myeasycms-v2/docker/db/dev-bootstrap.sh

#!/bin/sh
set -e

# ===========================================================================
# Docker dev bootstrap — runs AFTER app migrations
# Seeds the DB, removes MFA, patches is_super_admin for local dev (no aal2).
# ===========================================================================

PSQL="psql -v ON_ERROR_STOP=0 --no-password --no-psqlrc -U supabase_admin -d postgres -h supabase-db"

echo "🌱 Running seed.sql..."
$PSQL -f /app-seed/seed.sql 2>&1 || true

echo "🔓 Removing MFA factors for dev..."
$PSQL -c "DELETE FROM auth.mfa_factors;" 2>&1 || true
$PSQL -c "DELETE FROM auth.mfa_challenges;" 2>&1 || true

echo "🔄 Fixing auth sequences after seed import..."
$PSQL -c "SELECT setval('auth.refresh_tokens_id_seq', (SELECT COALESCE(MAX(id), 0) + 1 FROM auth.refresh_tokens));" 2>&1 || true
$PSQL -c "SELECT setval(pg_get_serial_sequence('public.role_permissions', 'id'), (SELECT COALESCE(MAX(id), 0) + 1 FROM public.role_permissions));" 2>&1 || true

echo "🔧 Patching is_super_admin() — skip aal2 for local dev..."
cat <<'EOSQL' | $PSQL
CREATE OR REPLACE FUNCTION public.is_super_admin() RETURNS boolean
LANGUAGE plpgsql SECURITY DEFINER AS $fn$
declare r boolean;
begin
  select (auth.jwt() ->> 'app_metadata')::jsonb ->> 'role' = 'super-admin' into r;
  return coalesce(r, false);
end $fn$;
EOSQL

echo "🌐 Adding anon read policy for public club pages..."
$PSQL -c "DO \$\$ BEGIN
  IF NOT EXISTS (SELECT 1 FROM pg_policy WHERE polname = 'accounts_public_read') THEN
    CREATE POLICY accounts_public_read ON public.accounts FOR SELECT TO anon
    USING (is_personal_account = false AND id IN (SELECT account_id FROM public.site_settings WHERE is_public = true));
  END IF;
  IF NOT EXISTS (SELECT 1 FROM pg_policy WHERE polname = 'events_public_read') THEN
    CREATE POLICY events_public_read ON public.events FOR SELECT TO anon
    USING (account_id IN (SELECT account_id FROM public.site_settings WHERE is_public = true));
  END IF;
  IF NOT EXISTS (SELECT 1 FROM pg_policy WHERE polname = 'courses_public_read') THEN
    CREATE POLICY courses_public_read ON public.courses FOR SELECT TO anon
    USING (account_id IN (SELECT account_id FROM public.site_settings WHERE is_public = true));
  END IF;
END \$\$;" 2>&1 || true
$PSQL -c "GRANT SELECT ON public.events TO anon;" 2>&1 || true
$PSQL -c "GRANT SELECT ON public.courses TO anon;" 2>&1 || true

echo "✅ Dev bootstrap complete."