Add organization_id to review_feedback_knowledge_suggestion_mappings

[devin-ai-integration]

Add organization_id to review_feedback_knowledge_suggestion_mappings

Description

This PR adds an organization_id column to the review_feedback_knowledge_suggestion_mappings table with appropriate triggers and RLS policies, following the organization-based security pattern described in the ADR.

Changes

• Added organization_id column to review_feedback_knowledge_suggestion_mappings table
• Created trigger function to automatically set organization_id based on related tables
• Added RLS policies for both authenticated users and service role
• Generated type definitions and created overrides

Link to Devin run

https://app.devin.ai/sessions/819cf5a762ef4f2f81ac65f90694473e

Requested by

[email protected]

[changeset-bot]

⚠️ No Changeset found

Latest commit: 8487739

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
liam-app	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Apr 25, 2025 0:07am
liam-docs	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Apr 25, 2025 0:07am
liam-erd-sample	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Apr 25, 2025 0:07am

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring

[qodo-merge-pro-for-open-source]

CI Feedback 🧐

A test triggered by this PR failed. Here is an AI-generated analysis of the failure:

Action: frontend-ci

Failed stage: Run pnpm test:turbo [❌]

Failure summary: The action failed because of a TypeScript compilation error in the @liam-hq/db package. Specifically, in the file src/index.ts at line 14, there is an error trying to import the Tables member from the module "../supabase/database.types", but this member does not exist in that module. The error message is: src/index.ts(14,15): error TS2305: Module '"../supabase/database.types"' has no exported member 'Tables'. This caused the build process to fail with exit code 2.

