lywsvip/supabase
1
0
Fork 0
mirror of https://github.com/supabase/supabase.git synced 2026-05-23 01:39:34 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
205cbe7d26d330dc8972b30d0dc855f0086baad2
supabase/apps/studio/components/interfaces/TableGridEditor/ViewEntityAutofixSecurityModal.tsx
Ivan Vasilov ee8eae7309 chore: Clean the ui package from next imports (#44278) 
This PR moves several components which rely on `next` out of the `ui`
package to the `ui-patterns` package.

`ui-patterns` package is intented to be imported with specific imports
so it's ok if there are components reliant on `next` in there.

The `SonnerToaster` component has removed its dependency by requiring a
prop for `theme`.
2026-03-30 10:58:37 +02:00

109 lines
3.6 KiB
TypeScript
Raw Blame History

import { useQueryClient } from '@tanstack/react-query'
import { toast } from 'sonner'
import { ScrollArea } from 'ui'
import ConfirmationModal from 'ui-patterns/Dialogs/ConfirmationModal'
import { GenericSkeletonLoader } from 'ui-patterns/ShimmeringLoader'
import { SimpleCodeBlock } from 'ui-patterns/SimpleCodeBlock'
import { useViewDefinitionQuery } from '@/data/database/view-definition-query'
import { lintKeys } from '@/data/lint/keys'
import { useExecuteSqlMutation } from '@/data/sql/execute-sql-mutation'
import { Entity, isViewLike } from '@/data/table-editor/table-editor-types'
import { useSelectedProjectQuery } from '@/hooks/misc/useSelectedProject'
interface ViewEntityAutofixSecurityModalProps {
table: Entity
isAutofixViewSecurityModalOpen: boolean
setIsAutofixViewSecurityModalOpen: (isAutofixViewSecurityModalOpen: boolean) => void
}
export default function ViewEntityAutofixSecurityModal({
table,
isAutofixViewSecurityModalOpen,
setIsAutofixViewSecurityModalOpen,
}: ViewEntityAutofixSecurityModalProps) {
const { data: project } = useSelectedProjectQuery()
const queryClient = useQueryClient()
const {
isSuccess,
isPending: isLoading,
data,
} = useViewDefinitionQuery(
{
id: table?.id,
projectRef: project?.ref,
connectionString: project?.connectionString,
},
{
enabled: isAutofixViewSecurityModalOpen && isViewLike(table),
}
)
const { mutate: execute } = useExecuteSqlMutation({
onSuccess: async () => {
toast.success('View security changed successfully')
setIsAutofixViewSecurityModalOpen(false)
await queryClient.invalidateQueries({ queryKey: lintKeys.lint(project?.ref) })
},
onError: (error) => {
toast.error(`Failed to autofix view security: ${error.message}`)
},
})
function handleConfirm() {
const sql = `
ALTER VIEW "${table.schema}"."${table.name}" SET (security_invoker = on);
`
execute({
projectRef: project?.ref,
connectionString: project?.connectionString,
sql,
})
}
if (!isViewLike(table)) {
return null
}
return (
<ConfirmationModal
visible={isAutofixViewSecurityModalOpen}
size="xlarge"
title="Confirm autofixing view security"
confirmLabel="Confirm"
onCancel={() => setIsAutofixViewSecurityModalOpen(false)}
onConfirm={() => handleConfirm()}
>
<p className="text-sm text-foreground-light">
Setting <code>security_invoker=on</code> ensures the View runs with the permissions of the
querying user, reducing the risk of unintended data exposure.
</p>
<div className="flex items-center gap-8 mt-8">
<div className=" border rounded-md w-1/2">
<div className="p-4 pb-0 bg-200 font-mono text-sm font-semibold">Existing query</div>
<ScrollArea className="h-[225px] px-4 py-2">
{isLoading && <GenericSkeletonLoader />}
{isSuccess && (
<SimpleCodeBlock>
{`create view ${table.schema}.${table.name} as\n ${data}`}
</SimpleCodeBlock>
)}
</ScrollArea>
</div>
<div className=" border rounded-md w-1/2">
<div className="p-4 pb-0 bg-200 font-mono text-sm font-semibold">Updated query</div>
<ScrollArea className="h-[225px] px-4 py-2">
{isLoading && <GenericSkeletonLoader />}
{isSuccess && (
<SimpleCodeBlock>
{`create view ${table.schema}.${table.name} with (security_invoker = on) as\n ${data}`}
</SimpleCodeBlock>
)}
</ScrollArea>
</div>
</div>
</ConfirmationModal>
)
}
Reference in New Issue View Git Blame Copy Permalink