fix(rest-native): Phase 1 — add 22 missing tables/views to READ whitelist

[adm01-debug]

Summary

• +4 tables promoted to READ whitelist: collections, collection_products, variant_supplier_sources, supplier_branches (were write-only, had active read callers)
• +1 table: price_history (212 rows, callers use supabase.from() directly)
• +17 views/MVs: categories_tree_visual, materials_complete, mv_material_group_stats, mv_product_compositions, mv_product_intelligence, products_with_materials, v_kit_with_components, v_media_stats, v_n8n_sync_errors, v_n8n_sync_success_recent, v_n8n_sync_summary, v_product_images_cdn, v_product_videos_cdn, v_products_min_price, v_products_missing_primary_image, v_products_with_tags, v_products_without_images
• +1 SEARCH_COLUMNS: collections → name
• Phase 1 comment block + // ── Core product tables ── section header added

Context

Kill-switch edge_external_db_bridge has been OFF (enabled=false, rollout=100%) since 2026-05-30. An exhaustive audit (121 scenarios, 0 regressions) found these 22 tables/views exist in doufsxqlfjyuvxuezpln with active callers but were missing from REST_NATIVE_SAFE_TABLES. With the bridge OFF they silently returned empty arrays, breaking ~25 screens.

Known risks (pre-existing, not caused by this PR)

1. useKitStockForecast uses non-existent columns on variant_supplier_sources — catch returns [] (same as before)
2. collections RLS: only is_public=true rows visible without share_token
3. mv_product_intelligence is a materialized view with 0 rows (needs REFRESH)

Rollback

Remove the 34 added lines. No other file changes required.

Test plan

• Verify REST_NATIVE_SAFE_TABLES Set has 68 entries
• Verify SEARCH_COLUMNS has 18 entries
• Smoke-test screens that use collections, variant_supplier_sources, and the view callers
• Confirm no silent-empty reports for these tables after deploy

---

Generated by Claude Code

---

Summary by cubic

Adds 22 missing tables and views to REST_NATIVE_SAFE_TABLES so existing callers return data again with edge_external_db_bridge off. Also adds collections → name to SEARCH_COLUMNS. Restores ~25 screens and removes silent empty results.

• Bug Fixes
  • Read whitelist: collections, collection_products, variant_supplier_sources, supplier_branches, price_history
  • Read whitelist — views/MVs: categories_tree_visual, materials_complete, mv_material_group_stats, mv_product_compositions, mv_product_intelligence, products_with_materials, v_kit_with_components, v_media_stats, v_n8n_sync_errors, v_n8n_sync_success_recent, v_n8n_sync_summary, v_product_images_cdn, v_product_videos_cdn, v_products_min_price, v_products_missing_primary_image, v_products_with_tags, v_products_without_images
  • Search: map collections → name

^{Written for commit 6513cb3. Summary will update on new commits.}

Summary by CodeRabbit

• New Features
  • Novas tabelas e visualizações agora disponibilizadas para acesso, incluindo coleções, produtos de coleção, fontes de fornecedores e histórico de preços.
  • Funcionalidade de busca expandida para coleções e seus campos de nome.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
we-dream-big	Ready	Preview, Comment	May 31, 2026 7:11pm

[supabase]

This pull request has been ignored for the connected project doufsxqlfjyuvxuezpln because there are no changes detected in supabase directory. You can change this behaviour in Project Integrations Settings ↗︎.

---

Preview Branches by Supabase.
Learn more about Supabase Branching ↗︎.

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 24a7ce50-af13-4d06-a84f-f5a844039b41

📥 Commits

Reviewing files that changed from the base of the PR and between 9caa919 and 6513cb3.

📒 Files selected for processing (1)

• src/lib/external-db/rest-native.ts

---

Walkthrough

A PR expande a whitelist de tabelas/views seguras do módulo REST-native, adicionando suporte de leitura para collections, collection_products, variant_supplier_sources, supplier_branches, price_history e múltiplas views/materializadas organizadas em fases. Também habilita busca por nome em collections.

Mudanças

Expansão da whitelist REST-native

Camada / Arquivo(s)	Resumo
Whitelist de tabelas seguras e configuração de busca src/lib/external-db/rest-native.ts	Adiciona comentários de auditoria "Phase 1", expande REST_NATIVE_SAFE_TABLES com novos entries em fases 1-3 (collections, collection_products, variant_supplier_sources, supplier_branches, price_history, categories_tree_visual, materials_complete, mv_product_compositions, v_products_without_images e outras views/MVs), e configura SEARCH_COLUMNS para permitir busca por name em collections.

Esforço estimado de revisão

🎯 2 (Simples) | ⏱️ ~10 minutos

A mudança é direta: expansão de configuração sem alteração nas assinaturas de função exportadas, sem lógica complexa ou riscos de segurança/performance aparentes. A principal atenção deve ser verificar se as tabelas/views listadas são de fato seguras para leitura pública e se a coluna name em collections é apropriada para busca ilike.

Possíveis PRs relacionadas

• adm01-debug/promo-gifts-v4#535: Complementa esta PR ao modificar a lógica de tratamento do _search através de resolveSearchColumn, que consome a configuração de SEARCH_COLUMNS expandida nesta PR.

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch claude/exciting-wright-xA6by

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

Adds 22 missing tables/views to the REST native read whitelist (REST_NATIVE_SAFE_TABLES) so existing callers stop silently returning empty arrays now that the edge_external_db_bridge kill-switch is OFF. Also maps collections → name in SEARCH_COLUMNS.

Changes:

• Promote 4 tables (collections, collection_products, variant_supplier_sources, supplier_branches) and add price_history to READ whitelist.
• Add 17 views/MVs to READ whitelist.
• Add collections → name to SEARCH_COLUMNS and a Phase 1 comment block / section header.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.