squarefi-bff-api-module 1.32.1 → 1.32.2

package/FIXED_RLS_ERROR.md

@@ -1,146 +0,0 @@
-# ✅ Fixed: RLS Policy Error
-
-## ❌ Problem
-```
-new row violates row-level security policy
-```
-
-## ✅ Solution
-All functions now accept `authToken` parameter!
-
-## 🚀 Quick Fix
-
-### Before (Error):
-```typescript
-const result = await uploadFile({
-  file: myFile,
-  fileName: 'test.pdf',
-  userId: 'user-123',
-});
-// ❌ Error: RLS policy violation
-```
-
-### After (Works):
-```typescript
-const authToken = 'your-jwt-token'; // From Supabase Auth
-
-const result = await uploadFile({
-  file: myFile,
-  fileName: 'test.pdf',
-  userId: 'user-123',
-  authToken, // ← Add this!
-});
-// ✅ Success!
-```
-
-## 📱 React Hook Usage
-
-```typescript
-import { useFileUpload } from 'squarefi-bff-api-module';
-
-function MyComponent() {
-  const authToken = 'your-jwt-token'; // Get from your auth
-  
-  const { upload } = useFileUpload({
-    userId: 'user-123',
-    authToken, // ← Add this!
-  });
-  
-  return <input type="file" onChange={(e) => upload(e.target.files[0])} />;
-}
-```
-
-## 🔑 How to Get Auth Token
-
-### Option 1: From Supabase
-
-```typescript
-import { supabaseClient } from 'squarefi-bff-api-module';
-
-const { data: { session } } = await supabaseClient.auth.getSession();
-const authToken = session?.access_token;
-```
-
-### Option 2: From Browser (for testing)
-
-1. Login to your app
-2. Open Console (F12)
-3. Run:
-```javascript
-const session = await supabaseClient.auth.getSession();
-console.log(session.data.session.access_token);
-```
-4. Copy the token
-
-### Option 3: From Your Auth System
-
-```typescript
-// From localStorage
-const authToken = localStorage.getItem('access_token');
-
-// From auth context
-const { accessToken } = useAuth();
-```
-
-## 📝 Updated API
-
-All these functions now accept `authToken`:
-
-| Function | Signature |
-|----------|-----------|
-| `uploadFile` | `uploadFile({..., authToken})` |
-| `getSignedUrl` | `getSignedUrl({..., authToken})` |
-| `deleteFile` | `deleteFile(path, bucket, authToken)` |
-| `deleteFiles` | `deleteFiles(paths, bucket, authToken)` |
-| `listUserFiles` | `listUserFiles(userId, bucket, authToken)` |
-| `downloadFile` | `downloadFile(path, bucket, authToken)` |
-
-## 🧪 Test Example
-
-```typescript
-// 1. Get auth token
-const authToken = 'eyJhbGci...'; // Your JWT token
-
-// 2. Upload with token
-const result = await uploadFile({
-  file: myFile,
-  fileName: 'test.pdf',
-  userId: 'user-123',
-  authToken,
-});
-
-console.log(result.success); // true
-console.log(result.path); // user-123/test.pdf
-```
-
-## 🔒 Why This Works
-
-RLS policies check `auth.uid()` from JWT token:
-
-```sql
--- Policy requires authenticated user
-WITH CHECK (
-  (storage.foldername(name))[1] = auth.uid()::text
-)
-```
-
-- ❌ **Without token**: `auth.uid()` = NULL → Policy fails
-- ✅ **With token**: `auth.uid()` = user ID → Policy passes
-
-## 📚 Full Documentation
-
-- **AUTH_TOKEN_USAGE.md** - Complete guide with examples
-- **FRONTEND_STORAGE_GUIDE.md** - React usage
-- **STORAGE_MODULE.md** - Full API reference
-
-## ✅ Changes Summary
-
-- ✅ Added `authToken` parameter to all storage functions
-- ✅ Updated hooks (`useFileUpload`, `useUserFiles`)
-- ✅ Backward compatible (token is optional)
-- ✅ Creates authenticated client when token provided
-- ✅ Project builds successfully
-
-Now you can upload files from authenticated users! 🎉
-
-

package/QUICK_TEST.md

@@ -1,127 +0,0 @@
-# Quick Test Guide ⚡
-
-## ✅ Исправлено!
