---
# nuzlocke-tracker-bnhh
title: User model, run ownership, and visibility migration
status: completed
type: task
priority: normal
created_at: 2026-03-20T15:28:18Z
updated_at: 2026-03-20T20:16:39Z
parent: nuzlocke-tracker-d98o
blocked_by:
    - nuzlocke-tracker-2561
---

Create a User model synced from Supabase Auth. Add owner_id FK to runs table. Add visibility column (public/private) to runs with default public. Existing runs will have NULL owner_id (unowned).

## Checklist
- [x] Create User model (id matches Supabase user UUID, email, display_name, created_at)
- [x] Alembic migration: create users table
- [x] Alembic migration: add owner_id (nullable FK to users) and visibility (enum: public/private, default public) to runs table
- [x] Update Run model with owner relationship and visibility field
- [x] Create user sync endpoint or webhook (on first login, upsert user record from Supabase JWT claims)
- [x] Update RunResponse schema to include owner and visibility
- [x] Add visibility enforcement: private runs return 403 unless requester is owner


## Summary of Changes

- Created `User` model in `backend/src/app/models/user.py` with UUID primary key (matching Supabase), email, display_name, and created_at fields
- Added Alembic migrations: `n5c6d7e8f9a0_create_users_table.py` and `o6d7e8f9a0b1_add_owner_and_visibility_to_runs.py`
- Updated `NuzlockeRun` model with `owner_id` FK, `visibility` enum (public/private), and `owner` relationship
- Created `POST /users/me` endpoint for user sync on first login (upserts from JWT claims)
- Added `GET /users/me` and `PATCH /users/me` for user profile management
- Updated `RunResponse` and `RunDetailResponse` schemas with `owner` and `visibility` fields
- Implemented visibility enforcement in `list_runs`, `get_run`, `update_run`, and `delete_run`
  - Private runs return 403 unless requester is owner
  - Unowned runs (legacy) remain accessible to all
  - Run list filters to show only public runs + user's own private runs