Update parameterized analyze_data_completeness to check parks, rides, companies, and ride_models using appropriate fields instead of manufacturer_id for parks. Also replace get_recent_additions te.event_title with te.title.
Update the analyze_data_completeness function to set search_path = public to address security linter warning and ensure consistent function execution without elevated schema access. No behavioral changes beyond security context.
- Aligns database migration by adding a follow-up migration to set the search_path for the affected function to address a security linter warning and ensure proper execution scope.
Enhance frontend to correctly fetch entity names by joining with submission_metadata and filtering metadata_key = 'name'; replace incorrect submission_metadata(name) usage in systemActivityService.ts and Profile.tsx with proper inner join and metadata_value extraction.
Fix get_recent_additions by removing created_by joins for tables without such column, leaving creator data only for entity_timeline_events. Add migration to implement corrected logic. Update frontend queries handling content_submissions metadata to correctly extract entity names from submission_metadata. Also apply guarded admin-only execution for data completeness hook to prevent non-admin queries.
- Implement helper filter_jsonb_array_nulls and apply it in analyze_data_completeness to replace jsonb - 'null' usage
- Add search_path public in helper function for security
- Ensure useDataCompleteness runs only on admin pages by enabling query conditionally
- Add safe JSONB array null filtering via helper and update analyze_data_completeness
- Ensure search_path set to public in helper function
- Add admin-page guard to useDataCompleteness to disable on non-admin routes
Implement plan to fix database RPCs by migrating to photos table, update hooks to enable only on admin pages, switch real-time subscriptions to the photos table, and apply to remaining forms. Also disable analytics in development.
Batch update all date precision handling to use expanded DatePrecision, replace hardcoded day defaults, and adjust related validation, UI, and helpers. Includes wrapper migration across Phase 1-3 functions, updates to logs, displays, and formatting utilities to align frontend with new precision values ('exact', 'month', 'year', 'decade', 'century', 'approximate').
Extend createEdgeFunction usage to novu-webhook, seed-test-data, and sitemap by removing manual boilerplate (CORS, auth, tracking, error handling) and replacing logging with span-based tracing; wire in EdgeFunctionContext for supabase, user, span, and requestId; preserve core logic including webhook validation, data seeding utilities, and sitemap caching.
Refactor export-user-data, notify-user-submission-status, and resend-deletion-code to use createEdgeFunction wrapper. Remove manual CORS, auth, rate limiting boilerplate; adopt standardized EdgeFunctionContext (supabase, user, span, requestId), and integrate built-in tracing, rate limiting, and logging through the wrapper. Update handlers to rely on wrapper context and ensure consistent error handling and observability.
Refactor process-expired-bans, detect-location, detect-anomalies, rate-limit-metrics, and collect-metrics to use createEdgeFunction wrapper with standardized error handling, tracing, and reduced boilerplate. Update signatures to receive { supabase, span, requestId } (and user where applicable), replace manual logging with span events, remove per-function boilerplate, and ensure consistent wrapper configuration (cors, auth, rate limits, and tracing).
- Refactor validate-email, receive-inbound-email, and send-admin-email-reply to use createEdgeFunction wrapper with automatic error handling, tracing, and reduced boilerplate.
- enrich wrapper to support service-role usage and role-based authorization context for complex flows.
Batch 1 of Phase 2: migrate 3-4 edge functions to use createEdgeFunction wrapper (process-selective-approval, process-selective-rejection, rate-limit-metrics) to enable automatic error logging, CORS, auth, and reduced boilerplate; preserve existing logic where applicable and prepare for subsequent batches.
Implement Phase 1 by adding error span logging and database persistence to 8 edge functions that already log errors:
- detect-location
- export-user-data
- notify-moderators-submission
- novu-webhook
- send-escalation-notification
- send-password-added-email
- resend-deletion-code
- merge-contact-tickets
This update introduces startSpan/endSpan and logSpanToDatabase usage in catch blocks to ensure errors are recorded in the monitoring database.
Add retry mechanism to backfill-ride-data, backfill-company-data, and backfill-park-locations edge functions using withEdgeRetry, including isRetryableError and isDeadlockError. Apply CORS headers to ride-data and company-data responses, and ensure park-locations already contains CORS remains with retry wrapping. Update unauthorized and success responses to include CORS headers.
Update logger.ts to use the import-map resolved package
- Replace jsr:@supabase/supabase-js@2 with @supabase/supabase-js
- Align edge function logger with deno.json import map for reliable bundling
Add proper CORS headers to edge function:
- Import and apply corsHeadersWithMethods via corsHeaders config
- Include CORS headers in all responses (including unauthorized and success cases)
This resolves preflight and subsequent requests blocked by CORS policy.
Add data quality metrics, growth trends visualization, entity comparison views, and automated health checks to the AdminDatabaseStats dashboard, including new TS types, hooks, UI components, and integrated tabbed layout.
