mirror of
https://github.com/pacnpal/thrilltrack-explorer.git
synced 2025-12-22 03:31:13 -05:00
47 lines
1.1 KiB
Markdown
47 lines
1.1 KiB
Markdown
# Best Practices
|
|
|
|
## When to Create Versions
|
|
|
|
✅ **DO:** Let triggers handle versioning automatically
|
|
❌ **DON'T:** Manually call versioning functions
|
|
❌ **DON'T:** Bypass triggers with direct SQL
|
|
|
|
## Performance
|
|
|
|
- Run `cleanup_old_versions()` monthly
|
|
- Keep 50-100 versions per entity
|
|
- Use indexes for queries
|
|
- Implement pagination for large version lists
|
|
|
|
## Security
|
|
|
|
- Never expose `created_by` user IDs to public
|
|
- Always check RLS policies
|
|
- Validate rollback permissions server-side
|
|
- Use session variables for attribution
|
|
|
|
## Testing
|
|
|
|
Test version creation on:
|
|
- INSERT (creates version_number: 1)
|
|
- UPDATE (increments version_number)
|
|
- Rollback (creates new version with change_type='restored')
|
|
|
|
## Attribution
|
|
|
|
Always set `app.current_user_id` to original submitter, NOT moderator.
|
|
|
|
```typescript
|
|
// ✅ CORRECT
|
|
await supabase.rpc('set_session_variable', {
|
|
key: 'app.current_user_id',
|
|
value: submission.user_id, // Original submitter
|
|
});
|
|
|
|
// ❌ WRONG
|
|
await supabase.rpc('set_session_variable', {
|
|
key: 'app.current_user_id',
|
|
value: auth.uid(), // Moderator who approved
|
|
});
|
|
```
|