Supabase Edge Function: Generate Export
Component Detail
Description
Server-side Supabase Edge Function that handles the full export generation pipeline away from the mobile client, preventing accounting credentials from being exposed to the device. Receives an export request (org, date range, format), orchestrates the exporter service, and returns a signed download URL or push confirmation. Required for secure credential handling in API-based export flows.
export-edge-function
Summaries
This server-side function is a critical security boundary that prevents sensitive accounting system credentials from ever reaching mobile devices. By handling the entire export pipeline on the server, it eliminates the risk of credential theft through device compromise, network interception, or reverse engineering — risks that could result in unauthorized access to the organization's financial systems, regulatory penalties, or reputational damage. It enables the organization to confidently connect to accounting platforms like Xledger and Dynamics without exposing API keys, directly supporting compliance requirements and reducing the attack surface of the product. For customers, this translates to a seamless, secure export experience that meets enterprise security standards and builds trust in the platform as a reliable financial data gateway.
This is a high-complexity backend component that forms the core of the secure export pipeline. It depends on both the accounting exporter service and the export run repository, meaning those two components must be fully designed and stabilized before this function can be completed and tested end-to-end. Plan for integration testing cycles with the accounting system APIs, which may require sandbox credentials and mocked responses in lower environments. Deployment requires Supabase Edge Function infrastructure to be provisioned and configured per environment (staging, production).
Permission validation logic (coordinator/org admin role checks) must be aligned with the authentication system's JWT claims, so coordinate with the auth team early. Allocate time for audit logging verification and signed URL expiry testing. Overall delivery risk is moderate-to-high due to external API dependencies.
Implemented as a Supabase Edge Function (Deno runtime), this component exposes a single POST endpoint at `/functions/v1/generate-accounting-export`. On invocation, it extracts the JWT from the Authorization header, calls `verifyCallerPermissions()` to assert coordinator or org admin role, then delegates to `invokeExporterService()` which selects the correct accounting system exporter based on org configuration. The result is either a signed download URL (generated via `generateSignedDownloadUrl(filePath, ttl)`) or a push confirmation. Error paths are centralized through `handleExportError()` which normalizes accounting API errors into structured responses.
This function acts as an orchestration layer — it owns no business logic itself but coordinates the exporter service and repository. Dependencies must be imported as Deno-compatible modules. Secrets are injected via Supabase Vault environment bindings, never hardcoded. Logging should capture invocation metadata for the audit trail without recording credential values.
Responsibilities
- Receive authenticated export requests from the mobile client
- Invoke the accounting exporter service with the correct org exporter
- Return a time-limited signed URL for file download or an API push result
- Validate caller permissions (coordinator or org admin role required)
- Log edge function invocation details for audit and debugging
Interfaces
POST /functions/v1/generate-accounting-export
verifyCallerPermissions(jwt): boolean
invokeExporterService(request): ExportResult
generateSignedDownloadUrl(filePath, ttl): string
handleExportError(error): ErrorResponse
Relationships
Dependencies (2)
Components this component depends on
Used Integrations (2)
External integrations and APIs this component relies on