Database design question
auth🟢SQLedge functionsRLSstorageHey all, not sure if this is the right place to ask but I’m working on designing an App Store. I’m looking to implement a review system, and I’ve created a basic plan for it but I’ve never done anything this complex in postgresql/supabase so I want to make sure I’m doing things correctly and securely. If anyone knowledgeable is willing to look at my design and give me any feedback I would really appreciate it!
I’ve attached a screenshot of the current database schema. Developers can freely insert, edit, and delete versions and apps that are associated with their account according to RLS policies. I can't really trust anything here because it can be edited at anytime.
I’m looking to make a system where versions can be submitted for review.
The requirements are as follows:
- Developers can submit versions for review, after which they can’t change anything about that version.
- Reviewers (normal user accounts, maybe I could have a `reviewers’ table to identify them) can view pending versions, approve or deny them, and provide a message
- When an app is approved, its metadata (screenshots, descriptions, etc) is “frozen” so that malicious users can’t replace text and images with inappropriate content
- App metadata can still be changed later, but updates won’t take effect until the next version is released
- there is some way to query for a list of the approved apps
I’m hitting the character limit, so I’ll send my current plan in the next message
I’ve attached a screenshot of the current database schema. Developers can freely insert, edit, and delete versions and apps that are associated with their account according to RLS policies. I can't really trust anything here because it can be edited at anytime.
I’m looking to make a system where versions can be submitted for review.
The requirements are as follows:
- Developers can submit versions for review, after which they can’t change anything about that version.
- Reviewers (normal user accounts, maybe I could have a `reviewers’ table to identify them) can view pending versions, approve or deny them, and provide a message
- When an app is approved, its metadata (screenshots, descriptions, etc) is “frozen” so that malicious users can’t replace text and images with inappropriate content
- App metadata can still be changed later, but updates won’t take effect until the next version is released
- there is some way to query for a list of the approved apps
I’m hitting the character limit, so I’ll send my current plan in the next message