-
-HTML тест был исправлен. Основные проблемы:
-- Неправильная инициализация Supabase клиента
-- Незакрытый тег script
-- Неправильные ссылки на клиент
-
-## 🧪 Как протестировать СЕЙЧАС
-
-### 1. Откройте test-storage.html в браузере
-
-Просто двойной клик на файл или:
-```bash
-open test-storage.html  # macOS
-```
-
-### 2. Что вы должны увидеть
-
-✅ **Зеленый статус** вверху: "✅ Connected to Supabase"
-
-❌ Если видите **красный статус** - проверьте консоль браузера (F12)
-
-### 3. Нажмите "Test Connection"
-
-Должно показать:
-```
-✅ Connection successful!
-
-Available buckets:
-[...список бакетов...]
-```
-
-### 4. Попробуйте загрузить файл
-
-❌ **Если получите ошибку** типа:
-- "Bucket not found" → Нужно создать бакет (см. ниже)
-- "Permission denied" → Нужно настроить RLS (см. ниже)
-
-## ⚠️ Перед загрузкой файлов
-
-Нужно выполнить SQL скрипт в Supabase:
-
-1. Откройте: https://dpwavvgrlklpuoddutdp.supabase.co
-2. Перейдите в **SQL Editor**
-3. Скопируйте весь файл `scripts/supabase-storage-setup.sql`
-4. Вставьте и нажмите **RUN**
-
-Это создаст:
-- ✅ Бакеты: user-files, documents, images
-- ✅ RLS политики для безопасности
-- ✅ Функцию is_super_admin()
-
-## 🔍 Ожидаемые результаты
-
-### ✅ Если SQL выполнен:
-- "Test Connection" → Показывает 3 бакета
-- "Upload File" → Файл загружается успешно
-- "List Files" → Показывает загруженные файлы
-- "Get Signed URL" → Генерирует рабочую ссылку
-
-### ❌ Если SQL НЕ выполнен:
-- "Test Connection" → Может показать пустой список бакетов
-- "Upload File" → Ошибка "Bucket not found"
-- "List Files" → Ошибка
-
-## 🚀 Node.js тест (альтернатива)
-
-```bash
-node test-storage.js
-```
-
-Покажет:
-```
-🔍 Testing Supabase Storage Module...
-
-1. Testing Supabase client initialization...
-   ✅ Supabase client initialized successfully
-   
-2. Testing getPublicUrl function...
-   ✅ getPublicUrl works
-   
-✨ Basic tests completed!
-```
-
-## 🐛 Troubleshooting
-
-### Консоль показывает "supabase is not defined"
-- Проблема с CDN загрузкой
-- Попробуйте обновить страницу (F5)
-- Проверьте интернет-соединение
-
-### "Failed to fetch"
-- Проверьте URL и ключ в test-storage.html
-- Убедитесь, что Supabase проект активен
-
-### "Bucket not found"  
-- Выполните SQL скрипт
-- Проверьте название бакета (должно быть 'user-files')
-
-### Files не загружаются
-- SQL скрипт не выполнен
-- RLS политики не настроены
-- Неправильный формат user ID
-
-## 📊 Что дальше?
-
-После успешного теста:
-
-1. ✅ Используйте модуль в React:
-```tsx
-import { useFileUpload } from 'squarefi-bff-api-module';
-```
-
-2. ✅ Прочитайте документацию:
-- `docs/FRONTEND_STORAGE_GUIDE.md` - Для React
-- `docs/STORAGE_MODULE.md` - Полное API
-- `docs/STORAGE_QUICK_START.md` - Быстрый старт
-
-3. ✅ Настройте `is_super_admin()` под вашу схему пользователей
-
-## ✨ Готово!