Relevant error logs: 1: ##[group]Operating System 2: Ubuntu ... 157: ##[group]Run pnpm install --frozen-lockfile --prefer-offline 158: �[36;1mpnpm install --frozen-lockfile --prefer-offline�[0m 159: shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0} 160: env: 161: PNPM_HOME: /home/runner/setup-pnpm/node_modules/.bin 162: ##[endgroup] 163: Scope: all 17 workspace projects 164: Lockfile is up to date, resolution step is skipped 165: Progress: resolved 1, reused 0, downloaded 0, added 0 166: Packages: +1565 167: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 168: Progress: resolved 1565, reused 1009, downloaded 0, added 0 169: Progress: resolved 1565, reused 1552, downloaded 0, added 514 170: Progress: resolved 1565, reused 1552, downloaded 0, added 1328 171: Progress: resolved 1565, reused 1552, downloaded 0, added 1565, done 172: WARN  Failed to create bin at /home/runner/work/liam/liam/frontend/apps/erd-sample/node_modules/.bin/liam. ENOENT: no such file or directory, open '/home/runner/work/liam/liam/frontend/packages/cli/dist-cli/bin/cli.js' 173: devDependencies: ... 186: │ │ 187: │ Ignored build scripts: @biomejs/biome, @bundled-es-modules/glob, │ 188: │ @depot/cli, @prisma/client, @prisma/engines, @sentry/cli, core-js-pure, │ 189: │ esbuild, protobufjs, sharp, style-dictionary. │ 190: │ Run "pnpm approve-builds" to pick which dependencies should be allowed │ 191: │ to run scripts. │ 192: │ │ 193: ╰──────────────────────────────────────────────────────────────────────────────╯ 194: frontend/packages/jobs postinstall$ cp ../db-structure/node_modules/@ruby/prism/src/prism.wasm prism.wasm 195: frontend/apps/docs postinstall$ fumadocs-mdx 196: frontend/packages/jobs postinstall: Done 197: frontend/apps/docs postinstall: [MDX] types generated 198: frontend/apps/docs postinstall: Done 199: frontend/apps/app postinstall$ cp ../../packages/db-structure/node_modules/@ruby/prism/src/prism.wasm prism.wasm 200: frontend/apps/app postinstall: Done 201: WARN  Failed to create bin at /home/runner/work/liam/liam/frontend/apps/erd-sample/node_modules/.bin/liam. ENOENT: no such file or directory, open '/home/runner/work/liam/liam/frontend/apps/erd-sample/node_modules/@liam-hq/cli/dist-cli/bin/cli.js' 202: Done in 5.8s using pnpm v10.8.1 ... 930: [cp-prism] > @liam-hq/[email protected] gen:cp-prism /home/runner/work/liam/liam/frontend/packages/db-structure 931: [cp-prism] > cp node_modules/@ruby/prism/src/prism.wasm src/parser/schemarb/prism.wasm 932: [cp-prism] 933: [gen-tbls-schema] 934: [gen-tbls-schema] > @liam-hq/[email protected] gen:gen-tbls-schema /home/runner/work/liam/liam/frontend/packages/db-structure 935: [gen-tbls-schema] > node scripts/tblsJsonSchemaToZod.mjs 936: [gen-tbls-schema] 937: [cp-prism] pnpm run gen:cp-prism exited with code 0 938: [gen-tbls-schema] Successfully generated Zod schema at src/parser/tbls/schema.generated.ts 939: [gen-tbls-schema] pnpm run gen:gen-tbls-schema exited with code 0 940: ##[endgroup] 941: �[;31m@liam-hq/db:build�[;0m 942: cache miss, executing c1ddbe6008213bc6 943: > @liam-hq/[email protected] build /home/runner/work/liam/liam/frontend/packages/db 944: > tsc 945: ##[error]src/index.ts(14,15): error TS2305: Module '"../supabase/database.types"' has no exported member 'Tables'. 946: ELIFECYCLE  Command failed with exit code 2. 947: [ERROR] command finished with error: command (/home/runner/work/liam/liam/frontend/packages/db) /home/runner/setup-pnpm/node_modules/.bin/pnpm run build exited (2) 948: ##[group]@liam-hq/db-structure:build ... 951: > tsc && pnpm run cp:prism 952: ##[endgroup] 953: ##[group]@liam-hq/db-structure:test 954: cache miss, executing 02b2a662ea11b2b6 955: > @liam-hq/[email protected] test /home/runner/work/liam/liam/frontend/packages/db-structure 956: > vitest --watch=false 957: �[1m�[7m�[36m RUN �[39m�[27m�[22m �[36mv3.1.1 �[39m�[90m/home/runner/work/liam/liam/frontend/packages/db-structure�[39m 958: ##[endgroup] 959: ##[group]@liam-hq/erd-core:gen 960: cache miss, executing 22f7f9b8395fe2e6 961: > @liam-hq/[email protected] gen /home/runner/work/liam/liam/frontend/packages/erd-core 962: > concurrently "pnpm:gen:*" 963: [css] pnpm run gen:css exited with code SIGINT 964: ##[endgroup] 965: ##[group]@liam-hq/github:build 966: ##[error]@liam-hq/db#build: command (/home/runner/work/liam/liam/frontend/packages/db) /home/runner/setup-pnpm/node_modules/.bin/pnpm run build exited (2) 967: cache miss, executing ea29a5432baf2642 968: > @liam-hq/[email protected] build /home/runner/work/liam/liam/frontend/packages/github 969: > tsc 970: ##[endgroup] 971: Tasks: 3 successful, 8 total 972: Cached: 0 cached, 8 total 973: Time: 4.914s 974: Failed: @liam-hq/db#build 975: ERROR run failed: command exited (2) 976: ELIFECYCLE  Command failed with exit code 2. 977: ##[error]Process completed with exit code 2. 978: Post job cleanup.

[NoritakaIkeda]

• Authenticated users can only view review–knowledge mappings that belong to organizations they are members of.
• Service role can read and insert all review–knowledge mappings without restriction.
  If you're curious where this table is used, try grepping for .from('review_feedback_knowledge_suggestion_mappings') in the codebase.

[liam-migration-preview]

This migration adds an organization_id column to review_feedback_knowledge_suggestion_mappings along with a trigger and updated RLS policies to enforce organization-based data isolation. A key concern is ensuring that every row has a valid organization_id, especially for cases where both knowledge_suggestion_id and review_feedback_id are null, and the subqueries used may impact performance on large datasets. Overall, the changes are well-structured and improve security and consistency, though additional safeguards and performance checks are recommended.

