* chore: bump version to 2.23.2 and enhance team account creation
- Updated application version from 2.23.1 to 2.23.2 in package.json.
- Enhanced team account creation to support slugs for non-Latin names, including validation and UI updates.
- Updated localization files to reflect new slug requirements and error messages.
- Refactored related schemas and server actions to accommodate slug handling in team account creation and updates.
* refactor: remove old trigger and function for adding current user to new account
- Dropped the trigger "add_current_user_to_new_account" and the associated function from the database schema.
- Updated permissions for the function public.create_team_account to ensure proper access control.
* chore: bump version to 2.22.1 and update dependencies
- Updated application version from 2.22.0 to 2.22.1 in package.json.
- Updated various dependencies including @marsidev/react-turnstile to 1.4.1, @stripe/react-stripe-js to 5.4.1, @stripe/stripe-js to 8.6.1, and react-hook-form to 7.70.0.
- Adjusted lucide-react version to be referenced from the catalog across multiple package.json files.
- Enhanced consistency in pnpm-lock.yaml and pnpm-workspace.yaml with updated package versions.
* chore: bump version to 2.23.0 and update dependencies
- Updated application version from 2.22.1 to 2.23.0 in package.json.
- Upgraded turbo dependency from 2.7.1 to 2.7.3 in package.json and pnpm-lock.yaml.
- Enhanced end-to-end testing documentation in AGENTS.md and CLAUDE.md with instructions for running tests.
- Updated AuthPageObject to use a new secret for user creation in auth.po.ts.
- Refactored team ownership transfer and member role update dialogs to close on success.
- Improved error handling for weak passwords in AuthErrorAlert component.
- Adjusted database schemas and tests to reflect changes in invitation policies and role management.
* chore: bump version to 2.19.3 in package.json and optimize nonce verification logic in SQL schema
- Incremented application version from 2.19.2 to 2.19.3 in package.json.
- Enhanced nonce verification function in 12-one-time-tokens.sql for improved performance and concurrency handling.
* Update AGENTS.md and CLAUDE.md for improved clarity and structure
* Added MCP Server
* Added missing triggers to tables that should have used them
* Updated all dependencies
* Fixed rare bug in React present in the Admin layout which prevents navigating to pages (sometimes...)
1. Added declarative schemas to Supabase
2. Added Cursor Ignore to ignore some files from Cursor
3. Added Prettier Ignore to ignore some files from Prettier
4. Formatted files so that PG Schema diff won't return any changes
* Allow Super Admin to view tables using RLS
* Replace previous usages of the Admin client using the authed client using the new RLS
* Enforce MFA for Super Admin users
* Enforce RLS when user opted in to MFA.
* Add Super Admin Access Policies and Update Database Types
* Consolidate super admin logic into a single function that uses the RPC is_super_admin
* Added Super Admin E2E tests
* Fixes and improvements
* Bump version to 2.5.0
One-Time Password (OTP) package added with comprehensive token management, including OTP verification for team account deletion and ownership transfer.
Adjusted the SQL query to include a condition for roles at the same hierarchy level. This ensures that users with the same level of permission can properly manage invitations, improving the accuracy of role-based access control.
The trigger "add_current_user_to_new_account" has been updated to execute only when a new account is not personal. This adjustment to the trigger condition will ensure the function kit.add_current_user_to_new_account() only fires in these circumstances.
The RLS policy restricted non-uuid file names from being uploaded to ANY bucket.
This was caused by the "or" condition in the policy. This fixes that by wrapping both "or" conditions in a single set of parentheses.
Changed BillingEventHandlerService from a class to a method. Also, the SQL permissions for service_role on public.order_items table have been updated to include insert, update and delete operations. Additionally, made adjustment to configuration values in the billing.sample.config.ts file.
This commit updates the product_id and variant_id in both the subscription_items and order_items in the billing tests. Updates also include adding new checks to verify these changes. Changes are reflected in corresponding SQL files for personal and team billing subscriptions/orders tests.
This commit includes a significant change in the way subscriptions and orders are handled. It introduces the ability to update existing orders and subscriptions, including adding and deleting items. The diff also adds checks to ensure that only valid items can be read, and adds corresponding test cases to verify these changes.
This commit includes updates to the SQL tests for the database layer handling memberships and invitations. Test cases are improved and expanded. It also introduces some changes to the underlying schema, including creation of new indices on the 'accounts' table and several adjustments to function definitions with regard to how user IDs are accessed. Also, some views related to user accounts are redefined for better data handling.
