feat(storage): MinIO object storage, Neon Auth, Supabase removal
Deploy to route.crispygoat.com / deploy (push) Failing after 3m1s

- Add MinIO/S3-compatible storage client (src/lib/storage.ts) with uploadObject,
  deleteObject, presigned URL helpers, and BUCKETS constant
- Wire product images, brand logos, and water log photos to MinIO via the
  new storage client
- Migrate forgot-password to Neon Auth (remove Supabase /auth/v1/recover call)
- Migrate send-scheduled cron to direct Postgres + Resend (remove Supabase Edge
  Function proxy)
- Add logoUrl to email types (OrderReceipt, Welcome, PasswordReset) and pass
  brand_settings.logo_url from all call sites
- Update email templates to use dynamic logoUrl instead of hardcoded Supabase
  bucket URLs
- Remove hardcoded Supabase URLs from TuxedoVideoHero, TuxedoAboutPage,
  TimeTrackingFieldClient; use brand_settings props + local public/ fallback
- Download brand logos (3) and tuxedo-hero.mp4 (36MB) from Supabase bucket to
  public/ for local development
- Add MinIO env vars to .env.example (endpoint, access key, secret, buckets)
- Fix TimeTrackingFieldClient to destructure logoUrl and brandAccent props
- Fix admin/users.ts logoUrl type (null → undefined for optional string)
- Remove stale sb- cookie from wholesale-auth
- Migrate tuxedo/about page to remove supabase import and use pool query for
  wholesale_settings lookup
This commit is contained in:
openclaw
2026-06-09 11:32:17 -06:00
parent bb464bda65
commit 916ad39176
349 changed files with 6706 additions and 3343 deletions
@@ -0,0 +1,64 @@
-- Migration 088: Brand feature flags / add-on licensing system
-- Enables per-brand add-on enablement for Harvest Reach, Wholesale Portal, Water Log, AI Tools, etc.
CREATE TABLE IF NOT EXISTS brand_features (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
brand_id UUID NOT NULL REFERENCES brands(id) ON DELETE CASCADE,
feature_key TEXT NOT NULL, -- e.g., 'harvest_reach', 'wholesale_portal', 'water_log', 'ai_tools'
enabled BOOLEAN NOT NULL DEFAULT false,
enabled_at TIMESTAMPTZ,
disabled_at TIMESTAMPTZ,
created_at TIMESTAMPTZ NOT NULL DEFAULT now(),
UNIQUE (brand_id, feature_key)
);
-- Index for fast lookups
CREATE INDEX IF NOT EXISTS brand_features_brand_id_idx ON brand_features(brand_id);
-- RPC to get all features for a brand
CREATE OR REPLACE FUNCTION get_brand_features(p_brand_id UUID)
RETURNS JSONB
LANGUAGE plpgsql
SECURITY DEFINER
AS $$
DECLARE
result JSONB;
BEGIN
result := jsonb_object_agg(
f.feature_key,
CASE WHEN f.enabled AND f.disabled_at IS NULL THEN true ELSE false END
)
FROM brand_features f
WHERE f.brand_id = p_brand_id;
-- If no features set, return empty object (env vars will be fallback)
RETURN COALESCE(result, '{}'::jsonb);
END;
$$;
-- RPC to set a single feature on/off
CREATE OR REPLACE FUNCTION set_brand_feature(
p_brand_id UUID,
p_feature_key TEXT,
p_enabled BOOLEAN
)
RETURNS BOOLEAN
LANGUAGE plpgsql
SECURITY DEFINER
AS $$
BEGIN
INSERT INTO brand_features (brand_id, feature_key, enabled, enabled_at)
VALUES (p_brand_id, p_feature_key, p_enabled, CASE WHEN p_enabled THEN now() ELSE NULL END)
ON CONFLICT (brand_id, feature_key)
DO UPDATE SET
enabled = p_enabled,
enabled_at = CASE WHEN p_enabled AND brand_features.enabled_at IS NULL THEN now() ELSE brand_features.enabled_at END,
disabled_at = CASE WHEN NOT p_enabled THEN now() ELSE NULL END;
RETURN true;
END;
$$;
-- Grant access
GRANT SELECT, INSERT, UPDATE, DELETE ON brand_features TO authenticated;
GRANT EXECUTE ON FUNCTION get_brand_features(UUID) TO authenticated;
GRANT EXECUTE ON FUNCTION set_brand_feature(UUID, TEXT, BOOLEAN) TO authenticated;