Migration URL: https://liam-app-git-staging-route-06-core.vercel.app/app/projects/9d777f64-400a-42f3-a60e-98a59fc97279/ref/devin%2F1745499053-add-organization-id-review-feedback-knowledge-suggestion-mappings/migrations/b76d300b-44ae-42c7-8722-195e8a0941be

ER Diagram:

• View ERD for frontend/packages/db/schema/schema.sql: https://liam-app-git-staging-route-06-core.vercel.app/app/projects/9d777f64-400a-42f3-a60e-98a59fc97279/ref/devin%2F1745499053-add-organization-id-review-feedback-knowledge-suggestion-mappings/schema/frontend/packages/db/schema/schema.sql

[liam-migration]

This migration adds an organization_id column to review_feedback_knowledge_suggestion_mappings with trigger functions and enhanced RLS policies for organization-based data isolation. A few concerns include potential performance impacts from the subquery usage in the trigger and a need to confirm naming consistency with project standards. Overall, the migration is atomic, security‐focused, and improves data integrity.

Migration URL: https://liam-erd-web.vercel.app/app/projects/284f1bca-2633-4a93-9567-7bc98ab298f7/ref/devin%2F1745499053-add-organization-id-review-feedback-knowledge-suggestion-mappings/migrations/847b2561-a75d-42f3-98b0-00f85a41448c

ER Diagram:

• View ERD for frontend/packages/db/schema/schema.sql: https://liam-erd-web.vercel.app/app/projects/284f1bca-2633-4a93-9567-7bc98ab298f7/ref/devin%2F1745499053-add-organization-id-review-feedback-knowledge-suggestion-mappings/schema/frontend/packages/db/schema/schema.sql

[supabase]

Updates to Preview Branch (devin/1745499053-add-organization-id-review-feedback-knowledge-suggestion-mappings) ↗︎

Deployments	Status	Updated
Database	✅	Fri, 25 Apr 2025 12:04:38 UTC
Services	✅	Fri, 25 Apr 2025 12:04:38 UTC
APIs	✅	Fri, 25 Apr 2025 12:04:38 UTC

Tasks are run on every commit but only new migration files are pushed.
Close and reopen this PR if you want to apply changes from existing seed or migration files.

Tasks	Status	Updated
Configurations	✅	Fri, 25 Apr 2025 12:04:47 UTC
Migrations	✅	Fri, 25 Apr 2025 12:04:48 UTC
Seeding	✅	Fri, 25 Apr 2025 12:04:49 UTC
Edge Functions	✅	Fri, 25 Apr 2025 12:04:49 UTC

---

View logs for this Workflow Run ↗︎.
Learn more about Supabase for Git ↗︎.

[qodo-merge-pro-for-open-source]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ Recommended focus areas for review Function Naming The trigger function name in schema.sql is truncated compared to the migration file. The schema uses "set_review_feedback_knowledge_suggestion_mappings_organization_" while the migration uses the full name "set_review_feedback_knowledge_suggestion_mappings_organization_id". CREATE OR REPLACE FUNCTION "public"."set_review_feedback_knowledge_suggestion_mappings_organization_"() RETURNS "trigger" LANGUAGE "plpgsql" SECURITY DEFINER Trigger Name Mismatch The trigger name in schema.sql doesn't match the one in the migration file. The schema uses "set_review_feedback_knowledge_suggestion_mappings_organization_" while the migration uses "set_review_feedback_knowledge_suggestion_mappings_organization_id_trigger". CREATE OR REPLACE TRIGGER "set_review_feedback_knowledge_suggestion_mappings_organization_" BEFORE INSERT OR UPDATE ON "public"."review_feedback_knowledge_suggestion_mappings" FOR EACH ROW EXECUTE FUNCTION "public"."set_review_feedback_knowledge_suggestion_mappings_organization_"();

