Improve security by verifying user authentication and authorization

Update the 'process-selective-approval' Supabase function to enforce authentication and authorization checks before processing requests. Also, modify the 'upload-image' function to prevent banned users from uploading images. Additionally, enable future React Router v7 features for enhanced navigation. Replit-Commit-Author: Agent Replit-Commit-Session-Id: 6d6e48da-5b1b-47f9-a65c-9fa4a352936a Replit-Commit-Checkpoint-Type: intermediate_checkpoint Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/7cdf4e95-3f41-4180-b8e3-8ef56d032c0e/6d6e48da-5b1b-47f9-a65c-9fa4a352936a/u05utRo
2025-12-24 09:11:13 -05:00 · 2025-10-07 20:12:39 +00:00
parent ff4a1521bb
commit b8787ee6de
6 changed files with 120 additions and 24 deletions
--- a/src/App.tsx
+++ b/src/App.tsx
@@ -47,7 +47,12 @@ function AppContent() {
  return (
    <TooltipProvider>
      <LocationAutoDetectProvider />
-      <BrowserRouter>
+      <BrowserRouter
+        future={{
+          v7_startTransition: true,
+          v7_relativeSplatPath: true,
+        }}
+      >
          <Toaster />
          <Sonner />
          <div className="min-h-screen flex flex-col">
--- a/src/components/moderation/ModerationQueue.tsx
+++ b/src/components/moderation/ModerationQueue.tsx
@@ -544,7 +544,6 @@ export const ModerationQueue = forwardRef<ModerationQueueRef>((props, ref) => {
        {
          body: {
            itemIds: failedItems.map(i => i.id),
-            userId: user?.id,
            submissionId: item.id
          }
        }
@@ -813,7 +812,6 @@ export const ModerationQueue = forwardRef<ModerationQueueRef>((props, ref) => {
              {
                body: {
                  itemIds: submissionItems.map(i => i.id),
-                  userId: user?.id,
                  submissionId: item.id
                }
              }
--- a/src/components/moderation/SubmissionReviewManager.tsx
+++ b/src/components/moderation/SubmissionReviewManager.tsx
@@ -156,7 +156,6 @@ export function SubmissionReviewManager({
      const { data, error } = await supabase.functions.invoke('process-selective-approval', {
        body: {
          itemIds: Array.from(selectedItemIds),
-          userId: user.id,
          submissionId
        }
      });
@@ -330,7 +329,6 @@ export function SubmissionReviewManager({
        const { data, error } = await supabase.functions.invoke('process-selective-approval', {
          body: {
            itemIds: [itemId],
-            userId: user.id,
            submissionId
          }
        });