Skip to content

feat: create predictions table for engagement scoring #17

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
sidneyswift wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: create predictions table for engagement scoring #17

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 23 additions & 0 deletions supabase/migrations/20260410000000_create_predictions.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
-- Neural engagement predictions from TRIBE v2 model
create table if not exists public.predictions (
id uuid primary key default gen_random_uuid(),
account_id uuid not null references public.accounts(id) on delete cascade,
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Apr 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== Searching for accounts table creation =="
rg -n --type-add 'sql:*.sql' --type sql -C2 'create\s+table\s+(if\s+not\s+exists\s+)?public\.accounts\b|create\s+table\s+(if\s+not\s+exists\s+)?accounts\b' supabase/migrations || true

echo
echo "== Searching for predictions policies =="
rg -n --type-add 'sql:*.sql' --type sql -C2 'create\s+policy.*predictions|on\s+public\.predictions' supabase/migrations || true

Repository: recoupable/database

Length of output: 884

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== List all SQL migrations in supabase/migrations =="
ls -la supabase/migrations/*.sql 2>/dev/null | head -20 || echo "No migrations found"

echo
echo "== Count and show all migration filenames =="
find supabase/migrations -name "*.sql" -type f | sort

echo
echo "== Check if accounts table exists anywhere in migrations =="
rg -i "create.*table.*accounts" supabase/migrations --no-heading || echo "No matches found"

echo
echo "== Check the full content of the predictions migration file =="
cat supabase/migrations/20260410000000_create_predictions.sql

Repository: recoupable/database

Length of output: 13587

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== Search for any RLS policies on predictions table =="
rg -i "create.*policy.*predictions|policy.*on.*public\.predictions" supabase/migrations --type sql -A5 || echo "No policy definitions found"

echo
echo "== Check specific accounts table creation migration =="
cat supabase/migrations/20241209025457_add_foreign_key.sql

Repository: recoupable/database

Length of output: 889

Add RLS policies for public.predictions table before deployment.

Line 23 enables row level security (alter table public.predictions enable row level security;) but no policies are defined. This will block all access to the table. Either define policies in this migration or ensure they're created in a guaranteed earlier deploy step.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@supabase/migrations/20260410000000_create_predictions.sql` at line 4, The
migration enables row level security on public.predictions but defines no
policies, which will block all access; update this migration to add appropriate
RLS policies for public.predictions (for example policies that allow owners or
specific roles to SELECT/INSERT/UPDATE/DELETE) or remove/deferr the "alter table
public.predictions enable row level security" statement until a prior migration
creates those policies; reference the table name public.predictions and the
existing "alter table public.predictions enable row level security;" statement
when adding the corresponding CREATE POLICY entries or moving the enable step.

file_url text not null,
modality text not null check (modality in ('video', 'audio', 'text')),
engagement_score numeric not null,
engagement_timeline jsonb not null,
peak_moments jsonb not null,
weak_spots jsonb not null,
regional_activation jsonb not null,
total_duration_seconds numeric not null,
elapsed_seconds numeric not null,
Comment on lines +7 to +13
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Apr 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Add domain checks for score/duration fields.

Lines 7-13 allow negative/invalid numeric values (engagement_score, total_duration_seconds, elapsed_seconds), which can corrupt analytics.