[qodo-merge-pro-for-open-source]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
Possible issue	Fix truncated function name The function name appears to be truncated. The function name should match the one used in the migration file which is "set_review_feedback_knowledge_suggestion_mappings_organization_id". frontend/packages/db/schema/schema.sql [373] -CREATE OR REPLACE FUNCTION "public"."set_review_feedback_knowledge_suggestion_mappings_organization_"() RETURNS "trigger" +CREATE OR REPLACE FUNCTION "public"."set_review_feedback_knowledge_suggestion_mappings_organization_id"() RETURNS "trigger" Apply this suggestion Suggestion importance[1-10]: 9 __ Why: The function name is indeed truncated in the schema.sql file compared to the migration file. This inconsistency could cause issues with database operations as the function names need to match exactly.	High
	Fix truncated trigger definition The trigger name and referenced function name are both truncated. They should match the names used in the migration file, which uses "set_review_feedback_knowledge_suggestion_mappings_organization_id" and adds "_trigger" suffix to the trigger name. frontend/packages/db/schema/schema.sql [899] -CREATE OR REPLACE TRIGGER "set_review_feedback_knowledge_suggestion_mappings_organization_" BEFORE INSERT OR UPDATE ON "public"."review_feedback_knowledge_suggestion_mappings" FOR EACH ROW EXECUTE FUNCTION "public"."set_review_feedback_knowledge_suggestion_mappings_organization_"(); +CREATE OR REPLACE TRIGGER "set_review_feedback_knowledge_suggestion_mappings_organization_id_trigger" BEFORE INSERT OR UPDATE ON "public"."review_feedback_knowledge_suggestion_mappings" FOR EACH ROW EXECUTE FUNCTION "public"."set_review_feedback_knowledge_suggestion_mappings_organization_id"(); Apply this suggestion Suggestion importance[1-10]: 9 __ Why: Both the trigger name and referenced function name are truncated in the schema.sql file. This inconsistency with the migration file could lead to database errors since the trigger would reference a function with an incorrect name.	High
Learned best practice	Validate query results before assignment Add validation to check if the queries return NULL values for organization_id, which could happen if the referenced IDs exist but related data is missing or incomplete. This prevents assigning NULL to a NOT NULL column. frontend/packages/db/supabase/migrations/20250424000000_add_organization_id_to_review_feedback_knowledge_suggestion_mappings.sql [36-55] IF NEW.knowledge_suggestion_id IS NOT NULL THEN - NEW.organization_id := ( - SELECT "organization_id" - FROM "public"."knowledge_suggestions" - WHERE "id" = NEW.knowledge_suggestion_id - ); + SELECT "organization_id" INTO NEW.organization_id + FROM "public"."knowledge_suggestions" + WHERE "id" = NEW.knowledge_suggestion_id; + + IF NEW.organization_id IS NULL THEN + RAISE EXCEPTION 'Could not find organization_id for knowledge_suggestion_id %', NEW.knowledge_suggestion_id; + END IF; ELSIF NEW.review_feedback_id IS NOT NULL THEN - NEW.organization_id := ( - SELECT p."organization_id" - FROM "public"."review_feedbacks" rf - JOIN "public"."overall_reviews" orv ON rf."overall_review_id" = orv."id" - JOIN "public"."projects" p ON orv."project_id" = p."id" - WHERE rf."id" = NEW.review_feedback_id - ); + SELECT p."organization_id" INTO NEW.organization_id + FROM "public"."review_feedbacks" rf + JOIN "public"."overall_reviews" orv ON rf."overall_review_id" = orv."id" + JOIN "public"."projects" p ON orv."project_id" = p."id" + WHERE rf."id" = NEW.review_feedback_id; + + IF NEW.organization_id IS NULL THEN + RAISE EXCEPTION 'Could not find organization_id for review_feedback_id %', NEW.review_feedback_id; + END IF; ELSE RAISE EXCEPTION 'Either knowledge_suggestion_id or review_feedback_id must be provided'; END IF; [To ensure code accuracy, apply this suggestion manually] Suggestion importance[1-10]: 6	Low
More