Skip to content

POWERSYNC prototype: add migration to create postgresql publication#1747

Draft
Dieterbe wants to merge 40 commits intomasterfrom
powersync
Draft

POWERSYNC prototype: add migration to create postgresql publication#1747
Dieterbe wants to merge 40 commits intomasterfrom
powersync

Conversation

@Dieterbe
Copy link
Copy Markdown
Contributor

@Dieterbe Dieterbe commented Aug 2, 2024

No description provided.

Dieterbe
Dieterbe commented Aug 2, 2024
View reviewed changes
Comment thread wger/nutrition/migrations/0025_create_publication.py Outdated
@rolandgeider
Update react files and set type="module"
4c9cc2d 
This is needed since the move to vite on the react side
@rolandgeider
Add URL to get token for powersync
8c2eca0
@rolandgeider
Merge branch 'refs/heads/master' into powersync
0ba5d2c
@rolandgeider
Return powersync public key(s)
5e2bd2b
@rolandgeider
Don't use the login_required decorator
5f71782 
This wasn't working well with when used over the API
@rolandgeider
Fix the powersync key generation
f5f67bf 
This still needs to be clean up (specially the key generation, at the moment we
use a new dependency, but all this can be also done with the library we currently
use)
github-advanced-security[bot]
github-advanced-security AI found potential problems Sep 8, 2024
View reviewed changes
Comment thread wger/core/api/views.py
try:
return JsonResponse({'token': token, 'powersync_url': settings.POWERSYNC_URL}, status=200)
except Exception as e:
return JsonResponse({'error': str(e)}, status=500)

Check warning

Code scanning / CodeQL

Information exposure through an exception Medium

Stack trace information
Loading
flows to this location and may be exposed to an external user.

Copilot Autofix

AI 3 days ago

Use standard secure exception handling for API endpoints:

  • Keep detailed error information in server logs.
  • Return only a generic error message to clients.
  • Avoid changing endpoint behavior beyond sanitizing error output.

Best fix in this snippet:

  • In wger/core/api/views.py, update the except Exception as e block in get_powersync_token (around lines 491–492).
  • Replace return JsonResponse({'error': str(e)}, status=500) with:
    • a logger.exception(...) call (captures stack trace server-side),
    • a generic JsonResponse({'error': 'An internal error has occurred.'}, status=500).

No new imports are needed because logging is already imported and logger is already used in this file context.

Suggested changeset 1
wger/core/api/views.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/wger/core/api/views.py b/wger/core/api/views.py
--- a/wger/core/api/views.py
+++ b/wger/core/api/views.py
@@ -488,8 +488,9 @@
 
     try:
         return JsonResponse({'token': token, 'powersync_url': settings.POWERSYNC_URL}, status=200)
-    except Exception as e:
-        return JsonResponse({'error': str(e)}, status=500)
+    except Exception:
+        logger.exception('Error returning PowerSync token response')
+        return JsonResponse({'error': 'An internal error has occurred.'}, status=500)
 
 
 @api_view()
EOF
@@ -488,8 +488,9 @@

try:
return JsonResponse({'token': token, 'powersync_url': settings.POWERSYNC_URL}, status=200)
except Exception as e:
return JsonResponse({'error': str(e)}, status=500)
except Exception:
logger.exception('Error returning PowerSync token response')
return JsonResponse({'error': 'An internal error has occurred.'}, status=500)


@api_view()
Copilot is powered by AI and may make mistakes. Always verify output.
rolandgeider and others added 12 commits September 8, 2024 21:04
@rolandgeider
Install python-jose via simplejwt
4659aa4
@Dieterbe
just create the publication for all tables.
bd3d939 
most convenient and should be just fine
@rolandgeider
Allow migration to run on non-postgres databases
33971f0
@Dieterbe
todo
2b6949f
@rolandgeider
Add foreign key to the user table
c6163de 
This is only needed because powersync can't handle joins
@rolandgeider
Revert "Add foreign key to the user table"
aec1246 
This reverts commit c6163de.
@rolandgeider
Split migrations
8a6c2b4 
- move create publication to core
- use ivm entries for the nutrition publications
@rolandgeider
Merge branch 'master' into powersync
a081a2b 
# Conflicts:
#	wger/core/static/react/main.js
@rolandgeider
Add development Dockerfile with additional packages
22a72f9
@rolandgeider
Add UUIDs to some of the nutrition models
f700637 
This is needed in the flutter app to properly be able to set IDs on device, since
the regular IDs can only be set by postgres.
@Dieterbe
give dummy meals names
4ef534e
@Dieterbe
also translate foreign keys to uuid's
9514316
@real-yfprojects
Copy link
Copy Markdown

real-yfprojects commented Jan 25, 2026

Hey there. What is the current state of this, which steps are needed going forward and how can I help (as a python dev)?

github-advanced-security[bot]
github-advanced-security AI found potential problems Apr 16, 2026
View reviewed changes
Comment thread wger/core/api/views.py
return JsonResponse({'error': f'Unknown table: {table}'}, status=200)
except Exception as e:
logger.exception(f'Error processing PowerSync data for table {table}')
return JsonResponse({'error': str(e)}, status=200)

Check warning

Code scanning / CodeQL

Information exposure through an exception Medium

Stack trace information
Loading
flows to this location and may be exposed to an external user.

Copilot Autofix

AI 3 days ago

Return a generic client-facing error message instead of str(e), while keeping detailed diagnostics in server logs.

Best fix in this snippet:

  • In wger/core/api/views.py, inside upload_powersync_data’s except Exception as e: block (around lines 573–575), keep logger.exception(...) as-is (it preserves debugging detail server-side).
  • Replace return JsonResponse({'error': str(e)}, status=200) with a generic message such as {'error': 'An internal error has occurred.'}.
  • No import changes are required.

This preserves existing behavior (same response structure and status code) while preventing exception-detail disclosure.

Suggested changeset 1
wger/core/api/views.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/wger/core/api/views.py b/wger/core/api/views.py
--- a/wger/core/api/views.py
+++ b/wger/core/api/views.py
@@ -572,6 +572,6 @@
                 return JsonResponse({'error': f'Unknown table: {table}'}, status=200)
     except Exception as e:
         logger.exception(f'Error processing PowerSync data for table {table}')
-        return JsonResponse({'error': str(e)}, status=200)
+        return JsonResponse({'error': 'An internal error has occurred.'}, status=200)
 
     return JsonResponse({'status': 'ok!'}, status=200)
EOF
@@ -572,6 +572,6 @@
return JsonResponse({'error': f'Unknown table: {table}'}, status=200)
except Exception as e:
logger.exception(f'Error processing PowerSync data for table {table}')
return JsonResponse({'error': str(e)}, status=200)
return JsonResponse({'error': 'An internal error has occurred.'}, status=200)

return JsonResponse({'status': 'ok!'}, status=200)
Copilot is powered by AI and may make mistakes. Always verify output.
@rolandgeider
Copy link
Copy Markdown
Member

rolandgeider commented Apr 16, 2026

hey @real-yfprojects, sorry for the late reply, hadn't seen your message.

Most of the work will need to happen on the flutter side of things, but here there will be some cleaning up needed to do before we can really release this (we also moved some models to use uuids as the PK so we can generate them client side as well without having to do mappings back and forth, so possibly something among those lines as well)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Dieterbe @real-yfprojects @rolandgeider @github-advanced-security