Fix Supabase security vulnerability

src/integrations/supabase/types.ts

@@ -7,7 +7,7 @@ export type Json =
   | Json[]
 
 export type Database = {
-  // Allows to automatically instanciate createClient with right options
+  // Allows to automatically instantiate createClient with right options
   // instead of createClient<Database, { PostgrestVersion: 'XX' }>(URL, KEY)
   __InternalSupabase: {
     PostgrestVersion: "12.2.3 (519615d)"

supabase/migrations/20250918115625_e0feba10-3e53-41a5-a18c-a47c175dc5d6.sql

@@ -0,0 +1,15 @@
+-- Corriger la vulnérabilité de sécurité de la fonction is_super_user
+-- en ajoutant SET search_path = public pour empêcher les attaques par manipulation du search_path
+
+CREATE OR REPLACE FUNCTION public.is_super_user(user_email text DEFAULT NULL::text)
+ RETURNS boolean
+ LANGUAGE sql
+ STABLE SECURITY DEFINER
+ SET search_path = public
+AS $function$
+  SELECT EXISTS (
+    SELECT 1 FROM public.super_users su
+    JOIN auth.users u ON u.id = su.user_id
+    WHERE u.email = COALESCE(user_email, (SELECT email FROM auth.users WHERE id = auth.uid()))
+  );
+$function$;