chore: Backwards compatible migration support (#618)

* This PR modifications our migrations so that upgrades are possible as well as making them backwards compatible with instances of the v0.7.2 LFAI release.

packages/api/supabase/migrations/20240422015807_v0.7.0-all.sql → packages/api/supabase/migrations/20240322174520_v0.7.2_api_sql_schema.sql

@@ -1,11 +1,11 @@
 -- Create a table to store the OpenAI File Objects
-create table
+create table if not exists
   file_objects (
     id uuid primary key DEFAULT uuid_generate_v4(),
     bytes int,
-    created_at bigint default extract(epoch from now()) not null,
+    created_at bigint,
     filename text,
-    object text check (object in ('file')),
+    object text,
     purpose text,
     status text,
     status_details text
@@ -15,4 +15,8 @@ create table
 insert into storage.buckets
   (id, name, public)
 values
-  ('file_bucket', 'files', true);
+  ('file_bucket', 'files', true)
+on CONFLICT (id)
+DO UPDATE SET
+  name = EXCLUDED.name,
+  public = EXCLUDED.public;

packages/api/supabase/migrations/20240610185420_file_objects.sql

@@ -0,0 +1,3 @@
+ALTER TABLE file_objects ALTER COLUMN created_at SET DEFAULT extract(epoch from now());
+ALTER TABLE file_objects ALTER COLUMN created_at SET NOT NULL;
+ALTER TABLE file_objects ADD CHECK (object in ('file'));

src/leapfrogai_ui/supabase/migrations/20240322174521_v0.7.2_ui_sql_schema.sql

@@ -0,0 +1,121 @@
+-- Create tables
+create table if not exists profiles (
+                          id uuid references auth.users not null primary key,
+                          updated_at timestamp with time zone,
+                          username text unique,
+                          full_name text,
+                          avatar_url text,
+                          website text,
+                          constraint username_length check (char_length(username) >= 3)
+);
+
+-- Set up Storage!
+insert into storage.buckets
+(id, name, public)
+values
+    ('assistant_avatars', 'assistant_avatars', true)
+ON CONFLICT (id)
+DO UPDATE SET
+    name = EXCLUDED.name,
+    public = EXCLUDED.public;
+
+-- These are user profiles avatars, currently not used by app and will be removed soon
+insert into storage.buckets (id, name)
+values ('avatars', 'avatars')
+ON CONFLICT (id)
+DO UPDATE SET
+    name = EXCLUDED.name;
+
+-- RLS policies
+alter table profiles enable row level security;
+
+DO $$
+BEGIN
+    IF NOT EXISTS(SELECT 1 FROM pg_policies WHERE schemaname = 'public'
+      AND tablename  = 'profiles'
+      AND policyname = 'Public profiles are viewable by everyone.')
+        THEN create policy "Public profiles are viewable by everyone." on profiles
+          for select using (true);
+    END IF;
+
+    IF NOT EXISTS(SELECT 1 FROM pg_policies WHERE schemaname = 'public'
+      AND tablename  = 'profiles'
+      AND policyname = 'Users can insert their own profile.')
+        THEN create policy "Users can insert their own profile." on profiles
+          for insert with check (auth.uid() = id);
+    END IF;
+
+    IF NOT EXISTS(SELECT 1 FROM pg_policies WHERE schemaname = 'public'
+      AND tablename  = 'profiles'
+      AND policyname = 'Users can insert their own profile.')
+        THEN create policy "Users can update own profile." on profiles
+          for update using (auth.uid() = id);
+    END IF;
+END $$;
+
+-- Policies for avatars
+DO $$
+BEGIN
+    IF NOT EXISTS(SELECT 1 FROM pg_policies WHERE schemaname = 'storage'
+      AND tablename  = 'objects'
+      AND policyname = 'Avatar images are publicly accessible.')
+        THEN create policy "Avatar images are publicly accessible." on storage.objects
+          for select using (bucket_id = 'avatars');
+    END IF;
+
+    IF NOT EXISTS(SELECT 1 FROM pg_policies WHERE schemaname = 'storage'
+      AND tablename  = 'objects'
+      AND policyname = 'Anyone can update their own avatar.')
+        THEN create policy "Anyone can update their own avatar." on storage.objects
+          for update using (auth.uid() = owner) with check (bucket_id = 'avatars');
+    END IF;
+
+    IF NOT EXISTS(SELECT 1 FROM pg_policies WHERE schemaname = 'storage'
+      AND tablename  = 'objects'
+      AND policyname = 'Anyone can upload an assistant avatar.')
+        THEN create policy "Anyone can upload an assistant avatar." on storage.objects
+          for insert with check (bucket_id = 'assistant_avatars');
+    END IF;
+END $$;
+
+-- Policies for assistant_avatars
+DO $$
+BEGIN
+    IF NOT EXISTS(SELECT 1 FROM pg_policies WHERE schemaname = 'storage'
+      AND tablename  = 'objects'
+      AND policyname = 'Assistant Avatar images are publicly accessible.')
+        THEN create policy "Assistant Avatar images are publicly accessible." on storage.objects
+          for select using (bucket_id = 'assistant_avatars');
+    END IF;
+
+    IF NOT EXISTS(SELECT 1 FROM pg_policies WHERE schemaname = 'storage'
+      AND tablename  = 'objects'
+      AND policyname = 'Anyone can update their own assistant avatars.')
+        THEN create policy "Anyone can update their own assistant avatars." on storage.objects
+          for update using (auth.uid() = owner) with check (bucket_id = 'assistant_avatars');
+    END IF;
+
+    IF NOT EXISTS(SELECT 1 FROM pg_policies WHERE schemaname = 'storage'
+      AND tablename  = 'objects'
+      AND policyname = 'Anyone can upload an assistant avatar.')
+        THEN create policy "Anyone can upload an assistant avatar." on storage.objects
+          for insert with check (bucket_id = 'assistant_avatars');
+    END IF;
+END $$;
+
+
+-- This trigger automatically creates a profile entry when a new user signs up via Supabase Auth.
+-- See https://supabase.com/docs/guides/auth/managing-user-data#using-triggers for more details.
+DROP TRIGGER IF EXISTS on_auth_user_created on auth.users;
+DROP FUNCTION IF EXISTS public.handle_new_user();
+create function public.handle_new_user()
+    returns trigger as $$
+begin
+insert into public.profiles (id, full_name)
+values (new.id, new.raw_user_meta_data->>'full_name');
+return new;
+end;
+$$ language plpgsql security definer;
+create trigger on_auth_user_created
+    after insert on auth.users
+    for each row execute procedure public.handle_new_user();