This commit refactor the role management, removing the dependencies on account ids throughout our system. Changes include removing account id related attributes in the roles table schema and functions, modifying seed data and simplifying the role data provider code. This makes role structure more generic and simplifies the role handling process.
Several updates are made to the notification model, mainly removing the 'entity_id', 'entity_type', and 'language_code' fields from the properties. We've also updated the 'accounts_memberships' table, by preventing its updates except for 'account_role'.
This commit updates the database schema to enhance security by revoking access of all tables from authenticated and service_role before granting select or relevant access. It further modifies SQL function syntax formatting and defines new types for notifications. Also, it adds a new test for the notification functionality to check the permission levels of different users and their ability to insert and read notifications.
This update includes creating new files for the notifications feature along with adding two feature flags for enabling notifications and realtime notifications. All the code and package dependencies required for the notifications functionality have been added. The 'pnpm-lock.yaml' has also been updated due to the inclusion of new package dependencies.
The search path in various database functions has been updated to '' for uniformity and security reasons. Additionally, new indices were added for the 'accounts_memberships' and 'invitations' tables to improve database performance. Some references to 'app_permissions' have also been updated to 'public.app_permissions' ensuring proper data access.
The large update includes optimization for account and role management. The code has been revised for better readability and efficiency. Changes include formatting updates and enhancements to the creation and handling of accounts, roles, and memberships. Privacy settings have also been adjusted to provide more secure handling of user data. Code comments have been updated for better understanding of the functions.
The key changes made in this code include the addition of a Super Admin layout. Also, subscription functionalities are updated and optimized. This ensures read, write permissions are specific to the relevant user and a helper function has been implemented to check if an account has an active subscription. Furthermore, UI enhancements have been made to the accounts table in the administration section. The seed data has also been modified.
This commit refactors Supabase test cases to reflect the updated account actioning mechanism. The "makerkit.get_user_id" function calls were replaced with the new "tests.get_supabase_uid" function, aligning with the testing structure update. It also introduces new policies which further refine user role actions with more precise checks, replacing the old 'delete' policy with the more comprehensive 'can_action_account_member' function. New test cases for updating memberships and deleting memberships have also been added.
Extended the account ownership transfer tests and implemented several updates. This includes transferring the ownership only to an existing account member, sorting team members based on role hierarchy and whether a member is the primary owner. In the permissions check, prevented non-members from creating invitations and enhanced the styling of role badges depending on if they are custom or not.
New test files for database functionalities like transfer of ownership, schema conditions, and updating roles have been added. Changes have also been made in the schema.sql file for checking the role hierarchy levels and updating rules for permissions. Modifications in account permissions test have also been performed for more accuracy.
This commit removes the membersTabDescription, updates the deleteAccountDescription text in the localization files, and adds a condition to check permissions in account invitation component. It also includes test credentials in README and provides a significant amount of seed data for testing the database.
The commit removes semicolons at the ends of lines and makes updates to the Database object in the `database.types.ts` file. This better aligns the syntax with TypeScript norms. It also affects many database relationships, including but not limited to `Accounts`, `Roles`, and `Subscriptions`.
The e2e test configuration has been modified to take screenshots only on failure and the dev server code has been adjusted for better project directory handling. The "supabase:reset" command in package.json no longer starts the server after reset. Default roles 'owner' and 'member' are also now seeded into the roles table, and constraints in the roles table and its associated functions have been updated to manage hierarchy levels and role naming more effectively.
This commit adds data testing attributes to key elements in the team account invitations features. It also modifies e2e tests to make use of these attributes. Additionally, it introduces minor tweaks to other parts of the system to better facilitate testing, such as adjustments in timeouts and update of some log messages.
Multiple updates are made to refine the account management features, including updating the 'Your Teams' text to show the number of teams, and modifying the form data validation process in the 'deletePersonalAccountAction' service. Additionally, improvements have been made in test configurations including updating the test timeout settings, taking screenshots when a test fails, and adjusting the location for saving Playwright reports.
The Next.js version has been updated across multiple dependencies in the pnpm-lock file. This ensures consistency, removes instances of the canary version, and aligns all packages to use the stable 14.2.0 release.
Refactored several Supabase client functions and updated them to use generics. Also, the '@kit/supabase-config' package was removed from the project and all references were replaced accordingly. The project's dependencies were updated as well, including the Supabase package which was upgraded to the latest version.
