feat: add invite rewards and redeem codes

backend/alembic/versions/20260428_0004_apple_iap_final_head.py

@@ -42,18 +42,51 @@ def upgrade() -> None:
         sa.Column("price_milliunits", sa.BigInteger(), nullable=True),
         sa.Column("ledger_event_id", sa.String(length=64), nullable=True),
         sa.Column("signed_transaction_info", sa.Text(), nullable=False),
-        sa.Column("apple_payload", postgresql.JSONB(astext_type=sa.Text()), server_default=sa.text("'{}'::jsonb"), nullable=False),
+        sa.Column(
+            "apple_payload",
+            postgresql.JSONB(astext_type=sa.Text()),
+            server_default=sa.text("'{}'::jsonb"),
+            nullable=False,
+        ),
         sa.Column("failure_code", sa.String(length=64), nullable=True),
-        sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.text("now()"), nullable=False),
-        sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.text("now()"), nullable=False),
-        sa.CheckConstraint("environment in ('Sandbox', 'Production')", name="ck_apple_iap_transactions_environment"),
-        sa.CheckConstraint("status in ('received', 'verified', 'granted', 'failed', 'refunded', 'refunded_insufficient', 'revoked')", name="ck_apple_iap_transactions_status"),
+        sa.Column(
+            "created_at",
+            sa.DateTime(timezone=True),
+            server_default=sa.text("now()"),
+            nullable=False,
+        ),
+        sa.Column(
+            "updated_at",
+            sa.DateTime(timezone=True),
+            server_default=sa.text("now()"),
+            nullable=False,
+        ),
+        sa.CheckConstraint(
+            "environment in ('Sandbox', 'Production')",
+            name="ck_apple_iap_transactions_environment",
+        ),
+        sa.CheckConstraint(
+            "status in ('received', 'verified', 'granted', 'failed', 'refunded', 'refunded_insufficient', 'revoked')",
+            name="ck_apple_iap_transactions_status",
+        ),
         sa.PrimaryKeyConstraint("id"),
-        sa.UniqueConstraint("transaction_id", name="uq_apple_iap_transactions_transaction_id"),
-        sa.UniqueConstraint("ledger_event_id", name="uq_apple_iap_transactions_ledger_event_id"),
+        sa.UniqueConstraint(
+            "transaction_id", name="uq_apple_iap_transactions_transaction_id"
+        ),
+        sa.UniqueConstraint(
+            "ledger_event_id", name="uq_apple_iap_transactions_ledger_event_id"
+        ),
+    )
+    op.create_index(
+        "ix_apple_iap_transactions_user_created_at",
+        "apple_iap_transactions",
+        ["user_id", sa.text("created_at DESC")],
+    )
+    op.create_index(
+        "ix_apple_iap_transactions_status_updated_at",
+        "apple_iap_transactions",
+        ["status", sa.text("updated_at DESC")],
     )
-    op.create_index("ix_apple_iap_transactions_user_created_at", "apple_iap_transactions", ["user_id", sa.text("created_at DESC")])
-    op.create_index("ix_apple_iap_transactions_status_updated_at", "apple_iap_transactions", ["status", sa.text("updated_at DESC")])
     _enable_service_only_rls("apple_iap_transactions")
 
 
@@ -65,17 +98,29 @@ def downgrade() -> None:
 def _enable_service_only_rls(table_name: str) -> None:
     for role in ["anon", "authenticated"]:
         for action in ["select", "insert", "update", "delete"]:
-            op.execute(f"DROP POLICY IF EXISTS {role}_{action}_{table_name} ON {table_name}")
+            op.execute(
+                f"DROP POLICY IF EXISTS {role}_{action}_{table_name} ON {table_name}"
+            )
     op.execute(f"ALTER TABLE {table_name} ENABLE ROW LEVEL SECURITY")
     for role in ["anon", "authenticated"]:
-        op.execute(f"CREATE POLICY {role}_select_{table_name} ON {table_name} FOR SELECT TO {role} USING (false)")
-        op.execute(f"CREATE POLICY {role}_insert_{table_name} ON {table_name} FOR INSERT TO {role} WITH CHECK (false)")
-        op.execute(f"CREATE POLICY {role}_update_{table_name} ON {table_name} FOR UPDATE TO {role} USING (false) WITH CHECK (false)")
-        op.execute(f"CREATE POLICY {role}_delete_{table_name} ON {table_name} FOR DELETE TO {role} USING (false)")
+        op.execute(
+            f"CREATE POLICY {role}_select_{table_name} ON {table_name} FOR SELECT TO {role} USING (false)"
+        )
+        op.execute(
+            f"CREATE POLICY {role}_insert_{table_name} ON {table_name} FOR INSERT TO {role} WITH CHECK (false)"
+        )
+        op.execute(
+            f"CREATE POLICY {role}_update_{table_name} ON {table_name} FOR UPDATE TO {role} USING (false) WITH CHECK (false)"
+        )
+        op.execute(
+            f"CREATE POLICY {role}_delete_{table_name} ON {table_name} FOR DELETE TO {role} USING (false)"
+        )
 
 
 def _drop_service_only_rls(table_name: str) -> None:
     for role in ["anon", "authenticated"]:
         for action in ["select", "insert", "update", "delete"]:
-            op.execute(f"DROP POLICY IF EXISTS {role}_{action}_{table_name} ON {table_name}")
+            op.execute(
+                f"DROP POLICY IF EXISTS {role}_{action}_{table_name} ON {table_name}"
+            )
     op.execute(f"ALTER TABLE {table_name} DISABLE ROW LEVEL SECURITY")