fix: column encryption support for other attributes

[HarshMN2345]

What does this PR do?

(Provide a description of what this PR does.)

Test Plan

(Write your test plan here. If you changed any code, please provide us with clear instructions on how you verified your changes work.)

Related PRs and Issues

(If this PR is related to any other PR or resolves any issue or related to any issue link all related PR and issues here.)

Have you read the Contributing Guidelines on issues?

(Write your answer here.)

Summary by CodeRabbit

• New Features

  • Added an "Encrypted" toggle (new Encrypt control) across text-based column creation (text, varchar, longtext, mediumtext). Defaults to off; shows Pro badge and opens an upgrade prompt when unavailable.
  • Varchar encryption enforces a minimum size (150) and displays a helper message.

• Improvements

  • Safer runtime checks for text-column encryption to prevent errors.

[appwrite]

Console (appwrite/console)

Project ID: 688b7bf400350cbd60e9

Sites (1)

Site	Status	Logs	Preview	QR
console-stage 688b7cf6003b1842c9dc	Ready	View Logs	Preview URL

Tip

Every Git commit and branch gets its own deployment URL automatically

[greptile-apps]

Greptile Summary

Added encryption support for text-based database columns (text, varchar, longtext, mediumtext) with a new reusable EncryptCheckbox component. The implementation includes Pro plan gating with upgrade prompts, enforces a minimum size of 150 for encrypted varchar columns, and uses safer runtime checks (isTextType() with 'encrypt' in column guard) to prevent errors when checking encryption status. Encryption can only be enabled during column creation, not when editing existing columns.

Confidence Score: 5/5

• This PR is safe to merge with minimal risk
• The implementation is well-structured with defensive programming practices. The new EncryptCheckbox component is reusable and handles Pro plan gating correctly. The varchar minimum size enforcement uses reactive statements properly. Runtime checks are safer with explicit property existence checks. All text column types are handled consistently. No breaking changes or risky operations detected.
• No files require special attention

Important Files Changed

Filename	Overview
src/routes/(console)/project-[region]-[project]/databases/database-[database]/table-[table]/columns/encryptCheckbox.svelte	New reusable component for encryption checkbox with Pro badge, upgrade prompt, and disabled state for editing
src/routes/(console)/project-[region]-[project]/databases/database-[database]/table-[table]/columns/varchar.svelte	Added encryption support with reactive minimum size enforcement (150) and helper text for encrypted columns
src/routes/(console)/project-[region]-[project]/databases/database-[database]/table-[table]/columns/+page.svelte	Improved runtime check using isTextType() with 'encrypt' in column guard to prevent errors
src/routes/(console)/project-[region]-[project]/databases/database-[database]/table-[table]/spreadsheet.svelte	Improved runtime check using isTextType() with 'encrypt' in column guard to prevent errors

_{Last reviewed commit: 1649d9b}

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1b1f744 and 1649d9b.

📒 Files selected for processing (1)

• src/routes/(console)/project-[region]-[project]/databases/database-[database]/table-[table]/columns/encryptCheckbox.svelte

🚧 Files skipped from review as they are similar to previous changes (1)

• src/routes/(console)/project-[region]-[project]/databases/database-[database]/table-[table]/columns/encryptCheckbox.svelte

---

Walkthrough

Adds encryption support for text-based columns by introducing a new EncryptCheckbox Svelte component and wiring an encrypt: boolean into create flows for varchar, text, mediumtext, and longtext (default false). Varchar enforces a minimum size when encrypted. createColumn and each column form include encrypt in payloads and UI. Runtime type-checks were changed from isString to a new isTextType predicate; imports/exports (including spreadsheet/store) were updated accordingly.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'fix: column encryption support for other attributes' accurately and specifically describes the main change—adding encryption support to additional column types (text, varchar, longtext, mediumtext).
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix-column-encryption-for-other-attributes

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In
`@src/routes/`(console)/project-[region]-[project]/databases/database-[database]/table-[table]/columns/encryptCheckbox.svelte:
- Around line 47-65: The nested Tag's click handler causes event bubbling to
also trigger the parent button's on:click (double toggle); remove the Tag's
on:click={toggle} and let the parent button's on:click handler (which calls
toggle(e) when !supportsEncryption) manage opening/closing the popover, keeping
the Tag as a passive child; ensure you only update the Tag element (no changes
to the button's on:click, supportsEncryption logic, or encrypt variable).
- Around line 29-30: Replace the incorrect fallback for organizationId so it
uses the project's teamId (page.data?.project?.teamId) instead of
page.data?.project?.$id, and make supportsEncryption reactive by deriving it
from the isCloud flag and the currentPlan store (use Svelte's derived store)
rather than a const so it updates when $currentPlan loads; update references to
the symbols organizationId and supportsEncryption and import/use derived from
'svelte/store' to compute supportsEncryption from isCloud and currentPlan.

In
`@src/routes/`(console)/project-[region]-[project]/databases/database-[database]/table-[table]/spreadsheet.svelte:
- Line 19: Remove the irregular extra whitespace in the import list so Prettier
can pass: locate the import that includes isSpatialType and isTextType (the
symbols isSpatialType, isTextType) and make the comma-separated spacing
consistent (e.g., "isSpatialType, isTextType") so there is exactly one space
after the comma.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 301caeb and 0e6a0a1.