-
-Модуль протестирован и готов к использованию!
-
-

package/STORAGE_MODULE_SUMMARY.md

@@ -1,228 +0,0 @@
-# Storage Module - Implementation Summary ✅
-
-## What Was Created
-
-### Core Module Files
-✅ **src/utils/fileStorage.ts** - Main storage module with functions:
-- `uploadFile()` - Upload files to Supabase Storage
-- `getSignedUrl()` - Get temporary signed URLs (for end users)
-- `getPublicUrl()` - Get permanent URLs (for backend with service key)
-- `deleteFile()` / `deleteFiles()` - Delete files
-- `listUserFiles()` - List user's files
-- `downloadFile()` - Download file as Blob
-- Constants: `DEFAULT_BUCKET`, `DOCUMENTS_BUCKET`, `IMAGES_BUCKET`
-
-✅ **src/hooks/useFileUpload.ts** - React hook for file uploads
-- Handles upload state, progress, errors
-- Automatic retry logic
-- TypeScript types included
-
-✅ **src/hooks/useUserFiles.ts** - React hook for file management
-- Auto-load files on mount
-- Auto-generate signed URLs
-- Delete single/multiple files
-- Reload functionality
-
-### Setup & Configuration
-✅ **scripts/supabase-storage-setup.sql** - SQL script to:
-- Create buckets: `user-files`, `documents`, `images` (all private)
-- Set up RLS policies for user-level access
-- Create `is_super_admin()` function
-- Enable Row Level Security
-
-### Documentation
-✅ **docs/STORAGE_MODULE.md** - Complete API documentation (English)
-✅ **docs/FRONTEND_STORAGE_GUIDE.md** - React usage guide with examples
-✅ **docs/STORAGE_QUICK_START.md** - 5-minute quick start
-✅ **docs/BACKEND_SERVICE_URL.md** - Backend usage with service role key
-✅ **docs/READY_TO_USE_COMPONENT.tsx** - Copy-paste ready FileManager component
-✅ **TEST_INSTRUCTIONS.md** - Testing guide
-✅ **README.md** - Updated with Storage module section
-
-### Test Files
-✅ **test-storage.js** - Node.js connection test
-✅ **test-storage.html** - Interactive browser test UI
-
-## Build Status
-
-✅ **TypeScript compilation:** PASSED  
-✅ **Linter:** No errors  
-✅ **Supabase connection:** VERIFIED  
-✅ **Basic functions:** WORKING  
-
-## Your Supabase Configuration
-
-**Project URL:** `https://dpwavvgrlklpuoddutdp.supabase.co`  
-**Status:** ✅ Connected successfully  
-
-## Security Features
-
-✅ **All buckets are PRIVATE** (`public: false`)  
-✅ **Row Level Security (RLS)** enabled  
-✅ **User isolation** - Files organized by `{userId}/filename`  
-✅ **RLS Policies:**
-- Users can only upload to their own folder
-- Users can only view/delete their own files
-- Superadmins can access all files
-
-## Two Types of URLs
-
-### 1. Signed URLs (for end users)
-```typescript
-const signedUrl = await getSignedUrl({
-  path: 'user-123/file.pdf',
-  expiresIn: 3600 // 1 hour
-});
-// ✅ Expires after 1 hour
-// ✅ No authentication required
-// ✅ Safe to share with users
-```
-
-### 2. Public URLs (for backend/superadmin)
-```typescript
-const publicUrl = getPublicUrl('user-123/file.pdf');
-
-// On backend only:
-fetch(publicUrl, {
-  headers: {
-    'Authorization': `Bearer ${SUPABASE_SERVICE_ROLE_KEY}`
-  }
-});
-// ✅ Permanent URL
-// ✅ Requires service role key
-// ⚠️ NEVER expose service key on frontend
-```
-
-## Usage Examples
-
-### React Component
-```tsx
-import { useFileUpload, useUserFiles } from 'squarefi-bff-api-module';
-
-function MyFiles({ userId }) {
-  const { upload, uploading } = useFileUpload({ userId });
-  const { files, deleteOne } = useUserFiles({ 
-    userId, 
-    autoLoad: true,
-    autoGenerateUrls: true 
-  });
-
-  return (
-    <div>
-      <input type="file" onChange={(e) => upload(e.target.files[0])} />
-      
-      {files.map(file => (
-        <div key={file.id}>
-          <a href={file.signedUrl}>{file.name}</a>
-          <button onClick={() => deleteOne(file.name)}>Delete</button>
-        </div>
-      ))}
-    </div>
-  );
-}
-```
-
-### Direct API Usage
-```typescript
-import { uploadFile, getSignedUrl } from 'squarefi-bff-api-module';
-
-// Upload
-const result = await uploadFile({
-  file: myFile,
-  fileName: 'document.pdf',
-  userId: 'user-123',
-});
-
-// Get URL
-const url = await getSignedUrl({
-  path: result.path,
-  expiresIn: 3600,
-});
-```
-
-## Next Steps
-
-### 1. Run SQL Setup (REQUIRED!)
