Adds comprehensive data completeness dashboard UI and hooks:
- Introduces data completeness types and hook (useDataCompleteness) to fetch and subscribe to updates
- Builds dashboard components (summary, filters, table) and integrates into Admin Settings
- Wireframes for real-time updates and filtering across parks, rides, companies, and ride models
- Integrates into AdminSettings with a new Data Quality tab and route
- Adds data types and scaffolding for analytics, including completeness analysis structure
Adds and fixes a comprehensive data completeness analysis flow:
- Preps migration to create analyze_data_completeness function with weighted scoring
- Addresses security warning by constraining search_path to public schema
- Lays groundwork for real-time updates and integration with admin UI (backfills, filters)
Implement edge function and UI to backfill missing company data from submissions, including admin trigger and result reporting, and wire into admin settings.
Add edge function and UI for ride data backfill, integrating admin UI to trigger backfill, plus supporting types and wiring to backfill_ride_data function. Includes RideDataBackfill component, admin page integration, and initial server-side function scaffold for updating rides from submissions.
Apply migrations and backfill scripts for location data and approval flow, including:
- Implemented backfill_park_locations function to populate missing park locations from approved submissions
- Adjusted process_approval_transaction to properly handle location creation and linking
- Added admin-triggered backfill trigger point and related migration scaffolding for execution
- Created edge-function and admin UI hook to run backfill as needed
- Ensure search_path and relational data usage fixes for stability
Implement Phase 3 audit logging:
- Blog management: create, update, delete, publish
- Manual content deletions (force deletions)
- Direct entity approvals bypassing moderation queue (loggable events where applicable)
Includes integration with central logAdminAction helper and updates to relevant components/hooks:
AdminBlog.tsx (create/update/delete/publish paths)
Moderation queue deletion path (force delete)
Moderation actions paths with direct approvals where possible
New logs for blog_post_created, blog_post_updated, blog_post_deleted, blog_post_published, submission_force_deleted, etc.
Add audit logging for admin settings changes, rate limit config updates, anomaly detection config changes (skipped due to no UI), and version cleanup settings updates. Implement logging via central logAdminAction helper and integrate into AdminSettings, VersionCleanupSettings, and RateLimitAlerts mutations (create, update, delete).
Update PipelineHealthAlerts resolve flow to invalidate all severity-specific system_alerts queries (not just the base key), ensuring resolved alerts disappear from UI. Adds broad invalidation pattern and preserves loading state handling.
Ensure Resolve button clears loading state with proper try-catch-finally around async resolution, preventing stuck loading indicator and improving error handling.
- Introduce per-button loading state in PipelineHealthAlerts
- Disable button and show spinner with "Resolving..." while resolving
- Re-enable after operation completes
- Keeps user feedback inline with alert resolution flow
Enhance PipelineHealthAlerts flow to log and refresh
- Add console logs when resolving alerts on PipelineHealthAlerts
- Invalidate related queries to refresh UI after resolution
- Improve error handling and user feedback paths for resolve action
Investigate and address why the Resolve action isn’t triggering despite superuser role. Add diagnostic logging and ensure the resolve mutation is invoked with correct data, plus prep for validating frontend event wiring and mutation calls.
Implement monitoring and alert-resolve UI improvements:
- Enhance useAlertGroupActions with robust error handling and breadcrumb logging
- Add loading state visuals to GroupedAlertsPanel and Resolve All button
- Integrate loading indicator (Loader2) for better user feedback during resolves
- Change security settings for views to SECURITY INVOKER
- Add explicit search_path in cleanup_old_spans function
- Ensure safe, non-deferring access to trace views and cleanup routine
Update edge function wrapper to emit backend metadata headers (X-Request-Id, X-Span-Id, X-Trace-Id, X-Duration-Ms) on responses; adjust logging to include duration and headers. Enhance edgeFunctionTracking to extract and propagate backend metadata from responses and errors; extend errorHandler to capture and log backend metadata for improved observability.