Add admin-only database statistics dashboard
- Introduces types for database statistics and recent additions
- Implements hooks to fetch statistics and recent additions via RPCs
- Adds UI components for stats cards and a recent additions table
- Integrates new AdminDatabaseStats page and routing under /admin/database-stats
- Updates admin sidebar and app routes to expose the new dashboard
- Enables real-time updates and export capabilities for recent additions
Adds comprehensive data completeness dashboard UI and hooks:
- Introduces data completeness types and hook (useDataCompleteness) to fetch and subscribe to updates
- Builds dashboard components (summary, filters, table) and integrates into Admin Settings
- Wireframes for real-time updates and filtering across parks, rides, companies, and ride models
- Integrates into AdminSettings with a new Data Quality tab and route
- Adds data types and scaffolding for analytics, including completeness analysis structure
Adds and fixes a comprehensive data completeness analysis flow:
- Preps migration to create analyze_data_completeness function with weighted scoring
- Addresses security warning by constraining search_path to public schema
- Lays groundwork for real-time updates and integration with admin UI (backfills, filters)
Implement edge function and UI to backfill missing company data from submissions, including admin trigger and result reporting, and wire into admin settings.
Add edge function and UI for ride data backfill, integrating admin UI to trigger backfill, plus supporting types and wiring to backfill_ride_data function. Includes RideDataBackfill component, admin page integration, and initial server-side function scaffold for updating rides from submissions.
Apply migrations and backfill scripts for location data and approval flow, including:
- Implemented backfill_park_locations function to populate missing park locations from approved submissions
- Adjusted process_approval_transaction to properly handle location creation and linking
- Added admin-triggered backfill trigger point and related migration scaffolding for execution
- Created edge-function and admin UI hook to run backfill as needed
- Ensure search_path and relational data usage fixes for stability
Add a script to backfill missing location data for already-approved parks from their submission data, and make it executable from the admin settings interface. Implement a backfill function (SQL migration) and an edge function to trigger it, plus UI integration in Admin Settings to initiate the process. Ensure only parks with approved submissions and location data are linked to new location records, and expose results in admin.
Fix: eliminate approved_at usage in process_approval_transaction and update updated_at instead; ensure updates for submission_items set updated_at and status, remove JSONB-related logic, and recreate function accordingly.
Refactor process_approval_transaction to remove JSONB usage
- Delete JSONB-based building and resolution logic
- Replace with pure relational INSERT/UPDATE paths for parks, rides, companies, ride_models, and photos
- Implement direct temporary reference resolution via SQL queries
- Copy related data (technical specs, coaster stats) after main entity changes
- Remove calls to non-existent functions and simplify flow
Implement monitoring and alert-resolve UI improvements:
- Enhance useAlertGroupActions with robust error handling and breadcrumb logging
- Add loading state visuals to GroupedAlertsPanel and Resolve All button
- Integrate loading indicator (Loader2) for better user feedback during resolves
Implement fire-and-forget span persistence:
- Add logSpanToDatabase and persistSpanToDatabase to logger
- Persist spans, attributes, events, and event attributes to new tables
- Wire edgeFunctionWrapper to call DB persistence after each span
- Create required tables, views, and security policies
- Ensure non-blocking and guard for missing Supabase creds
- Change security settings for views to SECURITY INVOKER
- Add explicit search_path in cleanup_old_spans function
- Ensure safe, non-deferring access to trace views and cleanup routine
Update edge function wrapper to emit backend metadata headers (X-Request-Id, X-Span-Id, X-Trace-Id, X-Duration-Ms) on responses; adjust logging to include duration and headers. Enhance edgeFunctionTracking to extract and propagate backend metadata from responses and errors; extend errorHandler to capture and log backend metadata for improved observability.
Migrate the remaining administrative function check-transaction-status to use the wrapEdgeFunction wrapper, aligning with admin-delete-user. Updated to remove manual Deno.serve handling, integrate edge wrapper, standardized logging with edgeLogger, and utilize context for auth and tracing. admin-delete-user already migrated.
Refactor Phase 3 Batch 2–4 Novu-related functions to use the createEdgeFunction wrapper, replacing explicit HTTP servers with edge wrapper, adding standardized logging, tracing, and error handling across subscriber management, topic/notification, and migration/sync functions.
Migrate 6 background jobs to use wrapEdgeFunction: cleanup-old-versions, process-scheduled-deletions, data-retention-cleanup, run-cleanup-jobs, scheduled-maintenance, process-expired-bans. Replace old server routines with edgeFunction wrapper, add centralized logging, tracing, and standardized error handling, and adjust for batch-wise deployment.
Enhance error handling and logging across all edge functions:
- Introduce a shared edgeFunctionWrapper with standardized error handling, request/response logging, tracing, and validation hooks.
- Add runtime type validation utilities (ValidationError, validators, and parse/validate helpers) and integrate into edge flow.
- Implement robust validation for incoming requests and known type mismatches, with detailed logs and structured responses.
- Add post-RPC and post-database error logging to surface type/mismatch issues early.
- Update approval/rejection entry points to leverage new validators and centralized error handling.
Applied migration to fix process_approval_transaction to support all company types: company, manufacturer, operator, property_owner, designer. This resolves unknown item type errors and enables moderation approvals across all entity types. Migration was executed successfully.
Read idempotency key from headers in process-selective-approval and process-selective-rejection, remove it from request bodies, add header validation, and redeploy edge functions to fix idempotency flow.
Improve CORS handling and error logging to fix moderation edge cases:
- Add x-idempotency-key to allowed CORS headers and expose explicit POST methods
- Extend CORS headers to include Access-Control-Allow-Methods
- Update edge function tracing and client error handling to better detect and log CORS/network issues
- Enhance error handling utilities to surface CORS-related failures and provide clearer user messages