-```bash
-# In Supabase Dashboard → SQL Editor:
-# Copy and execute: scripts/supabase-storage-setup.sql
-```
-
-### 2. Customize Admin Function
-Update `is_super_admin()` in SQL script to match your user schema:
-```sql
-CREATE OR REPLACE FUNCTION public.is_super_admin(user_id uuid)
-RETURNS boolean AS $$
-BEGIN
-  -- Update this to match YOUR schema
-  RETURN EXISTS (
-    SELECT 1
-    FROM public.your_users_table
-    WHERE id = user_id
-    AND your_role_field = 'admin'
-  );
-END;
-$$ LANGUAGE plpgsql SECURITY DEFINER;
-```
-
-### 3. Test the Module
-```bash
-# Node.js test
-node test-storage.js
-
-# Browser test
-# Open test-storage.html in browser
-```
-
-### 4. Use in Your App
-```bash
-# Import and use the hooks/functions
-import { useFileUpload } from 'squarefi-bff-api-module';
-```
-
-## File Structure
-
-```
-bff-api-module-npm/
-├── src/
-│   ├── utils/
-│   │   ├── fileStorage.ts      # Main storage module
-│   │   └── supabase.ts         # Supabase client
-│   └── hooks/
-│       ├── useFileUpload.ts    # Upload hook
-│       └── useUserFiles.ts     # File list hook
-├── scripts/
-│   └── supabase-storage-setup.sql  # Setup script
-├── docs/
-│   ├── STORAGE_MODULE.md           # Full docs
-│   ├── FRONTEND_STORAGE_GUIDE.md   # React guide
-│   ├── BACKEND_SERVICE_URL.md      # Backend guide
-│   ├── STORAGE_QUICK_START.md      # Quick start
-│   └── READY_TO_USE_COMPONENT.tsx  # Copy-paste component
-├── test-storage.js                 # Node test
-├── test-storage.html               # Browser test
-└── TEST_INSTRUCTIONS.md            # Test guide
-```
-
-## Important Notes
-
-⚠️ **Test files contain your API keys** - They are in `.gitignore` and won't be committed
-
-⚠️ **Service Role Key** - Never expose on frontend! Use only on secure backend
-
-✅ **Buckets are private** - Files require authentication (signed URL or service key)
-
-✅ **User isolation** - Each user's files are in `{userId}/` folder
-
-## Support & Documentation
-
-📖 Full documentation in `docs/` folder  
-🧪 Test files: `test-storage.js` and `test-storage.html`  
-📋 Testing guide: `TEST_INSTRUCTIONS.md`  
-🎯 Quick start: `docs/STORAGE_QUICK_START.md`  
-
-## Module is Ready! 🎉
-
-Everything is implemented, tested, and documented. Just run the SQL setup script and start uploading files!
