fixed permission issues

Preshy · Preshy · commit d27188a3ade9 · 2025-05-04T13:05:35.000+03:00
diff --git a/migrations/fix_crypto_payments_permissions.sql b/migrations/fix_crypto_payments_permissions.sql
diff --git a/migrations/simple_permissions_fix.sql b/migrations/simple_permissions_fix.sql
@@ -0,0 +1,48 @@
+-- SIMPLIFIED PERMISSIONS FIX WITHOUT ESCAPING ISSUES
+
+-- First, grant basic permissions directly to tables
+GRANT ALL ON TABLE public.stripe_payments TO postgres;
+GRANT ALL ON TABLE public.stripe_payments TO service_role;
+GRANT SELECT, INSERT, UPDATE ON TABLE public.stripe_payments TO authenticated;
+GRANT SELECT, INSERT, UPDATE ON TABLE public.stripe_payments TO anon;
+
+GRANT ALL ON TABLE public.crypto_payments TO postgres;
+GRANT ALL ON TABLE public.crypto_payments TO service_role;
+GRANT SELECT, INSERT, UPDATE ON TABLE public.crypto_payments TO authenticated;
+GRANT SELECT, INSERT, UPDATE ON TABLE public.crypto_payments TO anon;
+
+-- Enable Row Level Security with permissive policies
+ALTER TABLE public.stripe_payments ENABLE ROW LEVEL SECURITY;
+ALTER TABLE public.crypto_payments ENABLE ROW LEVEL SECURITY;
+
+-- Drop existing policies if they exist
+DROP POLICY IF EXISTS stripe_payments_policy ON public.stripe_payments;
+DROP POLICY IF EXISTS crypto_payments_policy ON public.crypto_payments;
+
+-- Create new policies
+CREATE POLICY stripe_payments_policy ON public.stripe_payments USING (true) WITH CHECK (true);
+CREATE POLICY crypto_payments_policy ON public.crypto_payments USING (true) WITH CHECK (true);
+
+-- Grant schema usage
+GRANT USAGE ON SCHEMA public TO public;
+GRANT USAGE ON SCHEMA public TO anon;
+GRANT USAGE ON SCHEMA public TO authenticated;
+GRANT USAGE ON SCHEMA public TO service_role;
+
+-- Grant permissions on sequences if they exist
+DO $$
+BEGIN
+  -- Grant permissions for all sequences in public schema
+  EXECUTE (
+    SELECT 'GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO authenticated;'
+  );
+  
+  EXECUTE (
+    SELECT 'GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO anon;'
+  );
+  
+  EXECUTE (
+    SELECT 'GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO service_role;'
+  );
+END
+$$;
diff --git a/src/services/payment-service.js b/src/services/payment-service.js
@@ -110,56 +110,21 @@ export const paymentService = {
         subscription = subData;
         
         // Next, create the crypto_payments record
-        // Wrap in try/catch to handle permission errors gracefully
-        let paymentData = null;
-        let paymentError = null;
-        
-        try {
-          const result = await supabase
-            .from('crypto_payments')
-            .insert([{
-              subscription_id: subscription.id,
-              amount: cryptoAmount,
-              currency: coin,
-              exchange_rate_usd: amount / cryptoAmount,
-              status: 'pending',
-              payment_data: {
-                fiat_amount: amount,
-                fiat_currency: 'USD'
-              }
-            }])
-            .select()
-            .single();
-            
-          paymentData = result.data;
-          paymentError = result.error;
-          
-          if (paymentError && paymentError.code === '42501') { // Permission denied
-            console.warn('Permission denied for crypto_payments table, using localStorage fallback instead');
-            
-            // Create a temporary payment object with a generated ID
-            // This will be stored in localStorage on the client until permissions are fixed
-            paymentData = {
-              id: crypto.randomUUID(),
-              subscription_id: subscription.id,
-              amount: cryptoAmount,
-              currency: coin,
-              exchange_rate_usd: amount / cryptoAmount,
-              status: 'pending',
-              payment_data: {
-                fiat_amount: amount,
-                fiat_currency: 'USD'
-              },
-              created_at: new Date().toISOString()
-            };
-            
-            // Reset the error since we're handling it with our fallback
-            paymentError = null;
-          }
-        } catch (err) {
-          console.error('Error creating crypto payment record:', err);
-          paymentError = err;
-        }
+        const { data: paymentData, error: paymentError } = await supabase
+          .from('crypto_payments')
+          .insert([{
+            subscription_id: subscription.id,
+            amount: cryptoAmount,
+            currency: coin,
+            exchange_rate_usd: amount / cryptoAmount,
+            status: 'pending',
+            payment_data: {
+              fiat_amount: amount,
+              fiat_currency: 'USD'
+            }
+          }])
+          .select()
+          .single();
           
         if (paymentError) throw paymentError;
         cryptoPayment = paymentData;