Improve CORS handling and error logging to fix moderation edge cases:
- Add x-idempotency-key to allowed CORS headers and expose explicit POST methods
- Extend CORS headers to include Access-Control-Allow-Methods
- Update edge function tracing and client error handling to better detect and log CORS/network issues
- Enhance error handling utilities to surface CORS-related failures and provide clearer user messages
Implements edge function, Django tasks, and UI hooks/panels for automatic retention of old metrics, anomalies, alerts, and incidents, plus updates to query keys and monitoring dashboard to reflect data-retention workflows.
Introduce statistical anomaly detection for metrics via edge function, hooks, and UI components. Adds detection algorithms (z-score, moving average, rate of change), anomaly storage, auto-alerts, and dashboard rendering of detected anomalies with run-once trigger and scheduling guidance.
- Add hooks and components for correlated alerts and incidents
- Integrate panels into MonitoringOverview
- Extend query keys for correlation and incidents
- Implement incident actions (create, acknowledge, resolve) and wiring
The migration succeeded but security warnings require updating functions to set search_path. Add SET search_path to the three created functions to ensure proper schema resolution and security context.
Fix security definer view issue by enabling security_invoker on grouped_alerts_view and implement grouped alerts system with new keys, hooks, components, and monitoring overview integration. Added migration to adjust view, updated query keys, created useGroupedAlerts, useAlertGroupActions, GroupedAlertsPanel, and updated MonitoringOverview to include grouped alerts.
Update: implement grouped_alerts_view migration and address security definer concerns by noting default SECURITY INVOKER behavior for views and ensuring RLS policies on underlying tables apply. This commit covers the view creation and related security clarifications for alert grouping feature.
Implement loading state, confirmation dialog, and related UI changes for resolving rate limit alerts:
- Add resolvingAlertId state
- Use ConfirmationDialog for safe resolution
- Update Resolve button to ghost variant with CheckCircle icon and loading behavior
- Wire up loading and disable states during mutation
Implement monitor-rate-limits edge function to compare metrics against alert configurations, trigger notifications, and record alerts; update config and groundwork for admin UI integration.
Approved Lovable tool use and migration updates to fix security warning and add monitoring edge function. Prepare and apply migrations to ensure search_path is set to public and implement monitoring endpoint for rate limit metrics.
Add a React admin dashboard component to visualize rate limit metrics and statistics, including data fetching from the rate-limit-metrics edge function, charts and statistics, and admin routes/integration. Includes setup for routing and UI scaffolding to display total requests, block rate, top blocked IPs/users, and recent activity with interactive charts.
Update database migration to fix create_submission_with_items to use relational park_submission_locations for location data, removing temp_location_data usage; add corresponding TypeScript type cleanup to drop temp_location_data field from submission data types.
Refactor to store park location data relationally:
- Retrieve park_submission_id from park_submissions
- Remove embedded temp_location_data usage
- Update park_submissions without location, then upsert location into park_submission_locations
- Align behavior with updateSubmissionItems pattern to fix JSON storage in Item history
Refactor src/lib/integrationTests/suites/moderationDependencyTests.ts to replace direct submission_items inserts with proper submission helper usage (submitParkCreation), aligning with relational schema. Update dep-001 to create parks via helpers and adjust item retrieval/cleanup accordingly. Modify dep-002 to verify relational submission structure via helpers, ensuring tests interact with new schema and avoid legacy item_data usage. This fixes schema/mapping mismatches and aligns tests with the approved Phase 2 approach.
Implements a CleanupReport UI component to display detailed cleanup results after test runs, including tables cleaned, records deleted per table, duration, and errors. Integrates with IntegrationTestRunner to show cleanup summary post-run and exports a compact inline view.
Adds a new test data cleanup utility to safely remove test fixtures after integration test suites. Includes type-safe cleanup functions for parks, rides, companies, ride_models, locations, and submissions, with safety checks (is_test_data filters) and progress logging. Integrates cleanup invocation post-run to prevent database bloat and preserves safety against prod data deletion.
