Enforce RLS when user opted in to MFA. (#188)

* Allow Super Admin to view tables using RLS * Replace previous usages of the Admin client using the authed client using the new RLS * Enforce MFA for Super Admin users * Enforce RLS when user opted in to MFA. * Add Super Admin Access Policies and Update Database Types * Consolidate super admin logic into a single function that uses the RPC is_super_admin * Added Super Admin E2E tests * Fixes and improvements * Bump version to 2.5.0
2025-03-02 10:21:01 +07:00
parent 9cf7bf0aac
commit 131b1061e6
61 changed files with 2193 additions and 302 deletions
--- a/apps/e2e/tests/authentication/auth.po.ts
+++ b/apps/e2e/tests/authentication/auth.po.ts
@@ -1,4 +1,5 @@
 import { Page, expect } from '@playwright/test';
+import { TOTP } from 'totp-generator';

 import { Mailbox } from '../utils/mailbox';

@@ -46,6 +47,21 @@ export class AuthPageObject {
    await this.page.click('button[type="submit"]');
  }

+  async submitMFAVerification(key: string) {
+    const period = 30;
+
+    const { otp } = TOTP.generate(key, {
+      period,
+    });
+
+    console.log(`OTP ${otp} code`, {
+      period,
+    });
+
+    await this.page.fill('[data-input-otp]', otp);
+    await this.page.click('[data-test="submit-mfa-button"]');
+  }
+
  async visitConfirmEmailLink(
    email: string,
    params: {