mirror of
https://github.com/supabase/supabase.git
synced 2026-06-22 04:52:48 +08:00
acbec2949d
## Details of change Re-lands DATAENG-1468 (docs page feedback to Postgres) with an **insert-only** design that avoids the cross-project auth issue that caused the prior revert. - New insert-only `feedback_comments` table: anon `insert` policy only (no select/update/delete). Columns: `page`, `vote`, `title`, `comment`, `user_id`, `metadata`. - The docs widget writes the free-text comment to `feedback_comments` via the **anon key**. The votes `feedback` table is untouched (one row per vote). - No user token is sent to the content project anymore (that was the cause of the previous failure): the feedback client uses the anon key only. - The commenter's account user id (gotrue UUID) is read client-side from the session and stored as a plain `user_id` column for attribution (comments are logged-in-only). Org/project association is derived downstream in BigQuery via that id; docs pages aren't project-scoped, so there's no project_ref/org to capture here. - Removed the previous update-by-id approach, the per-user RLS policies, and the obsolete unit test. ## Why the previous version was reverted It authenticated feedback writes with the supabase.com account session token, but the requests target the docs content project (`xguihxuzqibwxjnimxev`), which cannot verify that token. Logged-in users got `PGRST301 / JWSInvalidSignature`. This version removes the user token entirely, so writes succeed for everyone. ## Verification Insert-only RLS means a row can be written but not read/updated/deleted by `anon`. Comments retrievable with `where comment is not null` is not needed (separate table); just query `feedback_comments`. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * The feedback form now captures a vote rating along with an optional title and detailed comments, saving richer context for review. * **Refactor** * Feedback submission has been streamlined to write directly to the database for both vote and comment submissions. * **Maintenance** * Updated the feedback data typings to support the new title, comment, user, page, and vote fields via the new feedback comments storage. <!-- end of auto-generated comment: release notes by coderabbit.ai -->