feat(realtime): Fase 2b.0 infra + first R-series tests green
Enable postgres_changes broadcasts on shopping_items / shopping_lists and prove the path end-to-end with Vitest Realtime tests and a pgTAP configuration check. Infra changes that were silently blocking events - Migration 007: shopping_items + shopping_lists added to supabase_realtime publication with REPLICA IDENTITY FULL (UPDATE/DELETE payloads need the full row so list_id-based filters work and RLS can evaluate DELETE against OLD) - Realtime service: DB_USER=supabase_admin (superuser; supabase_replication_admin lacks CREATE on the `realtime` schema that the service auto-creates per tenant) - Realtime service: SELF_HOST_TENANT_NAME=realtime so the seed tenant name matches the default supabase-js resolves for localhost URLs (was realtime-dev → TenantNotFound) Tests - pgTAP 004_realtime_publication.sql — P-01..P-04: publication membership and REPLICA IDENTITY FULL for both shopping tables - Vitest realtime-postgres-changes.test.ts — R-01 INSERT broadcast, R-02 UPDATE carries full row, R-03 list_id filter isolates events - test-utils realtime-helpers.ts — subscribePostgresChanges() returns a waitFor(predicate, timeout) helper that captures the SUBSCRIBED handshake before returning so mutations issued right after are not lost - createClientAs now calls realtime.setAuth(token) so the server evaluates RLS against the test user's JWT - Justfile test-db now globs supabase/tests/*.sql so new pgTAP files are picked up automatically Totals: 54→57 Vitest, 12→16 pgTAP, 15 Playwright = 88 tests green. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -26,10 +26,14 @@ async function signToken(userId: string): Promise<string> {
|
||||
/**
|
||||
* Create a Supabase client that authenticates as the given seed user.
|
||||
* RLS policies see auth.uid() = userId.
|
||||
*
|
||||
* Also calls `realtime.setAuth(token)` so Realtime subscriptions carry the
|
||||
* same identity — the server evaluates RLS against this JWT when deciding
|
||||
* which Postgres-changes events to forward.
|
||||
*/
|
||||
export async function createClientAs(userId: string) {
|
||||
const token = await signToken(userId);
|
||||
return createClient<Database>(
|
||||
const client = createClient<Database>(
|
||||
requiredEnv('PUBLIC_SUPABASE_URL'),
|
||||
requiredEnv('PUBLIC_SUPABASE_ANON_KEY'),
|
||||
{
|
||||
@@ -37,6 +41,9 @@ export async function createClientAs(userId: string) {
|
||||
auth: { persistSession: false, autoRefreshToken: false }
|
||||
}
|
||||
);
|
||||
// @ts-expect-error — realtime.setAuth exists at runtime on supabase-js v2
|
||||
client.realtime.setAuth(token);
|
||||
return client;
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
Reference in New Issue
Block a user