From f9228d50248c838bbd574f6f868d456ba5235c82 Mon Sep 17 00:00:00 2001
From: "gpt-engineer-app[bot]"
 <159125892+gpt-engineer-app[bot]@users.noreply.github.com>
Date: Sun, 26 Oct 2025 15:04:32 +0000
Subject: [PATCH] Fix security vulnerability

---
 src/integrations/supabase/types.ts            | 22 +++++++++++++-
 ...1_756b9799-178e-43e7-b9f6-3d60649780b3.sql | 29 +++++++++++++++++++
 2 files changed, 50 insertions(+), 1 deletion(-)
 create mode 100644 supabase/migrations/20251026150411_756b9799-178e-43e7-b9f6-3d60649780b3.sql

diff --git a/src/integrations/supabase/types.ts b/src/integrations/supabase/types.ts
index 1166828..6314e96 100644
--- a/src/integrations/supabase/types.ts
+++ b/src/integrations/supabase/types.ts
@@ -40,7 +40,27 @@ export type Database = {
       }
     }
     Views: {
-      [_ in never]: never
+      petition_signatures_public: {
+        Row: {
+          comment: string | null
+          created_at: string | null
+          id: string | null
+          name: string | null
+        }
+        Insert: {
+          comment?: string | null
+          created_at?: string | null
+          id?: string | null
+          name?: string | null
+        }
+        Update: {
+          comment?: string | null
+          created_at?: string | null
+          id?: string | null
+          name?: string | null
+        }
+        Relationships: []
+      }
     }
     Functions: {
       [_ in never]: never
diff --git a/supabase/migrations/20251026150411_756b9799-178e-43e7-b9f6-3d60649780b3.sql b/supabase/migrations/20251026150411_756b9799-178e-43e7-b9f6-3d60649780b3.sql
new file mode 100644
index 0000000..dbe5e70
--- /dev/null
+++ b/supabase/migrations/20251026150411_756b9799-178e-43e7-b9f6-3d60649780b3.sql
@@ -0,0 +1,29 @@
+-- Create a public view that excludes email addresses
+CREATE OR REPLACE VIEW public.petition_signatures_public AS
+SELECT 
+  id,
+  created_at,
+  name,
+  comment
+FROM public.petition_signatures;
+
+-- Drop existing permissive policies
+DROP POLICY IF EXISTS "Anyone can view signatures" ON public.petition_signatures;
+DROP POLICY IF EXISTS "Anyone can sign the petition" ON public.petition_signatures;
+
+-- Restrict direct table access - only authenticated users can view full data
+CREATE POLICY "Only authenticated users can view all signature data"
+ON public.petition_signatures
+FOR SELECT
+TO authenticated
+USING (true);
+
+-- Allow anyone to insert (it's a petition, people need to sign it)
+CREATE POLICY "Anyone can sign the petition"
+ON public.petition_signatures
+FOR INSERT
+TO anon, authenticated
+WITH CHECK (true);
+
+-- Grant SELECT on the public view to everyone (including anonymous)
+GRANT SELECT ON public.petition_signatures_public TO anon, authenticated;
\ No newline at end of file