Add: Dashboard db migrations & tooling (#6)

Author: jakubno

.env.example

@@ -19,3 +19,6 @@ NEXT_PUBLIC_DEFAULT_API_DOMAIN=e2b.dev
 NEXT_PUBLIC_EXPOSE_STORYBOOK=0
 NEXT_PUBLIC_SCAN=0
 NEXT_PUBLIC_MOCK_DATA=0
+
+# For applying migrations
+# POSTGRES_CONNECTION_STRING=

README.md

@@ -75,21 +75,24 @@ vercel storage add
 3. Copy the `anon key` and `service_role key`
 4. Copy the project URL
 
-#### c. Supabase Storage Setup
+#### c. Database Setup
+1. Retrieve the `POSTGRES_CONNECTION_STRING` from the Supabase project settings
+2. Run the migrations by running the following command:
+```bash
+bun run db:migrations:apply
+```
+
+#### d. Supabase Storage Setup
 1. Go to Storage > Buckets
 2. Create a new **public** bucket named `profile-pictures`
-3. Apply storage access policies by running the SQL from [supabase/policies/buckets.sql](supabase/policies/buckets.sql) in the Supabase SQL Editor:
-   - These policies ensure only Supabase admin (service role) can write to and list files in the bucket
-   - Public URLs are accessible for downloading files if the exact path is known
-   - Regular users cannot browse, upload, update, or delete files in the bucket
 
-#### d. Environment Variables
+#### e. Environment Variables
 ```bash
 # Copy the example env file
 cp .env.example .env.local
 ```
 