Proposed SQL patch 
   engagement_score numeric not null,
   engagement_timeline jsonb not null,
   peak_moments jsonb not null,
   weak_spots jsonb not null,
   regional_activation jsonb not null,
   total_duration_seconds numeric not null,
   elapsed_seconds numeric not null,
+  constraint predictions_engagement_score_range_chk
+    check (engagement_score >= 0 and engagement_score <= 1),
+  constraint predictions_duration_nonnegative_chk
+    check (
+      total_duration_seconds >= 0
+      and elapsed_seconds >= 0
+      and elapsed_seconds <= total_duration_seconds
+    ),
   created_at timestamptz not null default now()
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
engagement_score numeric not null,
engagement_timeline jsonb not null,
peak_moments jsonb not null,
weak_spots jsonb not null,
regional_activation jsonb not null,
total_duration_seconds numeric not null,
elapsed_seconds numeric not null,
engagement_score numeric not null,
engagement_timeline jsonb not null,
peak_moments jsonb not null,
weak_spots jsonb not null,
regional_activation jsonb not null,
total_duration_seconds numeric not null,
elapsed_seconds numeric not null,
constraint predictions_engagement_score_range_chk
check (engagement_score >= 0 and engagement_score <= 1),
constraint predictions_duration_nonnegative_chk
check (
total_duration_seconds >= 0
and elapsed_seconds >= 0
and elapsed_seconds <= total_duration_seconds
),
created_at timestamptz not null default now()
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@supabase/migrations/20260410000000_create_predictions.sql` around lines 7 -
13, Add CHECK constraints to enforce valid domains: require engagement_score to
be within a sane range (e.g., >= 0 AND <= 1 or the project-specific max — update
to the correct max if different) and require total_duration_seconds >= 0,
elapsed_seconds >= 0 and elapsed_seconds <= total_duration_seconds; add these
CHECK constraints referencing the columns engagement_score,
total_duration_seconds and elapsed_seconds in the table definition so negative
or inconsistent durations/scores cannot be inserted.

Copy link
Copy Markdown

@cubic-dev-ai cubic-dev-ai Bot Apr 10, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2: No domain constraints on engagement_score, total_duration_seconds, or elapsed_seconds. Negative scores or durations would silently pass. Add CHECK constraints (e.g., engagement_score between 0 and 1, durations >= 0, elapsed_seconds <= total_duration_seconds).

Prompt for AI agents 
Check if this issue is valid — if so, understand the root cause and fix it. At supabase/migrations/20260410000000_create_predictions.sql, line 13:

<comment>No domain constraints on `engagement_score`, `total_duration_seconds`, or `elapsed_seconds`. Negative scores or durations would silently pass. Add CHECK constraints (e.g., `engagement_score between 0 and 1`, durations `>= 0`, `elapsed_seconds <= total_duration_seconds`).</comment>

<file context>
@@ -0,0 +1,23 @@
+  weak_spots jsonb not null,
+  regional_activation jsonb not null,
+  total_duration_seconds numeric not null,
+  elapsed_seconds numeric not null,
+  created_at timestamptz not null default now()
+);
</file context>
Fix with Cubic

created_at timestamptz not null default now()
);

create index if not exists idx_predictions_account_id
on public.predictions(account_id);

create index if not exists idx_predictions_created_at
on public.predictions(created_at desc);

alter table public.predictions enable row level security;
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Apr 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

RLS is enabled without any policy in this migration.

On Line 23, ENABLE ROW LEVEL SECURITY with no policy in the same migration can make the table unusable for authenticated/anon immediately after deploy.

Proposed SQL patch 
 alter table public.predictions enable row level security;
+
+-- Example baseline policies (adjust to your auth/account model)
+create policy if not exists "predictions_select_own"
+  on public.predictions
+  for select
+  using (account_id = auth.uid());
+
+create policy if not exists "predictions_insert_own"
+  on public.predictions
+  for insert
+  with check (account_id = auth.uid());
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
alter table public.predictions enable row level security;
alter table public.predictions enable row level security;
-- Example baseline policies (adjust to your auth/account model)
create policy if not exists "predictions_select_own"
on public.predictions
for select
using (account_id = auth.uid());
create policy if not exists "predictions_insert_own"
on public.predictions
for insert
with check (account_id = auth.uid());
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@supabase/migrations/20260410000000_create_predictions.sql` at line 23, The
migration enables RLS on public.predictions but does not create any policies,
which will lock out authenticated/anonymous users; update the migration to
either (A) create appropriate row-level policies for public.predictions (e.g.,
separate CREATE POLICY statements for SELECT/INSERT/UPDATE/DELETE granting
access to authenticated/anon roles or using USING/WITH CHECK expressions tied to
your auth columns) before running ALTER TABLE public.predictions ENABLE ROW
LEVEL SECURITY, or (B) defer the ALTER TABLE ... ENABLE ROW LEVEL SECURITY to a
subsequent migration after you add the necessary CREATE POLICY statements;
reference the table name public.predictions and the ALTER TABLE ... ENABLE ROW
LEVEL SECURITY line when making the change.