src/leapfrogai_ui/supabase/migrations/20240522134301_profile_0.8_migration.sql

@@ -14,4 +14,13 @@ SELECT id, full_name
 FROM profiles_old;
 
 -- Drop the old table if the data transfer is successful
--- DROP TABLE profiles_old;
+DROP TABLE profiles_old;
+
+-- Enable row level security and set policies on the profiles
+alter table profiles enable row level security;
+create policy "Users can view their own profiles" on profiles
+    for select using  (auth.uid() = id);
+create policy "Users can insert their own profile." on profiles
+    for insert with check (auth.uid() = id);
+create policy "Users can update own profile." on profiles
+    for update using (auth.uid() = id);

src/leapfrogai_ui/supabase/migrations/20240523233951_0.8_ui_migration.sql

@@ -1,3 +1,4 @@
+-- Drop tables we no longer need (These tables are managed by the API now)
 DO $$
 BEGIN
     BEGIN
@@ -7,25 +8,8 @@ BEGIN
     BEGIN
         DROP TABLE IF EXISTS conversations;
     END;
-END $$;
-
--- Drop the existing trigger
-drop trigger if exists on_auth_user_created on auth.users;
-
--- Drop the existing function
-drop function if exists public.handle_new_user();
-
--- Create the new function without the avatar_url field
-create function public.handle_new_user()
-    returns trigger as $$
-begin
-insert into public.profiles (id, full_name)
-values (new.id, new.raw_user_meta_data->>'full_name');
-return new;
-end;
-$$ language plpgsql security definer;
 
--- Recreate the trigger
-create trigger on_auth_user_created
-    after insert on auth.users
-    for each row execute procedure public.handle_new_user();
+    BEGIN
+        DROP TABLE IF EXISTS assistants;
+    END;
+END $$;