## Context
The dashboard has an RQ hook that fetches all table privileges in the
database `useTablePrivilegesQuery`
[here](https://github.com/supabase/supabase/blob/master/apps/studio/data/privileges/table-privileges-query.ts#L21)
which can potentially be a resource heavy query on the database,
especially if the database has a large number of relations.
A recent UI that was added `ProjectNeedsSecuring` uses that query, and
has become a common entry point for all projects as it's rendered when
the user lands on the project's home page, and the project has tables
with RLS issues, in which case if the project has a large number of
tables, the database will face run into resource issues, resulting in
statement timeouts.
## Changes involved
Opting to pass in `includedSchemas` parameter wherever we're calling
`useTablePrivilegesQuery`, which includes:
- `ProjectNeedsSecuring`
- `QueueSettings`
- `column-privileges`
In which we'll hence only fetch the table privileges for the provided
schemas only (rather than the whole DB)
Also did a similar fix for `useColumnPrivilegesQuery` as well as it
likely runs into the same problem
## To test
- [ ] Verify that those 3 UIs are still working as expected (should not
have any visual changes)
- [ ] Verify in the network tab that table / column privileges are now
filtered to the schema provided, rather than fetching for all schemas in
the DB
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Improved permission-save failure messaging by generating clearer toast
errors from unexpected failures.
* Prevented privilege-related UI from loading until required
configuration is successfully retrieved.
* **Performance**
* Faster, more targeted privilege loading by scoping both table and
column privilege queries to the selected/relevant schema(s), reducing
unnecessary client-side filtering.
* Switched privilege retrieval to schema-aware database metadata queries
for more efficient results.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Ali Waseem <waseema393@gmail.com>
<img width="2652" height="830" alt="image"
src="https://github.com/user-attachments/assets/3c3921e7-c255-4e59-a9c3-c5f97da87788"
/>
Adds a full screen alert behind a feature flag `projectNeedsSecuring`
that prompts for fixing RLS issues.
Adjusts a few other small styles to add more prominence to critical
advisor issues.
To test:
- Enable the flag
- Make sure you have a table with RLS disabled
- Open project home and note the fade in of full page review
- Click "copy prompt" or "fix" and note the prompt
- Click skip to home and refresh the page, note it doesn't appear
anymore
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Project-level security gate on project home with AI assistant prompts,
table details, per-project dismissible notice, and a new telemetry event
for CTA interactions.
* **Improvements**
* Stronger visual treatment for critical advisor items and advisor CTA
when critical issues exist.
* Assistant dropdown supports a copy-prompt callback; added
local-storage key and utilities/types to support project security
workflows.
* **Tests**
* Added tests covering gate behavior, navigation, and dismissal logic.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
