pacnpal/thrilltrack-explorer
1
0
Fork 0
mirror of https://github.com/pacnpal/thrilltrack-explorer.git synced 2025-12-20 10:11:13 -05:00
Code Issues Packages Projects Releases Wiki Activity

Implement RPC function for user emails

Browse Source
This commit is contained in:
gpt-engineer-app[bot]
2025-10-30 18:03:17 +00:00
parent 3318fdaa3f
commit bcbb8019bd
3 changed files with 61 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/components/moderation/ProfileManager.tsx
View File

@@ -19,6 +19,7 @@ interface UserProfile {
id: string; id: string;
user_id: string; user_id: string;
username: string; username: string;
email?: string;
display_name?: string; display_name?: string;
avatar_url?: string; avatar_url?: string;
banned: boolean; banned: boolean;
@@ -49,17 +50,15 @@ export function ProfileManager() {
try { try {
setLoading(true); setLoading(true);
// Fetch profiles with user roles // Fetch profiles with emails using secure RPC function
const { data: profilesData, error: profilesError } = await supabase const { data: profilesData, error: profilesError } = await supabase
.from('profiles') .rpc('get_users_with_emails');
.select('*')
.order('created_at', { ascending: false });
if (profilesError) throw profilesError; if (profilesError) throw profilesError;
// Fetch roles for each user // Fetch roles for each user
const profilesWithRoles = await Promise.all( const profilesWithRoles = await Promise.all(
profilesData.map(async (profile) => { (profilesData || []).map(async (profile) => {
const { data: rolesData } = await supabase const { data: rolesData } = await supabase
.from('user_roles') .from('user_roles')
.select('role') .select('role')
@@ -453,7 +452,7 @@ export function ProfileManager() {
targetUser={{ targetUser={{
userId: deletionTarget.user_id, userId: deletionTarget.user_id,
username: deletionTarget.username, username: deletionTarget.username,
email: '', // Email not available in profile data email: deletionTarget.email || 'Email not found',
displayName: deletionTarget.display_name || undefined, displayName: deletionTarget.display_name || undefined,
roles: deletionTarget.roles roles: deletionTarget.roles
}} }}

13
src/integrations/supabase/types.ts
View File

@@ -4631,6 +4631,19 @@ export type Database = {
Args: { _user_id: string } Args: { _user_id: string }
Returns: Json Returns: Json
} }
get_users_with_emails: {
Args: never
Returns: {
avatar_url: string
banned: boolean
created_at: string
display_name: string
email: string
id: string
user_id: string
username: string
}[]
}
get_version_diff: { get_version_diff: {
Args: { Args: {
p_entity_type: string p_entity_type: string

43
supabase/migrations/20251030180233_7cfbf422-43ea-4265-a85b-57aa207b4771.sql Normal file
View File

@@ -0,0 +1,43 @@
-- Create RPC function to get users with emails for admin/superuser
CREATE OR REPLACE FUNCTION public.get_users_with_emails()
RETURNS TABLE (
id uuid,
user_id uuid,
username text,
email text,
display_name text,
avatar_url text,
banned boolean,
created_at timestamptz
)
LANGUAGE plpgsql
SECURITY DEFINER
SET search_path TO 'public', 'auth'
AS $$
BEGIN
-- Check if caller is superuser or admin
IF NOT EXISTS (
SELECT 1 FROM public.user_roles
WHERE user_roles.user_id = auth.uid()
AND role IN ('superuser', 'admin')
) THEN
RAISE EXCEPTION 'Access denied: requires admin or superuser role'
USING ERRCODE = '42501';
END IF;
-- Return profiles with emails from auth.users
RETURN QUERY
SELECT
p.id,
p.user_id,
p.username,
COALESCE(au.email, 'unknown@email.com') as email,
p.display_name,
p.avatar_url,
p.banned,
p.created_at
FROM public.profiles p
LEFT JOIN auth.users au ON au.id = p.user_id
ORDER BY p.created_at DESC;
END;
$$;