You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Require app.update_settings to create a public/default channel.
Keep App Preview keys able to create private PR channels and atomically upload/promote their bundles.
Enforce the same boundary for direct CLI table writes and the raw-SQL create-and-promote path.
RLS execution model
Surface: public.channels INSERT WITH CHECK; it runs once per inserted channel row from the CLI/PostgREST path.
Existing app.create_channel remains required for every new channel.
A row with public = true additionally requires the existing, caller-scoped app.update_settings RBAC check on the row owner app. App Preview does not receive that permission.
The policy adds no tables, joins, or new helper functions. It uses the existing RBAC request helper with the insert row indexed owner_org and app_id values.
The endpoint atomic create-and-promote transaction uses a direct PostgreSQL client and therefore bypasses RLS; it performs the matching app.update_settings guard before inserting.
EXPLAIN and integration follow-up
Local EXPLAIN (ANALYZE, BUFFERS) and the affected lifecycle integration test are pending: the local Supabase runtime cannot start because Docker/Dory is unavailable (Cannot connect to .../.dory/dory.sock).
Before this leaves draft, collect policy-plan evidence for App Preview non-public insert, App Preview public insert denial, and an app-admin public insert. CI must also pass the isolated lifecycle test.
Validation
bun lint
bun lint:backend
Focused ESLint for changed tests
bun run typecheck:backend
bunx vitest run tests/channel-post.unit.test.ts - 16 passed
Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.
⚙️ Run configuration
Configuration used: Organization UI
Review profile: ASSERTIVE
Plan: Pro
Run ID: 165deb39-7611-4555-b7e0-d3a019535b09
You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.
Use the checkbox below for a quick retry:
🔍 Trigger review
Comment @coderabbitai help to get the list of available commands.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
app.update_settingsto create a public/default channel.RLS execution model
public.channelsINSERTWITH CHECK; it runs once per inserted channel row from the CLI/PostgREST path.app.create_channelremains required for every new channel.public = trueadditionally requires the existing, caller-scopedapp.update_settingsRBAC check on the row owner app. App Preview does not receive that permission.owner_organdapp_idvalues.app.update_settingsguard before inserting.EXPLAIN and integration follow-up
EXPLAIN (ANALYZE, BUFFERS)and the affected lifecycle integration test are pending: the local Supabase runtime cannot start because Docker/Dory is unavailable (Cannot connect to .../.dory/dory.sock).Validation
bun lintbun lint:backendbun run typecheck:backendbunx vitest run tests/channel-post.unit.test.ts- 16 passedbun test:unit- 160 files / 1,065 tests passed