📒 Files selected for processing (8)

• src/routes/(console)/project-[region]-[project]/databases/database-[database]/table-[table]/columns/+page.svelte
• src/routes/(console)/project-[region]-[project]/databases/database-[database]/table-[table]/columns/encryptCheckbox.svelte
• src/routes/(console)/project-[region]-[project]/databases/database-[database]/table-[table]/columns/longtext.svelte
• src/routes/(console)/project-[region]-[project]/databases/database-[database]/table-[table]/columns/mediumtext.svelte
• src/routes/(console)/project-[region]-[project]/databases/database-[database]/table-[table]/columns/text.svelte
• src/routes/(console)/project-[region]-[project]/databases/database-[database]/table-[table]/columns/varchar.svelte
• src/routes/(console)/project-[region]-[project]/databases/database-[database]/table-[table]/createColumn.svelte
• src/routes/(console)/project-[region]-[project]/databases/database-[database]/table-[table]/spreadsheet.svelte

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

# First, let's examine the file mentioned in the review
fd encryptCheckbox.svelte --type f

Repository: appwrite/console

Length of output: 182

---

🏁 Script executed:

# Search for getChangePlanUrl usage to understand what ID it expects
rg "getChangePlanUrl" --type=svelte -B 3 -A 3

Repository: appwrite/console

Length of output: 90

---

🏁 Script executed:

# Search for project.teamId usage pattern in the codebase
rg "project\?\.teamId" --type=svelte -B 2 -A 2

Repository: appwrite/console

Length of output: 90

---

🏁 Script executed:

# Search for how organizationId is typically derived from page.data
rg "page\.data\?\.project\?" --type=svelte -B 1 -A 1 | head -50

Repository: appwrite/console

Length of output: 90

---

🏁 Script executed:

# Search for getChangePlanUrl without file type restriction
rg "getChangePlanUrl" -B 3 -A 3

Repository: appwrite/console

Length of output: 50372

---

🏁 Script executed:

# Search for project.teamId pattern
rg "project\.teamId" -B 2 -A 2

Repository: appwrite/console

Length of output: 20752

---

🏁 Script executed:

# Read the encryptCheckbox.svelte file
cat -n "src/routes/(console)/project-[region]-[project]/databases/database-[database]/table-[table]/columns/encryptCheckbox.svelte"

Repository: appwrite/console

Length of output: 4540

---

🏁 Script executed:

# Search for organizationId patterns in similar context
rg "organizationId.*project.*\$id" -B 1 -A 1

Repository: appwrite/console

Length of output: 42

---

Fix organizationId fallback and make encryption support reactive.

Line 29 uses page.data?.project?.$id as the fallback for organizationId, but $id is the project ID. It should be page.data?.project?.teamId to get the organization ID, matching the pattern used elsewhere in the codebase.

Line 30's supportsEncryption is a const that reads $currentPlan, which may load asynchronously. It won't update after initialization. Use $derived to make it reactive.

Proposed fix

-    const organizationId = page.data?.organization?.$id ?? page.data?.project?.$id;
-    const supportsEncryption = isCloud ? $currentPlan?.databasesAllowEncrypt : true;
+    const organizationId = page.data?.organization?.$id ?? page.data?.project?.teamId;
+    const supportsEncryption = $derived(isCloud ? $currentPlan?.databasesAllowEncrypt : true);

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	const organizationId = page.data?.organization?.$id ?? page.data?.project?.$id;
	const supportsEncryption = isCloud ? $currentPlan?.databasesAllowEncrypt : true;
	const organizationId = page.data?.organization?.$id ?? page.data?.project?.teamId;
	const supportsEncryption = $derived(isCloud ? $currentPlan?.databasesAllowEncrypt : true);

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@src/routes/`(console)/project-[region]-[project]/databases/database-[database]/table-[table]/columns/encryptCheckbox.svelte
around lines 29 - 30, Replace the incorrect fallback for organizationId so it
uses the project's teamId (page.data?.project?.teamId) instead of
page.data?.project?.$id, and make supportsEncryption reactive by deriving it
from the isCloud flag and the currentPlan store (use Svelte's derived store)
rather than a const so it updates when $currentPlan loads; update references to
the symbols organizationId and supportsEncryption and import/use derived from
'svelte/store' to compute supportsEncryption from isCloud and currentPlan.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In
`@src/routes/`(console)/project-[region]-[project]/databases/database-[database]/table-[table]/columns/encryptCheckbox.svelte:
- Around line 50-51: The label's class binding allows cursor-pointer when
disabled is true (class:cursor-pointer={!editing}) which conflicts with the
disabled state; update the conditional so cursor-pointer only applies when not
editing AND not disabled (e.g., change the class binding on the element that
currently has class:cursor-pointer={!editing} to class:cursor-pointer={!editing
&& !disabled}) and keep class:cursor-not-allowed={editing || disabled} as-is so
the disabled state always wins visually; reference the class bindings using the
editing and disabled variables on the label/button.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c3968ad and 1b1f744.

📒 Files selected for processing (1)

• src/routes/(console)/project-[region]-[project]/databases/database-[database]/table-[table]/columns/encryptCheckbox.svelte