Skip to content

Commit d5a64b9

Browse files
dnywhdnywh
committed
minimise chat email webhook payload
1 parent e22f628 commit d5a64b9

1 file changed

Lines changed: 60 additions & 0 deletions

File tree

supabase/migrations/20260511085844_minimise_chat_email_webhook_payload.sql

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
-- The chat email Edge Function only needs the inserted message id. Keep the
2+
-- trigger payload minimal so message content and participant ids are not sent
3+
-- through the webhook request body.
4+
5+
create or replace function private.notify_new_chat_message()
6+
returns trigger
7+
language plpgsql
8+
security definer
9+
set search_path = ''
10+
as $$
11+
declare
12+
webhook_secret text;
13+
begin
14+
if to_regprocedure('net.http_post(text,jsonb,jsonb,jsonb,integer)') is null then
15+
raise warning 'Skipping chat message email webhook because pg_net is unavailable.';
16+
return new;
17+
end if;
18+
19+
if to_regclass('vault.decrypted_secrets') is not null then
20+
execute
21+
'select decrypted_secret from vault.decrypted_secrets where name = $1 limit 1'
22+
into webhook_secret
23+
using 'PEELS_CHAT_MESSAGE_WEBHOOK_SECRET';
24+
end if;
25+
26+
if webhook_secret is null or webhook_secret = '' then
27+
raise warning 'Skipping chat message email webhook because PEELS_CHAT_MESSAGE_WEBHOOK_SECRET is not set in Vault.';
28+
return new;
29+
end if;
30+
31+
begin
32+
perform net.http_post(
33+
url := 'http://kong:8000/functions/v1/send-email-for-new-chat-message',
34+
body := jsonb_build_object(
35+
'type', tg_op,
36+
'table', tg_table_name,
37+
'schema', tg_table_schema,
38+
'record', jsonb_build_object('id', new.id),
39+
'old_record', null
40+
),
41+
params := '{}'::jsonb,
42+
headers := jsonb_build_object(
43+
'Content-Type', 'application/json',
44+
'x-peels-webhook-secret', webhook_secret
45+
),
46+
timeout_milliseconds := 5000
47+
);
48+
exception
49+
when others then
50+
raise warning 'Skipping chat message email webhook because the request failed: %', sqlerrm;
51+
end;
52+
53+
return new;
54+
end;
55+
$$;
56+
57+
alter function private.notify_new_chat_message() owner to postgres;
58+
59+
revoke all privileges on function private.notify_new_chat_message()
60+
from anon, authenticated, public;

0 commit comments

Comments
 (0)