2.0 KiB
2.0 KiB
title, status, type, priority, created_at, updated_at, parent, blocked_by
| title | status | type | priority | created_at | updated_at | parent | blocked_by | |
|---|---|---|---|---|---|---|---|---|
| User model, run ownership, and visibility migration | completed | task | normal | 2026-03-20T15:28:18Z | 2026-03-20T20:16:39Z | nuzlocke-tracker-d98o |
|
Create a User model synced from Supabase Auth. Add owner_id FK to runs table. Add visibility column (public/private) to runs with default public. Existing runs will have NULL owner_id (unowned).
Checklist
- Create User model (id matches Supabase user UUID, email, display_name, created_at)
- Alembic migration: create users table
- Alembic migration: add owner_id (nullable FK to users) and visibility (enum: public/private, default public) to runs table
- Update Run model with owner relationship and visibility field
- Create user sync endpoint or webhook (on first login, upsert user record from Supabase JWT claims)
- Update RunResponse schema to include owner and visibility
- Add visibility enforcement: private runs return 403 unless requester is owner
Summary of Changes
- Created
Usermodel inbackend/src/app/models/user.pywith UUID primary key (matching Supabase), email, display_name, and created_at fields - Added Alembic migrations:
n5c6d7e8f9a0_create_users_table.pyando6d7e8f9a0b1_add_owner_and_visibility_to_runs.py - Updated
NuzlockeRunmodel withowner_idFK,visibilityenum (public/private), andownerrelationship - Created
POST /users/meendpoint for user sync on first login (upserts from JWT claims) - Added
GET /users/meandPATCH /users/mefor user profile management - Updated
RunResponseandRunDetailResponseschemas withownerandvisibilityfields - Implemented visibility enforcement in
list_runs,get_run,update_run, anddelete_run- Private runs return 403 unless requester is owner
- Unowned runs (legacy) remain accessible to all
- Run list filters to show only public runs + user's own private runs