PublicArchive/supabase
2
0
Fork 0
mirror of https://github.com/supabase/supabase.git synced 2026-05-09 02:09:50 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
create-pull-request/patch
supabase/apps/studio/data/table-rows/get-cell-value-mutation.ts
T
Charis 0433eeb5f5 feat(studio): mark sql provenance for safety (#45336) 
Mark provenance of SQL via the branded types SafeSqlFragment and
UntrustedSqlFragment. Only SafeSqlFragment should be executed;
UntrustedSqlFragments require some kind of implicit user approval (show
on screen + user has to click something) before they are promoted to
SafeSqlFragment.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Editor and RLS tester show loading states for inferred/generated SQL
and include a dedicated user SQL editor for safer edits.

* **Refactor**
* Platform-wide SQL handling tightened: snippets and AI-generated SQL
are treated as untrusted/display-only until promoted, improving safety
and consistency.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-05-04 13:08:06 -04:00

66 lines
1.7 KiB
TypeScript
Raw Permalink Blame History

import { ident } from '@supabase/pg-meta'
import { Query } from '@supabase/pg-meta/src/query'
import { useMutation } from '@tanstack/react-query'
import { toast } from 'sonner'
import { executeSql } from '@/data/sql/execute-sql-query'
import type { ResponseError, UseCustomMutationOptions } from '@/types'
export type GetCellValueVariables = {
projectRef: string
connectionString?: string | null
table: { schema: string; name: string }
column: string
pkMatch: { [key: string]: any }
}
export function getCellValueSql({
table,
column,
pkMatch,
}: Pick<GetCellValueVariables, 'table' | 'column' | 'pkMatch'>) {
return new Query()
.from(table.name, table.schema ?? undefined)
.select(ident(column))
.match(pkMatch)
.toSql()
}
export async function getCellValue({
projectRef,
connectionString,
table,
column,
pkMatch,
}: GetCellValueVariables) {
const sql = getCellValueSql({ table, column, pkMatch })
const { result } = await executeSql({ projectRef, connectionString, sql })
return result?.[0][column]
}
type TableRowCreateData = Awaited<ReturnType<typeof getCellValue>>
export const useGetCellValueMutation = ({
onSuccess,
onError,
...options
}: Omit<
UseCustomMutationOptions<TableRowCreateData, ResponseError, GetCellValueVariables>,
'mutationFn'
> = {}) => {
return useMutation<TableRowCreateData, ResponseError, GetCellValueVariables>({
mutationFn: (vars) => getCellValue(vars),
async onSuccess(data, variables, context) {
await onSuccess?.(data, variables, context)
},
async onError(data, variables, context) {
if (onError === undefined) {
toast.error(data.message)
} else {
onError(data, variables, context)
}
},
...options,
})
}
Reference in New Issue View Git Blame Copy Permalink