From 71ac2b4a5aa65fb36b929ccc427fbfc333b048cf Mon Sep 17 00:00:00 2001
From: Nikita Bragin <branikita@gmail.com>
Date: Sun, 8 Mar 2026 02:23:54 +0300
Subject: [PATCH 1/2] fix(db): set search_path on handle_new_user trigger
 function

GoTrue (supabase_auth_admin) uses a different search_path than postgres.
Without explicit search_path = public, the INSERT INTO profiles fails
with "Database error saving new user" on OAuth/email sign-up.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 migrations/1772922678763_initial-schema.sql | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/migrations/1772922678763_initial-schema.sql b/migrations/1772922678763_initial-schema.sql
index f4a5eb5..fc29367 100644
--- a/migrations/1772922678763_initial-schema.sql
+++ b/migrations/1772922678763_initial-schema.sql
@@ -90,7 +90,7 @@ CREATE INDEX idx_shared_links_token ON shared_links(share_token);
 CREATE OR REPLACE FUNCTION handle_new_user()
 RETURNS TRIGGER AS $$
 BEGIN
-  INSERT INTO profiles (id, display_name, avatar_url)
+  INSERT INTO public.profiles (id, display_name, avatar_url)
   VALUES (
     NEW.id,
     COALESCE(NEW.raw_user_meta_data->>'full_name', NEW.email),
@@ -98,7 +98,7 @@ BEGIN
   );
   RETURN NEW;
 END;
-$$ LANGUAGE plpgsql SECURITY DEFINER;
+$$ LANGUAGE plpgsql SECURITY DEFINER SET search_path = public;
 
 CREATE TRIGGER on_auth_user_created
   AFTER INSERT ON auth.users

From 3853058f5a6a475e06a28a1df5bee9ca68e9fa98 Mon Sep 17 00:00:00 2001
From: Nikita Bragin <branikita@gmail.com>
Date: Sun, 8 Mar 2026 02:28:58 +0300
Subject: [PATCH 2/2] fix(db): include user_id when saving simulations

The INSERT was missing user_id, causing RLS policy violation (42501).
Now reads user.id from authStore before inserting.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 src/db/saved-simulations.ts | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/db/saved-simulations.ts b/src/db/saved-simulations.ts
index 4bd54e9..0eed43c 100644
--- a/src/db/saved-simulations.ts
+++ b/src/db/saved-simulations.ts
@@ -1,4 +1,5 @@
 import { supabase, isSupabaseConfigured } from '../auth/supabase-client';
+import { authStore } from '../auth/auth-store';
 
 /** Row shape for the saved_simulations table */
 export interface SavedSimulation {
@@ -49,9 +50,13 @@ export async function saveSimulation(sim: {
 }): Promise<SavedSimulation | null> {
 	if (!isSupabaseConfigured()) return null;
 
+	const user = authStore.getState().user;
+	if (!user) return null;
+
 	const { data, error } = await supabase
 		.from('saved_simulations')
 		.insert({
+			user_id: user.id,
 			title: sim.title,
 			description: sim.description || '',
 			sim_type: sim.sim_type,