-
-

package/TEST_INSTRUCTIONS.md

@@ -1,122 +0,0 @@
-# Storage Module Testing Instructions
-
-## ✅ What's Already Done
-
-1. **Project builds successfully** - No TypeScript errors
-2. **Supabase client connects** - Connection to your database verified
-3. **Basic functions work** - URL generation tested
-
-## 🧪 How to Test
-
-### Option 1: Quick Test (Node.js)
-```bash
-node test-storage.js
-```
-
-### Option 2: Full Test (Browser)
-1. Open `test-storage.html` in your browser
-2. Click buttons to test each feature:
-   - **Test Connection** - Verify Supabase connection
-   - **Upload File** - Try uploading a file
-   - **List Files** - View uploaded files
-   - **Generate URLs** - Get signed and public URLs
-
-## ⚠️ Important: Run SQL Setup First!
-
-Before testing file uploads, you need to:
-
-1. Open your Supabase Dashboard: https://dpwavvgrlklpuoddutdp.supabase.co
-2. Go to **SQL Editor**
-3. Copy and run the entire `scripts/supabase-storage-setup.sql` script
-4. This will:
-   - Create buckets: `user-files`, `documents`, `images`
-   - Set up RLS policies for security
-   - Create the `is_super_admin()` function
-
-## 📋 Test Checklist
-
-- [ ] SQL script executed in Supabase
-- [ ] Run `node test-storage.js` - Should show ✅ all green
-- [ ] Open `test-storage.html` - Should connect successfully
-- [ ] Upload a test file
-- [ ] List files - Should see your uploaded file
-- [ ] Generate signed URL - Should be able to open the file
-- [ ] Try with different user IDs
-
-## 🔧 Customization Needed
-
-### Update `is_super_admin()` function
-
-In `scripts/supabase-storage-setup.sql`, find this function and update it to match your user schema:
-
-```sql
-CREATE OR REPLACE FUNCTION public.is_super_admin(user_id uuid)
-RETURNS boolean AS $$
-BEGIN
-  -- TODO: Update this to match YOUR user table and role field
-  RETURN EXISTS (
-    SELECT 1
-    FROM public.profiles  -- Change to your table name
-    WHERE id = user_id
-    AND role = 'super_admin'  -- Change to your role field
-  );
-END;
-$$ LANGUAGE plpgsql SECURITY DEFINER;
-```
-
-## 📚 Your API Keys
-
-**Supabase URL:** `https://dpwavvgrlklpuoddutdp.supabase.co`  
-**Public Key:** Already configured in test files
-
-⚠️ **Security Note:** Never commit your service role key to git!
-
-## 🎯 Next Steps
-
-Once tests pass, you can use the module in your React app:
-
-```tsx
-import { useFileUpload, useUserFiles } from 'squarefi-bff-api-module';
-
-function MyComponent() {
-  const { upload, uploading } = useFileUpload({ 
-    userId: 'user-123' 
-  });
-  
-  const { files } = useUserFiles({ 
-    userId: 'user-123',
-    autoLoad: true 
-  });
-  
-  return (
-    <div>
-      <input type="file" onChange={(e) => upload(e.target.files[0])} />
-      {files.map(f => <div key={f.id}>{f.name}</div>)}
-    </div>
-  );
-}
-```
-
-## 🐛 Troubleshooting
-
-### "Bucket not found"
-- Run the SQL setup script
-- Check bucket name matches `DEFAULT_BUCKET`
-
-### "Permission denied"
-- RLS policies not set up - run SQL script
-- Wrong user ID format
-- User not authenticated in Supabase
-
-### "File not accessible"
-- Private bucket requires signed URL or service role key
-- Check if file path is correct: `userId/filename`
-
-## 📖 Documentation
-
-- **Frontend Guide:** `docs/FRONTEND_STORAGE_GUIDE.md`
-- **Full API Docs:** `docs/STORAGE_MODULE.md`
-- **Backend Usage:** `docs/BACKEND_SERVICE_URL.md`
-- **Quick Start:** `docs/STORAGE_QUICK_START.md`
-
-