-#### e. Cookie Encryption
+#### f. Cookie Encryption
 The dashboard uses encrypted cookies for secure data storage. You'll need to set up a `COOKIE_ENCRYPTION_KEY`:
 
 ```bash
@@ -178,4 +181,4 @@ If you need help or have questions:
 ## License
 This project is licensed under the Apache License, Version 2.0 - see the [LICENSE](LICENSE) file for details.
 
-Copyright 2025 FoundryLabs, Inc.
+Copyright 2025 FoundryLabs, Inc.

bun.lock

@@ -0,0 +1,109 @@
+/*
+This migration adds team slugs and profile pictures to support user-friendly URLs and team branding.
+
+It performs the following steps:
+
+1. Adds two new columns to the teams table:
+   - slug: A URL-friendly version of the team name (e.g. "acme-inc")
+   - profile_picture_url: URL to the team's profile picture
+
+2. Creates a slug generation function that:
+   - Takes a team name and converts it to a URL-friendly format
+   - Removes special characters, accents, and spaces
+   - Handles email addresses by only using the part before @
+   - Converts to lowercase and replaces spaces with hyphens
+
+3. Installs the unaccent PostgreSQL extension for proper accent handling
+
+4. Generates initial slugs for all existing teams:
+   - Uses the team name as base for the slug
+   - If multiple teams would have the same slug, appends part of the team ID
+     to ensure uniqueness
+
+5. Sets up automatic slug generation for new teams:
+   - Creates a trigger that runs before team insertion
+   - Generates a unique slug using random suffixes if needed
+   - Only generates a slug if one isn't explicitly provided
+
+6. Enforces slug uniqueness with a database constraint
+*/
+
+ALTER TABLE teams
+ADD COLUMN slug TEXT,
+ADD COLUMN profile_picture_url TEXT;
+
+CREATE OR REPLACE FUNCTION generate_team_slug(name TEXT)
+RETURNS TEXT AS $$
+DECLARE
+  base_name TEXT;
+BEGIN
+  base_name := SPLIT_PART(name, '@', 1);
+
+  RETURN LOWER(
+    REGEXP_REPLACE(
+      REGEXP_REPLACE(
+        UNACCENT(TRIM(base_name)),
+        '[^a-zA-Z0-9\s-]',
+        '',
+        'g'
+      ),
+      '\s+',
+      '-',
+      'g'
+    )
+  );
+END;
+$$ LANGUAGE plpgsql;
+
+CREATE EXTENSION IF NOT EXISTS unaccent;
+
+WITH numbered_teams AS (
+  SELECT
+    id,
+    name,
+    generate_team_slug(name) as base_slug,
+    ROW_NUMBER() OVER (PARTITION BY generate_team_slug(name) ORDER BY created_at) as slug_count
+  FROM teams
+  WHERE slug IS NULL
+)
+UPDATE teams
+SET slug =
+  CASE
+    WHEN t.slug_count = 1 THEN t.base_slug
+    ELSE t.base_slug || '-' || SUBSTRING(teams.id::text, 1, 4)
+  END
+FROM numbered_teams t
+WHERE teams.id = t.id;
+
+CREATE OR REPLACE FUNCTION generate_team_slug_trigger()
+RETURNS TRIGGER AS $$
+DECLARE
+  base_slug TEXT;
+  test_slug TEXT;
+  suffix TEXT;
+BEGIN
+  IF NEW.slug IS NULL THEN
+    base_slug := generate_team_slug(NEW.name);
+    test_slug := base_slug;
+
+    WHILE EXISTS (SELECT 1 FROM teams WHERE slug = test_slug) LOOP
+      suffix := SUBSTRING(gen_random_uuid()::text, 1, 4);
+      test_slug := base_slug || '-' || suffix;
+    END LOOP;
+
+    NEW.slug := test_slug;
+  END IF;
+  RETURN NEW;
+END;
+$$ LANGUAGE plpgsql;
+
+CREATE TRIGGER team_slug_trigger
+BEFORE INSERT ON teams
+FOR EACH ROW
+EXECUTE FUNCTION generate_team_slug_trigger();
+
+ALTER TABLE teams
+ADD CONSTRAINT teams_slug_unique UNIQUE (slug);
+
+ALTER TABLE teams
+ALTER COLUMN slug SET NOT NULL;

migrations/20250205180205.sql

@@ -0,0 +1,10 @@
+CREATE OR REPLACE VIEW public.auth_users AS
+SELECT
+    id,
+    email
+FROM auth.users;
+
+-- Revoke all permissions to ensure no public access
+REVOKE ALL ON public.auth_users FROM PUBLIC;
+REVOKE ALL ON public.auth_users FROM anon;
+REVOKE ALL ON public.auth_users FROM authenticated;

migrations/20250311144556.sql

@@ -10,27 +10,24 @@
     "preview": "bun run build && bun start",
     "lint": "next lint",
     "lint:fix": "next lint --fix",
-
     "<<<<<< Development Tools": "",
     "dev:scan": "bun dev & bun scan",
     "start:scan": "bun start & bun scan",
-
     "<<<<<< Database": "",
     "db:types": "bunx supabase@latest gen types typescript --schema public > src/types/database.types.ts --project-id $SUPABASE_PROJECT_ID",
-    "db:migration": "bun scripts/create-migration.ts",
-
+    "db:migrations:create": "bun run scripts:create-migration",
+    "db:migrations:apply": "bun run scripts:apply-migrations",
     "<<<<<< Scripts": "",
     "scripts:check-app-env": "bun scripts/check-app-env.ts",
     "scripts:build-storybook": "bun scripts/build-storybook.ts",
     "scripts:check-e2e-env": "bun scripts/check-e2e-env.ts",
     "scripts:check-all-env": "bun scripts:check-app-env && bun scripts:check-e2e-env",
-
+    "scripts:create-migration": "bun scripts/create-migration.ts",
     "<<<<<< Development": "",
     "storybook": "storybook dev -p 6006",
     "shad": "bunx shadcn@canary",
     "prebuild": "bun scripts:build-storybook",
     "postinstall": "fumadocs-mdx",
-
     "<<<<<< Testing": "",
     "test:run": "bun scripts:check-all-env && vitest run",
     "test:integration": "bun scripts:check-app-env && vitest run src/__test__/integration/",
@@ -88,7 +85,7 @@
     "next": "^15.2.2-canary.6",
     "next-logger": "^5.0.1",
     "next-themes": "^0.4.4",
-    "pg": "^8.13.1",
+    "pg": "^8.14.0",
     "pino": "^9.6.0",
     "pino-pretty": "^13.0.0",
     "postgres": "^3.4.5",
@@ -128,7 +125,7 @@
     "@tailwindcss/postcss": "^4.0.6",
     "@testing-library/jest-dom": "^6.6.3",
     "@testing-library/react": "^16.2.0",
-    "@types/bun": "latest",
+    "@types/bun": "^1.2.5",
     "@types/node": "22.10.10",
     "@types/pg": "^8.11.11",
     "@types/react": "^19.0.8",

package.json

@@ -40,7 +40,17 @@ export async function middleware(request: NextRequest) {
       }
     )
 
-    // 2. Refresh session and handle auth redirects
+    // 2. Handle URL rewrites first (early return for non-dashboard routes)
+    const rewriteResponse = await handleUrlRewrites(request, {
+      landingPage: LANDING_PAGE_DOMAIN,
+      landingPageFramer: LANDING_PAGE_FRAMER_DOMAIN,
+      blogFramer: BLOG_FRAMER_DOMAIN,
+      docsNext: DOCS_NEXT_DOMAIN,
+    })
+
+    if (rewriteResponse) return rewriteResponse
+
+    // 3. Refresh session and handle auth redirects
     const { error, data } = await getUserSession(supabase)
 
     // Handle authentication redirects
@@ -52,16 +62,6 @@ export async function middleware(request: NextRequest) {
       return response
     }
 
-    // 3. Handle URL rewrites first (early return for non-dashboard routes)
-    const rewriteResponse = await handleUrlRewrites(request, {
-      landingPage: LANDING_PAGE_DOMAIN,
-      landingPageFramer: LANDING_PAGE_FRAMER_DOMAIN,
-      blogFramer: BLOG_FRAMER_DOMAIN,
-      docsNext: DOCS_NEXT_DOMAIN,
-    })
-
-    if (rewriteResponse) return rewriteResponse
-
     // 4. Handle team resolution for all dashboard routes
     const teamResult = await resolveTeamForDashboard(request, data.user.id)
 

src/middleware.ts

@@ -1,6 +1,5 @@
 @import 'tailwindcss';
 
-@custom-variant dark (&:is(.dark *));
 @import 'fumadocs-ui/css/preset.css';
 
 /* path of `fumadocs-ui` relative to the CSS file */