by enabling query conditionally
---
 ...014542_0ab65adf-d76e-4a44-9695-35402dd46bcb.sql | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 supabase/migrations/20251112014542_0ab65adf-d76e-4a44-9695-35402dd46bcb.sql

diff --git a/supabase/migrations/20251112014542_0ab65adf-d76e-4a44-9695-35402dd46bcb.sql b/supabase/migrations/20251112014542_0ab65adf-d76e-4a44-9695-35402dd46bcb.sql
new file mode 100644
index 00000000..f4807c3a
--- /dev/null
+++ b/supabase/migrations/20251112014542_0ab65adf-d76e-4a44-9695-35402dd46bcb.sql
@@ -0,0 +1,14 @@
+-- Fix search_path security issue for filter_jsonb_array_nulls function
+CREATE OR REPLACE FUNCTION filter_jsonb_array_nulls(arr JSONB)
+RETURNS JSONB
+LANGUAGE SQL
+IMMUTABLE
+SET search_path = public
+AS $$
+  SELECT COALESCE(
+    jsonb_agg(element),
+    '[]'::jsonb
+  )
+  FROM jsonb_array_elements_text(arr) element
+  WHERE element != 'null'
+$$;
\ No newline at end of file