Add phase 2 migration for moderator INSERT policies and enhance test runner rate-limit mitigations:
- Introduce migration 20251110_fix_missing_insert_policies_phase2.sql to grant moderator INSERT capabilities for park_submission_locations, parks, rides, companies, ride_models, and locations with MFA checks.
- Update test runner to 8s base delays, preemptive cooldowns before heavy suites, and 18s post-suite delays for heavy suites, improving rate-limit handling.
Enhance retry logic to detect 429 rate limits, parse Retry-After headers, and apply smart backoff across all entity submissions. Adds rate-limit-aware backoff, preserves user feedback via UI events, and ensures retries respect server-provided guidance.
Add exponential backoff retry logic with user feedback
- Integrate with existing withRetry patterns
- Introduce unique retry IDs for submissions
- Emit consistent UI events for retry progress, success, and failure
- Enhance rate-limit handling including Retry-After scenarios
- Standardize baseDelay and shouldRetry across park, ride, company, ride_model, and other submissions
Implemented end-to-end fixes:
- Added INSERT RLS policies for park_submissions, ride_submissions, company_submissions, ride_model_submissions, and photo_submissions (own submissions and moderator access)
- Fixed process_approval_transaction to replace ride_type with category and updated references accordingly
- Enhanced rate limiting in testRunner.ts with a 6s base delay and 12s adaptive delays after submission-heavy suites
Adds comprehensive error pattern matching in formatTestError to detect and format Supabase constraint violations (RLs, not-null, unique, foreign keys, check constraints, and related schema/permission issues) into actionable messages, extracting relevant details for clearer test failure guidance. Includes handling for common error shapes and preserves fallback messaging.
Apply quick wins and pipeline fixes for integration tests:
- Remove is_test_data flag from location inserts
- Increase test delay from 2.5s to 5s and add delays between suites to curb rate limiting
- Replace [object Object] error formatting with formatTestError across 10 test suites (31 edits) and add import
- Refactor unit/conversion tests and performance tests to use the approval pipeline
- Extend edge function handling by ensuring item_ids are included in idempotency key inserts (edge function fix)
- Update auth, data integrity, edgeFunction, moderation, performance, submission, unitConversion, and versioning test files accordingly
Introduce visible countdown indicators for rate-limit delays between tests:
- Extend test runner to emit and expose delay progress updates.
- Update IntegrationTestRunner UI to display countdown while pausing.
- Ensure users see why tests are paused during delays.
Introduce automatic delay between test executions in the test runner to prevent rate limiting. Added a delayBetweenTests config (default 2.5s), a delay() helper, and updated runSuite to wait between tests. This helps avoid "Too many submissions in a short time" errors during test runs.
- Replace [object Object] errors with readable messages by using robust error formatting across test suites
- Introduce formatTestError helper and apply it in all catch blocks and error throws
- Update approvalPipelineTests and related suites to utilize improved error extraction for better debugging
Refactor versioningTests.ts, submissionTests.ts, and dataIntegrityTests.ts to replace direct DB inserts with the submission pipeline (submitParkCreation → approve → verify), aligning tests with RLS policies and validation flows.
Apply Phase 1 and 2 fixes:
- Remove display_name from location objects in approvalTestHelpers.ts
- Update submission_type to park/ride instead of park_create/ride_create
Add Markdown formatting utilities for test results, wire up clipboard copy in IntegrationTestRunner, and export new formatters. Introduce formatters.ts, extend index.ts exports, and implement copy all / copy failed / per-test copy functionality with updated UI.
Merge Testing and Integration Tests into a single Testing control center in AdminSettings. Remove the separate integration-tests tab, and update the Testing tab to render both Test Data Generator and Integration Test Runner together, with appropriate headers and icons (Database and TestTube). Add Database to imports.
