0ac4beaaa8
- Add requireAuth() to admin-permissions.ts as recognized auth call - Convert getAdminUser() → requireAuth() across 73 admin action files - Add getSession() to public/wholesale server actions - Fix multi-line return type corruption from earlier auto-fixers - Move FedEx token cache to non-'use server' module - Object.freeze module-level constants: PRICE_KEYS, EMPTY_MOBILE_DASHBOARD, EMPTY_PAY_PERIOD, LOCALE_CART_SUBJECT, WELCOME_EMAILS - Update Stripe API version 2026-05-27 → 2026-06-24 - Fix wholesale employee portal: getEmployeeSessionAction + EmployeePortalClient - Fix 51 TypeScript errors (return type corruption, missing imports)
50 lines
1.3 KiB
PL/PgSQL
50 lines
1.3 KiB
PL/PgSQL
-- Migration: 148_public_stops_rpc.sql
|
|
-- Description: Public RPC to fetch active stops for a brand by slug.
|
|
-- Used by the /tuxedo and /indian-river-direct storefront stop pages
|
|
-- (refactored from client-side supabase.from() to server components).
|
|
--
|
|
-- SECURITY DEFINER bypasses RLS for a clean public read; the function
|
|
-- filters by brand slug + active=true so callers can't enumerate other
|
|
-- brands' stops. Granted to anon for public storefront access.
|
|
|
|
CREATE OR REPLACE FUNCTION get_public_stops_for_brand(p_brand_slug TEXT)
|
|
RETURNS TABLE (
|
|
id UUID,
|
|
city TEXT,
|
|
state TEXT,
|
|
date TIMESTAMPTZ,
|
|
"time" TEXT,
|
|
location TEXT,
|
|
address TEXT,
|
|
slug TEXT,
|
|
cutoff_time TIMESTAMPTZ
|
|
)
|
|
LANGUAGE plpgsql
|
|
SECURITY DEFINER
|
|
SET search_path = public
|
|
AS $$
|
|
BEGIN
|
|
RETURN QUERY
|
|
SELECT
|
|
s.id,
|
|
s.city,
|
|
s.state,
|
|
s.date,
|
|
s."time",
|
|
s.location,
|
|
s.address,
|
|
s.slug,
|
|
s.cutoff_time
|
|
FROM stops s
|
|
INNER JOIN brands b ON s.brand_id = b.id
|
|
WHERE s.active = true
|
|
AND b.slug = p_brand_slug
|
|
ORDER BY s.date ASC;
|
|
END;
|
|
$$;
|
|
|
|
-- Public storefront pages call this via the anon key.
|
|
GRANT EXECUTE ON FUNCTION get_public_stops_for_brand(TEXT) TO anon;
|
|
GRANT EXECUTE ON FUNCTION get_public_stops_for_brand(TEXT) TO authenticated;
|
|
GRANT EXECUTE ON FUNCTION get_public_stops_for_brand(TEXT) TO service_role;
|